Merge remote-tracking branch 'origin/main' into michaelrfairhurst/final-misra-c-rule-amendments

Author: MichaelRFairhurst

.github/workflows/upgrade_codeql_dependencies.yml

@@ -53,7 +53,7 @@ jobs:
           find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
         with:
           title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}"
           body: |

amendments.csv

@@ -11,39 +11,39 @@ c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,Yes,Import
 c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,Yes,Import
 c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,Yes,Easy
-c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy
-c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy
-c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard
+c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,Yes,Easy
+c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,Yes,Easy
+c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,Yes,Very Hard
 c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,Yes,Medium
 c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy
 c,MISRA-C-2012,Amendment4,RULE-2-2,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-2-7,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Amendment4,RULE-3-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-3-1,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Amendment4,RULE-8-6,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-8-9,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-9-4,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-10-1,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-18-3,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,No,Easy
-c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,Yes,Import
 c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,Yes,Import
-c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy
-c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Yes,Import
+c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,Yes,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Yes,Import

c/cert/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards
-version: 2.42.0-dev
+version: 2.44.0-dev
 description: CERT C 2016
 suites: codeql-suites
 license: MIT

c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql

@@ -13,7 +13,7 @@
 
 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.Pointers
+import codingstandards.cpp.types.Pointers
 import semmle.code.cpp.dataflow.TaintTracking
 import ScaledIntegerPointerArithmeticFlow::PathGraph
 

c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql

@@ -16,7 +16,7 @@
 
 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.Compatible
+import codingstandards.cpp.types.Compatible
 import ExternalIdentifiers
 
 from ExternalIdentifiers d, FunctionDeclarationEntry f1, FunctionDeclarationEntry f2
@@ -29,12 +29,10 @@ where
   f1.getName() = f2.getName() and
   (
     //return type check
-    not typesCompatible(f1.getType(), f2.getType())
+    not FunctionDeclarationTypeEquivalence<TypesCompatibleConfig>::equalReturnTypes(f1, f2)
     or
     //parameter type check
-    parameterTypesIncompatible(f1, f2)
-    or
-    not f1.getNumberOfParameters() = f2.getNumberOfParameters()
+    not FunctionDeclarationTypeEquivalence<TypesCompatibleConfig>::equalParameterTypes(f1, f2)
   ) and
   // Apply ordering on start line, trying to avoid the optimiser applying this join too early
   // in the pipeline

c/cert/test/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards-tests
-version: 2.42.0-dev
+version: 2.44.0-dev
 extractor: cpp
 license: MIT
 dependencies:

c/common/src/codingstandards/c/Generic.qll

@@ -0,0 +1,150 @@
+import cpp
+import codingstandards.cpp.Macro
+import codingstandards.cpp.MatchingParenthesis
+
+string genericRegexp() { result = "\\b_Generic\\s*\\(\\s*(.+),.*" }
+
+bindingset[input]
+string deparenthesize(string input) {
+  input = "(" + result + ")" and
+  result = input.substring(1, input.length() - 1)
+}
+
+class GenericMacro extends Macro {
+  string ctrlExpr;
+
+  GenericMacro() { ctrlExpr = getBody().regexpCapture(genericRegexp(), 1).trim() }
+
+  string getAParameter() { result = this.(FunctionLikeMacro).getAParameter() }
+
+  string getControllingExprString() {
+    if exists(string s | s = deparenthesize(ctrlExpr))
+    then result = deparenthesize(ctrlExpr).trim()
+    else result = ctrlExpr
+  }
+
+  /**
+   * Whether the controlling expression of the `_Generic` expr in this macro's controlling
+   * expression refers to one of this macro's parameters.
+   */
+  predicate hasControllingExprFromMacroParameter() {
+    getControllingExprString().matches(getAParameter())
+  }
+}
+
+class GenericMacroString extends string {
+  GenericMacroString() { this = any(Macro m).getBody() and this.matches("%_Generic%") }
+}
+
+import MatchingParenthesis<GenericMacroString>
+
+class ParsedGenericMacro extends Macro {
+  ParsedRoot macroBody;
+  Parsed genericBody;
+  string beforeGenericBody;
+  string afterGenericBody;
+
+  ParsedGenericMacro() {
+    macroBody.getInputString() = this.getBody() and
+    exists(ParsedText genericText |
+      genericText.getText().matches("%_Generic%") and
+      genericBody = genericText.getParent().getChild(genericText.getChildIdx() + 1) and
+      genericBody.getRoot() = macroBody
+    ) and
+    beforeGenericBody =
+      textFrom(macroBody.getStartToken(), genericBody.getStartToken().getPrevious()) and
+    (
+      if exists(genericBody.getEndToken().getNext())
+      then afterGenericBody = textFrom(genericBody.getEndToken().getNext(), macroBody.getEndToken())
+      else afterGenericBody = ""
+    )
+  }
+
+  string getAParameter() { result = this.(FunctionLikeMacro).getAParameter() }
+
+  int getAParsedGenericCommaSeparatorOffset() {
+    exists(ParsedText text |
+      text.getParent() = genericBody and
+      result = text.getStartToken().getStartPos() + text.getText().indexOf(",")
+    )
+  }
+
+  int getAParsedGenericColonSeparatorOffset() {
+    exists(ParsedText text |
+      text.getParent() = genericBody and
+      result = text.getStartToken().getStartPos() + text.getText().indexOf(":")
+    )
+  }
+
+  int getParsedGenericCommaSeparatorOffset(int i) {
+    result = rank[i](int index | index = getAParsedGenericCommaSeparatorOffset())
+  }
+
+  bindingset[start, end]
+  int getParsedGenericColon(int start, int end) {
+    result =
+      min(int offset |
+        offset = getAParsedGenericColonSeparatorOffset() and
+        offset >= start and
+        offset <= end
+      )
+  }
+
+  predicate hasParsedFullSelectionRange(int idx, int start, int end) {
+    idx = 1 and
+    start = genericBody.getStartToken().getEndPos() and
+    end = getParsedGenericCommaSeparatorOffset(idx)
+    or
+    not exists(getParsedGenericCommaSeparatorOffset(idx)) and
+    start = getParsedGenericCommaSeparatorOffset(idx - 1) and
+    end = genericBody.getEndToken().getStartPos()
+    or
+    start = getParsedGenericCommaSeparatorOffset(idx - 1) and
+    end = getParsedGenericCommaSeparatorOffset(idx)
+  }
+
+  string getSelectionString(int idx) {
+    exists(int start, int rawStart, int end |
+      hasParsedFullSelectionRange(idx, rawStart, end) and
+      (
+        if exists(getParsedGenericColon(rawStart, end))
+        then start = getParsedGenericColon(rawStart, end)
+        else start = rawStart
+      ) and
+      result = genericBody.getInputString().substring(start, end)
+    )
+  }
+
+  string getControllingExprString() { result = getSelectionString(1).trim() }
+
+  bindingset[str, word]
+  private int countWordInString(string word, string str) {
+    result =
+      max(int occurrence |
+        exists(str.regexpFind("\\b" + word + "\\b", occurrence, _)) or occurrence = -1
+      |
+        occurrence + 1
+      )
+  }
+
+  int expansionsOutsideExpr(string parameter) {
+    parameter = getAParameter() and
+    result =
+      countWordInString(parameter, beforeGenericBody) +
+        countWordInString(parameter, afterGenericBody)
+  }
+
+  int expansionsInsideSelection(string parameter, int idx) {
+    parameter = getAParameter() and
+    result = countWordInString(parameter, getSelectionString(idx))
+  }
+
+  int expansionsInsideControllingExpr(string parameter) {
+    result = expansionsInsideSelection(parameter, 1)
+  }
+
+  int expansionsInsideAssociation(string parameter, int idx) {
+    not idx = 0 and
+    result = expansionsInsideSelection(parameter, idx + 1)
+  }
+}

c/common/src/codingstandards/c/OutOfBounds.qll

@@ -5,7 +5,7 @@
  */
 
 import cpp
-import codingstandards.cpp.Pointers
+import codingstandards.cpp.types.Pointers
 import codingstandards.c.Variable
 import codingstandards.cpp.Allocations
 import codingstandards.cpp.Overflow

c/common/src/codingstandards/c/UndefinedBehavior.qll

@@ -1,5 +1,5 @@
 import cpp
-import codingstandards.cpp.Pointers
+import codingstandards.cpp.types.Pointers
 import codingstandards.cpp.UndefinedBehavior
 
 /**

c/common/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards
-version: 2.42.0-dev
+version: 2.44.0-dev
 license: MIT
 dependencies:
   codeql/common-cpp-coding-standards: '*'

c/common/test/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards-tests
-version: 2.42.0-dev
+version: 2.44.0-dev
 extractor: cpp
 license: MIT
 dependencies:

c/common/test/rules/donotusepointerarithmetictoaddressdifferentarrays/DoNotUsePointerArithmeticToAddressDifferentArrays.expected

@@ -1,5 +1,5 @@
-| test.c:4:13:4:18 | ... + ... | Array pointer p2 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:5:13:5:18 | ... + ... | Array pointer p3 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:6:13:6:18 | & ... | Array pointer p4 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:11:8:11:11 | ... -- | Array pointer p7 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
-| test.c:12:8:12:9 | p3 | Array pointer p8 points 1 element passed the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:4:13:4:18 | ... + ... | Array pointer p2 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:5:13:5:18 | ... + ... | Array pointer p3 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:6:13:6:18 | & ... | Array pointer p4 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:11:8:11:11 | ... -- | Array pointer p7 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |
+| test.c:12:8:12:9 | p3 | Array pointer p8 points 1 element past the end of $@. | test.c:2:7:2:8 | l1 | l1 |

c/common/test/rules/readofuninitializedmemory/test.c

@@ -94,4 +94,6 @@ void test_non_default_init() {
   static struct A ss;
   use_struct_A(
       ss); // COMPLIANT - static struct type variables are zero initialized
+  _Atomic int x;
+  use_int(x); // COMPLIANT - atomics are special, covered by other rules
 }