From 2644ca41e09f2227330dadc0862892b88a636ac5 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:06:40 -0400 Subject: [PATCH 01/14] M0-2-1: make into split and shared query moved some libraries to allow for use in shared query --- ...otAddOrSubtractAScaledIntegerToAPointer.ql | 2 +- ...sAliasedPointerToRestrictQualifiedParam.ql | 178 +--------------- ...iasedPointerToRestrictQualifiedParam.qlref | 1 - ...sedPointerToRestrictQualifiedParam.testref | 1 + .../src/codingstandards/c/OutOfBounds.qll | 2 +- c/common/src/codingstandards/c/Variable.qll | 14 -- ...rToRestrictQualifiedParam_Shared.expected} | 0 ...dPointerToRestrictQualifiedParam_Shared.ql | 6 + .../test.c | 0 ...rsionBetweenFunctionPointerAndOtherType.ql | 2 +- ...etweenIncompleteTypePointerAndOtherType.ql | 2 +- ...weenObjectPointerAndDifferentObjectType.ql | 2 +- ...ionBetweenPointerToObjectAndIntegerType.ql | 2 +- ...ionFromPointerToVoidIntoPointerToObject.ql | 2 +- ...stBetweenPointerToVoidAndArithmeticType.ql | 2 +- ...nPointerToObjectAndNonIntArithmeticType.ql | 2 +- ...NullNotUsedAsIntegerNullPointerConstant.ql | 2 +- ...veMemcmpArgNotPointersToCompatibleTypes.ql | 2 +- ...interShouldPointToConstTypeWhenPossible.ql | 2 +- ...sAliasedPointerToRestrictQualifiedParam.ql | 24 +++ ...sedPointerToRestrictQualifiedParam.testref | 1 + cpp/autosar/test/rules/M0-2-1/test.cpp | 2 +- .../src/codingstandards/cpp}/Pointers.qll | 0 .../src/codingstandards/cpp/Variable.qll | 14 ++ .../cpp/exclusions/cpp/Representation.qll | 17 ++ ...PointerToRestrictQualifiedParam_Shared.qll | 193 ++++++++++++++++++ ...erToRestrictQualifiedParam_Shared.expected | 2 + ...dPointerToRestrictQualifiedParam_Shared.ql | 6 + .../test.cpp | 10 + rule_packages/c/Pointers3.json | 1 + rule_packages/cpp/Representation.json | 12 ++ 31 files changed, 306 insertions(+), 200 deletions(-) delete mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref create mode 100644 c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref rename c/{cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected => common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected} (100%) create mode 100644 c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql rename c/{cert/test/rules/EXP43-C => common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared}/test.c (100%) create mode 100644 cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql create mode 100644 cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref rename {c/common/src/codingstandards/c => cpp/common/src/codingstandards/cpp}/Pointers.qll (100%) create mode 100644 cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll create mode 100644 cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected create mode 100644 cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql create mode 100644 cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp diff --git a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql index c641c17124..ff1517c5b1 100644 --- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql +++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.cert -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.dataflow.TaintTracking import ScaledIntegerPointerArithmeticFlow::PathGraph diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index a4cc4e8944..393967c66e 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -12,177 +12,11 @@ import cpp import codingstandards.c.cert -import codingstandards.c.Pointers -import codingstandards.c.Variable -import codingstandards.cpp.dataflow.DataFlow -import semmle.code.cpp.pointsto.PointsTo -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared -/** - * A function that has a parameter with a restrict-qualified pointer type. - */ -class FunctionWithRestrictParameters extends Function { - Parameter restrictPtrParam; - - FunctionWithRestrictParameters() { - restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and - ( - restrictPtrParam.getType().hasSpecifier(["restrict"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and - restrictPtrParam = this.getParameter([0, 1]) - or - this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and - restrictPtrParam = this.getParameter([0, 2]) - or - this.hasGlobalName(["strtok_s"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and - restrictPtrParam = this.getParameter(0) - or - this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and - restrictPtrParam = this.getParameter(3) - ) - } - - Parameter getARestrictPtrParam() { result = restrictPtrParam } -} - -/** - * A call to a function that has a parameter with a restrict-qualified pointer type. - */ -class CallToFunctionWithRestrictParameters extends FunctionCall { - CallToFunctionWithRestrictParameters() { - this.getTarget() instanceof FunctionWithRestrictParameters +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +{ + DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { + this = Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery() } - - Expr getARestrictPtrArg() { - result = - this.getArgument(this.getTarget() - .(FunctionWithRestrictParameters) - .getARestrictPtrParam() - .getIndex()) - } - - Expr getAPtrArg(int index) { - result = this.getArgument(index) and - pointerValue(result) - } - - Expr getAPossibleSizeArg() { - exists(Parameter param | - param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and - param.getUnderlyingType() instanceof IntegralType and - // exclude __builtin_object_size - not result.(FunctionCall).getTarget() instanceof BuiltInFunction and - result = this.getArgument(param.getIndex()) - ) - } -} - -/** - * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` - */ -class CallToFunctionWithRestrictParametersArgExpr extends Expr { - int paramIndex; - - CallToFunctionWithRestrictParametersArgExpr() { - this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) - } - - int getParamIndex() { result = paramIndex } -} - -int getStatedValue(Expr e) { - // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful - // result in this case we pick the minimum value obtainable from dataflow and range analysis. - result = - upperBound(e) - .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) -} - -int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { - result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) - or - // edge-case: &(array[index]) expressions - result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) - or - // fall-back if `expr` is not a pointer arithmetic expression - not expr instanceof PointerArithmeticExpr and - not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and - result = 0 -} - -module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } - - predicate isSink(DataFlow::Node sink) { - exists(CallToFunctionWithRestrictParameters call | - sink.asExpr() = call.getAPtrArg(_).getAChild*() - ) - } - - predicate isBarrierIn(DataFlow::Node node) { - exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) - } -} - -module PointerValueToRestrictArgFlow = DataFlow::Global; - -from - CallToFunctionWithRestrictParameters call, CallToFunctionWithRestrictParametersArgExpr arg1, - CallToFunctionWithRestrictParametersArgExpr arg2, int argOffset1, int argOffset2, Expr source1, - Expr source2, string sourceMessage1, string sourceMessage2 -where - not isExcluded(call, Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery()) and - arg1 = call.getARestrictPtrArg() and - arg2 = call.getAPtrArg(_) and - // enforce ordering to remove permutations if multiple restrict-qualified args exist - (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and - ( - // check if two pointers address the same object - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg1.getAChild*())) and - ( - // one pointer value flows to both args - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "$@" and - sourceMessage2 = "source" and - source1 = source2 - or - // there are two separate values that flow from an AddressOfExpr of the same target - getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "a pair of address-of expressions ($@, $@)" and - sourceMessage2 = "addressof1" and - not source1 = source2 - ) - ) and - // get the offset of the pointer arithmetic operand (or '0' if there is none) - argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and - argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and - ( - // case 1: the pointer args are the same. - // (definite aliasing) - argOffset1 = argOffset2 - or - // case 2: the pointer args are different, a size arg exists, - // and the size arg is greater than the difference between the offsets. - // (potential aliasing) - exists(Expr sizeArg | - sizeArg = call.getAPossibleSizeArg() and - getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() - ) - or - // case 3: the pointer args are different, and a size arg does not exist - // (potential aliasing) - not exists(call.getAPossibleSizeArg()) - ) -select call, - "Call to '" + call.getTarget().getName() + "' passes an $@ to a $@ (pointer value derived from " + - sourceMessage1 + ".", arg2, "aliased pointer", arg1, "restrict-qualified parameter", source1, - sourceMessage2, source2, "addressof2" +} \ No newline at end of file diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref deleted file mode 100644 index 6121235f17..0000000000 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql \ No newline at end of file diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref new file mode 100644 index 0000000000..66f173804a --- /dev/null +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref @@ -0,0 +1 @@ +c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file diff --git a/c/common/src/codingstandards/c/OutOfBounds.qll b/c/common/src/codingstandards/c/OutOfBounds.qll index 87c7c17870..21255827dd 100644 --- a/c/common/src/codingstandards/c/OutOfBounds.qll +++ b/c/common/src/codingstandards/c/OutOfBounds.qll @@ -5,7 +5,7 @@ */ import cpp -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.c.Variable import codingstandards.cpp.Allocations import codingstandards.cpp.Overflow diff --git a/c/common/src/codingstandards/c/Variable.qll b/c/common/src/codingstandards/c/Variable.qll index adf2f08ad9..09d86e0e25 100644 --- a/c/common/src/codingstandards/c/Variable.qll +++ b/c/common/src/codingstandards/c/Variable.qll @@ -39,20 +39,6 @@ class FlexibleArrayMemberCandidate extends MemberVariable { } } -/** - * Returns the target variable of a `VariableAccess`. - * If the access is a field access, then the target is the `Variable` of the qualifier. - * If the access is an array access, then the target is the array base. - */ -Variable getAddressOfExprTargetBase(AddressOfExpr expr) { - result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() - or - not expr.getOperand() instanceof ValueFieldAccess and - result = expr.getOperand().(VariableAccess).getTarget() - or - result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() -} - /** * A struct that contains a flexible array member */ diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected similarity index 100% rename from c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.expected rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql new file mode 100644 index 0000000000..ebdb62c802 --- /dev/null +++ b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared + +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, + TestQuery +{ } diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c similarity index 100% rename from c/cert/test/rules/EXP43-C/test.c rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c diff --git a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql index bfac04da6f..acb5480e4f 100644 --- a/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-1/ConversionBetweenFunctionPointerAndOtherType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type type, Type newType where diff --git a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql index 007b43963b..43ee303415 100644 --- a/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql +++ b/c/misra/src/rules/RULE-11-2/ConversionBetweenIncompleteTypePointerAndOtherType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.Type from Cast cast, Type type, Type newType diff --git a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql index ede0a2834e..59674e11ac 100644 --- a/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql +++ b/c/misra/src/rules/RULE-11-3/CastBetweenObjectPointerAndDifferentObjectType.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type baseTypeFrom, Type baseTypeTo where diff --git a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql index 263545dc1f..fa4da7e358 100644 --- a/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql +++ b/c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type typeFrom, Type typeTo where diff --git a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql index 3450f1ae90..69419e13cd 100644 --- a/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql +++ b/c/misra/src/rules/RULE-11-5/ConversionFromPointerToVoidIntoPointerToObject.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from Cast cast, VoidPointerType type, PointerToObjectType newType where diff --git a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql index b36d8dafb1..987d8a32bb 100644 --- a/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers from CStyleCast cast, Type typeFrom, Type typeTo where diff --git a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql index 30b643963c..f898998d32 100644 --- a/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql +++ b/c/misra/src/rules/RULE-11-7/CastBetweenPointerToObjectAndNonIntArithmeticType.ql @@ -13,7 +13,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers class MisraNonIntegerArithmeticType extends Type { MisraNonIntegerArithmeticType() { diff --git a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql index 81ea8b1dfd..b002ceb4c2 100644 --- a/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql +++ b/c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.Type from Zero zero, Expr e, string type diff --git a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql index 2c585d8f10..956fc5383e 100644 --- a/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql +++ b/c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql @@ -12,7 +12,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers class MemCmpMoveCpy extends Function { // Couldn't extend BuiltInFunction because it misses `memcmp` diff --git a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql index 5e63e74e2c..48bd9967b2 100644 --- a/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql +++ b/c/misra/src/rules/RULE-8-13/PointerShouldPointToConstTypeWhenPossible.ql @@ -15,7 +15,7 @@ import cpp import codingstandards.c.misra -import codingstandards.c.Pointers +import codingstandards.cpp.Pointers import codingstandards.cpp.SideEffect from Variable ptr, PointerOrArrayType type diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql new file mode 100644 index 0000000000..f337b2ecc1 --- /dev/null +++ b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -0,0 +1,24 @@ +/** + * @id cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param + * @name M0-2-1: Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap + * @description Passing an aliased pointer to a conceptually restrict-qualified parameter is + * undefined behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/autosar/id/m0-2-1 + * correctness + * external/autosar/allocated-target/implementation + * external/autosar/enforcement/automated + * external/autosar/obligation/required + */ + +import cpp +import codingstandards.cpp.autosar +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared + +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery { + DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { + this = RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() + } +} diff --git a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref new file mode 100644 index 0000000000..31ba6a98ba --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-2-1/test.cpp b/cpp/autosar/test/rules/M0-2-1/test.cpp index e5848e2752..3329f12824 100644 --- a/cpp/autosar/test/rules/M0-2-1/test.cpp +++ b/cpp/autosar/test/rules/M0-2-1/test.cpp @@ -51,4 +51,4 @@ void internal_shift() { void separate_access() { UnionSecret_t hash1, hash2; hash2.diff.suffix = hash1.fnv.suffix; // COMPLIANT, different union. -} \ No newline at end of file +} diff --git a/c/common/src/codingstandards/c/Pointers.qll b/cpp/common/src/codingstandards/cpp/Pointers.qll similarity index 100% rename from c/common/src/codingstandards/c/Pointers.qll rename to cpp/common/src/codingstandards/cpp/Pointers.qll diff --git a/cpp/common/src/codingstandards/cpp/Variable.qll b/cpp/common/src/codingstandards/cpp/Variable.qll index dba7af480a..9cf265ca93 100644 --- a/cpp/common/src/codingstandards/cpp/Variable.qll +++ b/cpp/common/src/codingstandards/cpp/Variable.qll @@ -5,3 +5,17 @@ import semmle.code.cpp.PODType03 class ScalarVariable extends Variable { ScalarVariable() { isScalarType03(this.getType()) } } + +/** + * Returns the target variable of a `VariableAccess`. + * If the access is a field access, then the target is the `Variable` of the qualifier. + * If the access is an array access, then the target is the array base. + */ +Variable getAddressOfExprTargetBase(AddressOfExpr expr) { + result = expr.getOperand().(ValueFieldAccess).getQualifier().(VariableAccess).getTarget() + or + not expr.getOperand() instanceof ValueFieldAccess and + result = expr.getOperand().(VariableAccess).getTarget() + or + result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll index a423cfd4ff..ac41c1049a 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll @@ -7,6 +7,7 @@ newtype RepresentationQuery = TBitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocolsQuery() or TAuditPossibleHardwareInterfaceDueToBitFieldUsageInDataTypeDefinitionQuery() or TObjectAssignedToAnOverlappingObjectQuery() or + TDoNotPassAliasedPointerToRestrictQualifiedParamQuery() or TUnderlyingBitRepresentationsOfFloatingPointValuesUsedQuery() or TNamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBitQuery() or TMemsetUsedToAccessObjectRepresentationQuery() or @@ -41,6 +42,15 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule ruleId = "M0-2-1" and category = "required" or + query = + // `Query` instance for the `doNotPassAliasedPointerToRestrictQualifiedParam` query + RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() and + queryId = + // `@id` for the `doNotPassAliasedPointerToRestrictQualifiedParam` query + "cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param" and + ruleId = "M0-2-1" and + category = "required" + or query = // `Query` instance for the `underlyingBitRepresentationsOfFloatingPointValuesUsed` query RepresentationPackage::underlyingBitRepresentationsOfFloatingPointValuesUsedQuery() and @@ -109,6 +119,13 @@ module RepresentationPackage { TQueryCPP(TRepresentationPackageQuery(TObjectAssignedToAnOverlappingObjectQuery())) } + Query doNotPassAliasedPointerToRestrictQualifiedParamQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotPassAliasedPointerToRestrictQualifiedParam` query + TQueryCPP(TRepresentationPackageQuery(TDoNotPassAliasedPointerToRestrictQualifiedParamQuery())) + } + Query underlyingBitRepresentationsOfFloatingPointValuesUsedQuery() { //autogenerate `Query` type result = diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll new file mode 100644 index 0000000000..b733f31feb --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll @@ -0,0 +1,193 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions +import codingstandards.cpp.Pointers +import codingstandards.cpp.Variable +import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.pointsto.PointsTo +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis + +/** + * A function that has a parameter with a restrict-qualified pointer type. + */ +class FunctionWithRestrictParameters extends Function { + Parameter restrictPtrParam; + + FunctionWithRestrictParameters() { + restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and + ( + restrictPtrParam.getType().hasSpecifier(["restrict"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and + restrictPtrParam = this.getParameter([0, 1]) + or + this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and + restrictPtrParam = this.getParameter([0, 2]) + or + this.hasGlobalName(["strtok_s"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and + restrictPtrParam = this.getParameter(0) + or + this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and + restrictPtrParam = this.getParameter(3) + ) + } + + Parameter getARestrictPtrParam() { result = restrictPtrParam } +} + +/** + * A call to a function that has a parameter with a restrict-qualified pointer type. + */ +class CallToFunctionWithRestrictParameters extends FunctionCall { + CallToFunctionWithRestrictParameters() { + this.getTarget() instanceof FunctionWithRestrictParameters + } + + Expr getARestrictPtrArg() { + result = + this.getArgument(this.getTarget() + .(FunctionWithRestrictParameters) + .getARestrictPtrParam() + .getIndex()) + } + + Expr getAPtrArg(int index) { + result = this.getArgument(index) and + pointerValue(result) + } + + Expr getAPossibleSizeArg() { + exists(Parameter param | + param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and + param.getUnderlyingType() instanceof IntegralType and + // exclude __builtin_object_size + not result.(FunctionCall).getTarget() instanceof BuiltInFunction and + result = this.getArgument(param.getIndex()) + ) + } +} + +/** + * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` + */ +class CallToFunctionWithRestrictParametersArgExpr extends Expr { + int paramIndex; + + CallToFunctionWithRestrictParametersArgExpr() { + this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) + } + + int getParamIndex() { result = paramIndex } +} + +int getStatedValue(Expr e) { + // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful + // result in this case we pick the minimum value obtainable from dataflow and range analysis. + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) +} + +int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // edge-case: &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + // fall-back if `expr` is not a pointer arithmetic expression + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + result = 0 +} + +module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } + + predicate isSink(DataFlow::Node sink) { + exists(CallToFunctionWithRestrictParameters call | + sink.asExpr() = call.getAPtrArg(_).getAChild*() + ) + } + + predicate isBarrierIn(DataFlow::Node node) { + exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) + } +} + +module PointerValueToRestrictArgFlow = DataFlow::Global; + +abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } + +Query getQuery() { + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +} + +query predicate problems( + CallToFunctionWithRestrictParameters call, string message, + CallToFunctionWithRestrictParametersArgExpr arg2, string arg2message, + CallToFunctionWithRestrictParametersArgExpr arg1, string arg1message, Expr source1, + string sourceMessage2, Expr source2, string lastMessage2 +) { + not isExcluded(call, getQuery()) and + exists(int argOffset1, int argOffset2, string sourceMessage1 | + arg1 = call.getARestrictPtrArg() and + arg2 = call.getAPtrArg(_) and + // enforce ordering to remove permutations if multiple restrict-qualified args exist + (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and + ( + // check if two pointers address the same object + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg1.getAChild*())) and + ( + // one pointer value flows to both args + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "$@" and + sourceMessage2 = "source" and + source1 = source2 + or + // there are two separate values that flow from an AddressOfExpr of the same target + getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "a pair of address-of expressions ($@, $@)" and + sourceMessage2 = "addressof1" and + not source1 = source2 + ) + ) and + // get the offset of the pointer arithmetic operand (or '0' if there is none) + argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and + argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and + ( + // case 1: the pointer args are the same. + // (definite aliasing) + argOffset1 = argOffset2 + or + // case 2: the pointer args are different, a size arg exists, + // and the size arg is greater than the difference between the offsets. + // (potential aliasing) + exists(Expr sizeArg | + sizeArg = call.getAPossibleSizeArg() and + getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() + ) + or + // case 3: the pointer args are different, and a size arg does not exist + // (potential aliasing) + not exists(call.getAPossibleSizeArg()) + ) and + lastMessage2 = "addressof2" and + arg2message = "aliased pointer" and + arg1message = "restrict-qualified parameter" and + message = + "Call to '" + call.getTarget().getName() + + "' passes an $@ to a $@ (pointer value derived from " + sourceMessage1 + "." + ) +} diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected new file mode 100644 index 0000000000..f94246bc63 --- /dev/null +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected @@ -0,0 +1,2 @@ +| test.cpp:6:3:6:13 | call to memcpy | Call to 'memcpy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.cpp:6:22:6:26 | & ... | aliased pointer | test.cpp:6:15:6:19 | & ... | restrict-qualified parameter | test.cpp:6:15:6:19 | & ... | addressof1 | test.cpp:6:22:6:26 | & ... | addressof2 | +| test.cpp:8:3:8:13 | call to memcpy | Call to 'memcpy' passes an $@ to a $@ (pointer value derived from a pair of address-of expressions ($@, $@). | test.cpp:8:22:8:26 | & ... | aliased pointer | test.cpp:8:15:8:19 | & ... | restrict-qualified parameter | test.cpp:8:15:8:19 | & ... | addressof1 | test.cpp:8:22:8:26 | & ... | addressof2 | diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql new file mode 100644 index 0000000000..ebdb62c802 --- /dev/null +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql @@ -0,0 +1,6 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared + +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, + TestQuery +{ } diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp new file mode 100644 index 0000000000..42a35d0e92 --- /dev/null +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp @@ -0,0 +1,10 @@ +#include + +int a[20]; + +void undefined_behaviour_fn_119(void) { + std::memcpy(&a[0], &a[1], 10u * sizeof(a[0])); // NON_COMPLIANT + std::memmove(&a[0], &a[1], 10u * sizeof(a[0])); // COMPLIANT + std::memcpy(&a[1], &a[0], 10u * sizeof(a[0])); // NON_COMPLIANT + std::memmove(&a[1], &a[0], 10u * sizeof(a[0])); // COMPLIANT +} \ No newline at end of file diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index a694300cd5..cb688b0f0b 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -72,6 +72,7 @@ "precision": "medium", "severity": "error", "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index 96674eef0e..dcfd75be26 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -53,6 +53,18 @@ "tags": [ "correctness" ] + }, + { + "description": "Passing an aliased pointer to a conceptually restrict-qualified parameter is undefined behavior.", + "kind": "problem", + "name": "Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap", + "precision": "medium", + "severity": "error", + "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", + "tags": [ + "correctness" + ] } ], "title": "An object shall not be assigned to an overlapping object." From e23a0dc43001c6f92552473983bda7000750ded9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:10:24 -0400 Subject: [PATCH 02/14] M0-2-1: add missing changenote --- change_notes/2024-07-10-fix-fn-119-m0-2-1.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 change_notes/2024-07-10-fix-fn-119-m0-2-1.md diff --git a/change_notes/2024-07-10-fix-fn-119-m0-2-1.md b/change_notes/2024-07-10-fix-fn-119-m0-2-1.md new file mode 100644 index 0000000000..08d139ddbe --- /dev/null +++ b/change_notes/2024-07-10-fix-fn-119-m0-2-1.md @@ -0,0 +1,2 @@ +- `M0-2-1` - `DoNotPassAliasedPointerToRestrictQualifiedParam.ql`: + - Fixes #119. Adds shared query to cover missing detection of overlapping arrays or pointers in specific list of functions that list undefined behaviour when their parameters overlap. \ No newline at end of file From b8193f13eaf303a966a067a3ea769179813cfacd Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:11:51 -0400 Subject: [PATCH 03/14] M0-2-1: add missing query format --- .../M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index f337b2ecc1..928cec0f5e 100644 --- a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -17,7 +17,8 @@ import cpp import codingstandards.cpp.autosar import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared -class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery { +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +{ DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { this = RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() } From 00f27aa5142052d260b16f9e440b0db63038dd61 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Wed, 10 Jul 2024 17:12:34 -0400 Subject: [PATCH 04/14] M0-2-1: add missing query format --- .../EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 393967c66e..9e159a31bf 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -19,4 +19,4 @@ class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAlia DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { this = Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery() } -} \ No newline at end of file +} From 80424af18e496438463710d66a03ebdedc366939 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 11 Jul 2024 00:16:31 -0400 Subject: [PATCH 05/14] M0-2-1: add missing query format --- cpp/common/src/codingstandards/cpp/Variable.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/src/codingstandards/cpp/Variable.qll b/cpp/common/src/codingstandards/cpp/Variable.qll index 9cf265ca93..47c6ca7f6c 100644 --- a/cpp/common/src/codingstandards/cpp/Variable.qll +++ b/cpp/common/src/codingstandards/cpp/Variable.qll @@ -18,4 +18,4 @@ Variable getAddressOfExprTargetBase(AddressOfExpr expr) { result = expr.getOperand().(VariableAccess).getTarget() or result = expr.getOperand().(ArrayExpr).getArrayBase().(VariableAccess).getTarget() -} \ No newline at end of file +} From 0c98d9b94733bfc63be0a1efe72eb89d2af3a41a Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 11 Jul 2024 11:25:07 -0400 Subject: [PATCH 06/14] M0-2-1: fix adjusted reference --- .../rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql index bbe41259b8..eac0f8826c 100644 --- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql +++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql @@ -14,7 +14,7 @@ import cpp import codingstandards.cpp.dataflow.DataFlow import semmle.code.cpp.controlflow.Dominance import codingstandards.c.cert -import codingstandards.c.Variable +import codingstandards.cpp.Variable /** * An `Expr` that is an assignment or initialization to a restrict-qualified pointer-type variable. From 1777db2359aea22cba3d81883b863be7930bc7ab Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Thu, 11 Jul 2024 12:11:40 -0400 Subject: [PATCH 07/14] M0-2-1: re-add accidentally rm'd testfile --- c/cert/test/rules/EXP43-C/test.c | 100 +++++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 c/cert/test/rules/EXP43-C/test.c diff --git a/c/cert/test/rules/EXP43-C/test.c b/c/cert/test/rules/EXP43-C/test.c new file mode 100644 index 0000000000..3bf7cfa490 --- /dev/null +++ b/c/cert/test/rules/EXP43-C/test.c @@ -0,0 +1,100 @@ +#include +#include +#include + +int *restrict g1; +int *restrict g2; +int *restrict g1_1; +int *g2_1; + +struct s1 { + int x, y, z; +}; +struct s1 v1; + +void test_global_local() { + int *restrict i1 = g1; // COMPLIANT + int *restrict i2 = g2; // COMPLIANT + int *restrict i3 = i2; // NON_COMPLIANT + g1 = g2; // NON_COMPLIANT + i1 = i2; // NON_COMPLIANT + { + int *restrict i4; + int *restrict i5; + int *restrict i6; + i4 = g1; // COMPLIANT + i4 = (void *)0; // COMPLIANT + i5 = g1; // NON_COMPLIANT - block rather than statement scope matters + i4 = g1; // NON_COMPLIANT + i6 = g2; // COMPLIANT + } +} + +void test_global_local_1() { + g1_1 = g2_1; // COMPLIANT +} + +void test_structs() { + struct s1 *restrict p1 = &v1; + int *restrict px = &v1.x; // NON_COMPLIANT + { + int *restrict py; + int *restrict pz; + py = &v1.y; // COMPLIANT + py = (int *)0; + pz = &v1.z; // NON_COMPLIANT - block rather than statement scope matters + py = &v1.y; // NON_COMPLIANT + } +} + +void copy(int *restrict p1, int *restrict p2, size_t s) { + for (size_t i = 0; i < s; ++i) { + p2[i] = p1[i]; + } +} + +void test_restrict_params() { + int i1 = 1; + int i2 = 2; + copy(&i1, &i1, 1); // NON_COMPLIANT + copy(&i1, &i2, 1); // COMPLIANT + + int x[10]; + int *px = &x[0]; + copy(&x[0], &x[1], 1); // COMPLIANT - non overlapping + copy(&x[0], &x[1], 2); // NON_COMPLIANT - overlapping + copy(&x[0], (int *)x[0], 1); // COMPLIANT - non overlapping + copy(&x[0], px, 1); // NON_COMPLIANT - overlapping +} + +void test_strcpy() { + char s1[] = "my test string"; + char s2[] = "my other string"; + strcpy(&s1, &s1 + 3); // NON_COMPLIANT + strcpy(&s2, &s1); // COMPLIANT +} + +void test_memcpy() { + char s1[] = "my test string"; + char s2[] = "my other string"; + memcpy(&s1, &s1 + 3, 5); // NON_COMPLIANT + memcpy(&s2, &s1 + 3, 5); // COMPLIANT +} + +void test_memmove() { + char s1[] = "my test string"; + char s2[] = "my other string"; + memmove(&s1, &s1 + 3, 5); // COMPLIANT - memmove is allowed to overlap + memmove(&s2, &s1 + 3, 5); // COMPLIANT +} + +void test_scanf() { + char s1[200] = "%10s"; + scanf(&s1, &s1 + 4); // NON_COMPLIANT +} + +// TODO also consider the following: +// strncpy(), strncpy_s() +// strcat(), strcat_s() +// strncat(), strncat_s() +// strtok_s() \ No newline at end of file From c9f75cb5ad2ce98a7454f8ded7d22d65cba668e7 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 11:50:35 -0400 Subject: [PATCH 08/14] M0-2-1: rename shared queries --- ...interToRestrictQualifiedParamShared.expected} | 0 ...asedPointerToRestrictQualifiedParamShared.ql} | 0 .../test.c | 0 ...aram.ql => DoNotPassAliasedPointerToParam.ql} | 0 .../DoNotPassAliasedPointerToParam.testref | 1 + ...liasedPointerToRestrictQualifiedParam.testref | 1 - .../cpp/exclusions/cpp/Representation.qll | 16 ++++++++-------- ...asedPointerToRestrictQualifiedParamShared.qll | 15 +++++++++++++++ ...sedPointerToRestrictQualifiedParam_Shared.qll | 0 ...interToRestrictQualifiedParamShared.expected} | 0 ...asedPointerToRestrictQualifiedParamShared.ql} | 0 .../test.cpp | 0 rule_packages/c/Pointers3.json | 2 +- rule_packages/cpp/Representation.json | 6 +++--- 14 files changed, 28 insertions(+), 13 deletions(-) rename c/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected} (100%) rename c/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql} (100%) rename c/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared => donotpassaliasedpointertorestrictqualifiedparamshared}/test.c (100%) rename cpp/autosar/src/rules/M0-2-1/{DoNotPassAliasedPointerToRestrictQualifiedParam.ql => DoNotPassAliasedPointerToParam.ql} (100%) create mode 100644 cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref delete mode 100644 cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref create mode 100644 cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll rename cpp/common/src/codingstandards/cpp/rules/{ => donotpassaliasedpointertorestrictqualifiedparamshared}/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll (100%) rename cpp/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected} (100%) rename cpp/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql => donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql} (100%) rename cpp/common/test/rules/{donotpassaliasedpointertorestrictqualifiedparam_shared => donotpassaliasedpointertorestrictqualifiedparamshared}/test.cpp (100%) diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected similarity index 100% rename from c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql similarity index 100% rename from c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.c similarity index 100% rename from c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.c rename to c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.c diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql similarity index 100% rename from cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.ql rename to cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql diff --git a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref new file mode 100644 index 0000000000..2c64dedd45 --- /dev/null +++ b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToParam.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref deleted file mode 100644 index 31ba6a98ba..0000000000 --- a/cpp/autosar/test/rules/M0-2-1/DoNotPassAliasedPointerToRestrictQualifiedParam.testref +++ /dev/null @@ -1 +0,0 @@ -cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll index ac41c1049a..2f92ea89ec 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/cpp/Representation.qll @@ -7,7 +7,7 @@ newtype RepresentationQuery = TBitFieldsShallBeUsedOnlyWhenInterfacingToHardwareOrConformingToCommunicationProtocolsQuery() or TAuditPossibleHardwareInterfaceDueToBitFieldUsageInDataTypeDefinitionQuery() or TObjectAssignedToAnOverlappingObjectQuery() or - TDoNotPassAliasedPointerToRestrictQualifiedParamQuery() or + TDoNotPassAliasedPointerToParamQuery() or TUnderlyingBitRepresentationsOfFloatingPointValuesUsedQuery() or TNamedBitFieldsWithSignedIntegerTypeShallHaveALengthOfMoreThanOneBitQuery() or TMemsetUsedToAccessObjectRepresentationQuery() or @@ -43,11 +43,11 @@ predicate isRepresentationQueryMetadata(Query query, string queryId, string rule category = "required" or query = - // `Query` instance for the `doNotPassAliasedPointerToRestrictQualifiedParam` query - RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() and + // `Query` instance for the `doNotPassAliasedPointerToParam` query + RepresentationPackage::doNotPassAliasedPointerToParamQuery() and queryId = - // `@id` for the `doNotPassAliasedPointerToRestrictQualifiedParam` query - "cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param" and + // `@id` for the `doNotPassAliasedPointerToParam` query + "cpp/autosar/do-not-pass-aliased-pointer-to-param" and ruleId = "M0-2-1" and category = "required" or @@ -119,11 +119,11 @@ module RepresentationPackage { TQueryCPP(TRepresentationPackageQuery(TObjectAssignedToAnOverlappingObjectQuery())) } - Query doNotPassAliasedPointerToRestrictQualifiedParamQuery() { + Query doNotPassAliasedPointerToParamQuery() { //autogenerate `Query` type result = - // `Query` type for `doNotPassAliasedPointerToRestrictQualifiedParam` query - TQueryCPP(TRepresentationPackageQuery(TDoNotPassAliasedPointerToRestrictQualifiedParamQuery())) + // `Query` type for `doNotPassAliasedPointerToParam` query + TQueryCPP(TRepresentationPackageQuery(TDoNotPassAliasedPointerToParamQuery())) } Query underlyingBitRepresentationsOfFloatingPointValuesUsedQuery() { diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll new file mode 100644 index 0000000000..0c16d4e538 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -0,0 +1,15 @@ +/** + * Provides a library which includes a `problems` predicate for reporting.... + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } + +Query getQuery() { result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery } + +query predicate problems(Element e, string message) { +not isExcluded(e, getQuery()) and message = "" +} \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll similarity index 100% rename from cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll rename to cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected similarity index 100% rename from cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.expected rename to cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.expected diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql similarity index 100% rename from cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql rename to cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.cpp similarity index 100% rename from cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/test.cpp rename to cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/test.cpp diff --git a/rule_packages/c/Pointers3.json b/rule_packages/c/Pointers3.json index cb688b0f0b..f35f5b7bd1 100644 --- a/rule_packages/c/Pointers3.json +++ b/rule_packages/c/Pointers3.json @@ -72,7 +72,7 @@ "precision": "medium", "severity": "error", "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", - "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParamShared", "tags": [ "correctness" ] diff --git a/rule_packages/cpp/Representation.json b/rule_packages/cpp/Representation.json index dcfd75be26..4b9a44099e 100644 --- a/rule_packages/cpp/Representation.json +++ b/rule_packages/cpp/Representation.json @@ -55,13 +55,13 @@ ] }, { - "description": "Passing an aliased pointer to a conceptually restrict-qualified parameter is undefined behavior.", + "description": "Passing a aliased pointers as parameters of certain functions is undefined behavior.", "kind": "problem", "name": "Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap", "precision": "medium", "severity": "error", - "short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam", - "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParam_Shared", + "short_name": "DoNotPassAliasedPointerToParam", + "shared_implementation_short_name": "DoNotPassAliasedPointerToRestrictQualifiedParamShared", "tags": [ "correctness" ] From 06d585fdb988794af73d7eab02b52c1415c763d9 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 12:25:53 -0400 Subject: [PATCH 09/14] M0-2-1: fix query renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParam.ql | 4 ++-- .../DoNotPassAliasedPointerToRestrictQualifiedParam.testref | 2 +- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql index 9e159a31bf..08121f8c2b 100644 --- a/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql +++ b/c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql @@ -12,9 +12,9 @@ import cpp import codingstandards.c.cert -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery { DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { this = Pointers3Package::doNotPassAliasedPointerToRestrictQualifiedParamQuery() diff --git a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref index 66f173804a..ef17bca58a 100644 --- a/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref +++ b/c/cert/test/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.testref @@ -1 +1 @@ -c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.ql \ No newline at end of file +c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql \ No newline at end of file diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index ebdb62c802..dc3a521edf 100644 --- a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, TestQuery { } From 43e6d67d2112f8bffbfaafcc1f92187fea57a092 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 12:28:16 -0400 Subject: [PATCH 10/14] M0-2-1: reformat query --- ...otPassAliasedPointerToRestrictQualifiedParamShared.qll | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll index 0c16d4e538..5d8bfc5634 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -8,8 +8,10 @@ import codingstandards.cpp.Exclusions abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } -Query getQuery() { result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery } +Query getQuery() { + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery +} query predicate problems(Element e, string message) { -not isExcluded(e, getQuery()) and message = "" -} \ No newline at end of file + not isExcluded(e, getQuery()) and message = "" +} From ebb7d39d86f3aa936913937e02aa438d45349016 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 12:48:55 -0400 Subject: [PATCH 11/14] M0-2-1: missed more renaming --- .../M0-2-1/DoNotPassAliasedPointerToParam.ql | 11 +- ...dPointerToRestrictQualifiedParamShared.qll | 184 ++++++++++++++++- ...PointerToRestrictQualifiedParam_Shared.qll | 193 ------------------ 3 files changed, 185 insertions(+), 203 deletions(-) delete mode 100644 cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll diff --git a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql index 928cec0f5e..d99ae486fc 100644 --- a/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql +++ b/cpp/autosar/src/rules/M0-2-1/DoNotPassAliasedPointerToParam.ql @@ -1,8 +1,7 @@ /** - * @id cpp/autosar/do-not-pass-aliased-pointer-to-restrict-qualified-param + * @id cpp/autosar/do-not-pass-aliased-pointer-to-param * @name M0-2-1: Do not pass aliased pointers as parameters of functions where it is undefined behaviour for those pointers to overlap - * @description Passing an aliased pointer to a conceptually restrict-qualified parameter is - * undefined behavior. + * @description Passing a aliased pointers as parameters of certain functions is undefined behavior. * @kind problem * @precision medium * @problem.severity error @@ -15,11 +14,11 @@ import cpp import codingstandards.cpp.autosar -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery +class DoNotPassAliasedPointerToRestrictQualifiedParamQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery { DoNotPassAliasedPointerToRestrictQualifiedParamQuery() { - this = RepresentationPackage::doNotPassAliasedPointerToRestrictQualifiedParamQuery() + this = RepresentationPackage::doNotPassAliasedPointerToParamQuery() } } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll index 5d8bfc5634..b733f31feb 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -5,13 +5,189 @@ import cpp import codingstandards.cpp.Customizations import codingstandards.cpp.Exclusions +import codingstandards.cpp.Pointers +import codingstandards.cpp.Variable +import codingstandards.cpp.dataflow.DataFlow +import semmle.code.cpp.pointsto.PointsTo +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } +/** + * A function that has a parameter with a restrict-qualified pointer type. + */ +class FunctionWithRestrictParameters extends Function { + Parameter restrictPtrParam; + + FunctionWithRestrictParameters() { + restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and + ( + restrictPtrParam.getType().hasSpecifier(["restrict"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and + restrictPtrParam = this.getParameter([0, 1]) + or + this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and + restrictPtrParam = this.getParameter([0, 2]) + or + this.hasGlobalName(["strtok_s"]) and + restrictPtrParam = this.getAParameter() + or + this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and + restrictPtrParam = this.getParameter(0) + or + this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and + restrictPtrParam = this.getParameter(3) + ) + } + + Parameter getARestrictPtrParam() { result = restrictPtrParam } +} + +/** + * A call to a function that has a parameter with a restrict-qualified pointer type. + */ +class CallToFunctionWithRestrictParameters extends FunctionCall { + CallToFunctionWithRestrictParameters() { + this.getTarget() instanceof FunctionWithRestrictParameters + } + + Expr getARestrictPtrArg() { + result = + this.getArgument(this.getTarget() + .(FunctionWithRestrictParameters) + .getARestrictPtrParam() + .getIndex()) + } + + Expr getAPtrArg(int index) { + result = this.getArgument(index) and + pointerValue(result) + } + + Expr getAPossibleSizeArg() { + exists(Parameter param | + param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and + param.getUnderlyingType() instanceof IntegralType and + // exclude __builtin_object_size + not result.(FunctionCall).getTarget() instanceof BuiltInFunction and + result = this.getArgument(param.getIndex()) + ) + } +} + +/** + * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` + */ +class CallToFunctionWithRestrictParametersArgExpr extends Expr { + int paramIndex; + + CallToFunctionWithRestrictParametersArgExpr() { + this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) + } + + int getParamIndex() { result = paramIndex } +} + +int getStatedValue(Expr e) { + // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful + // result in this case we pick the minimum value obtainable from dataflow and range analysis. + result = + upperBound(e) + .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) +} + +int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { + result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) + or + // edge-case: &(array[index]) expressions + result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) + or + // fall-back if `expr` is not a pointer arithmetic expression + not expr instanceof PointerArithmeticExpr and + not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and + result = 0 +} + +module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } + + predicate isSink(DataFlow::Node sink) { + exists(CallToFunctionWithRestrictParameters call | + sink.asExpr() = call.getAPtrArg(_).getAChild*() + ) + } + + predicate isBarrierIn(DataFlow::Node node) { + exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) + } +} + +module PointerValueToRestrictArgFlow = DataFlow::Global; + +abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } Query getQuery() { - result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery } -query predicate problems(Element e, string message) { - not isExcluded(e, getQuery()) and message = "" +query predicate problems( + CallToFunctionWithRestrictParameters call, string message, + CallToFunctionWithRestrictParametersArgExpr arg2, string arg2message, + CallToFunctionWithRestrictParametersArgExpr arg1, string arg1message, Expr source1, + string sourceMessage2, Expr source2, string lastMessage2 +) { + not isExcluded(call, getQuery()) and + exists(int argOffset1, int argOffset2, string sourceMessage1 | + arg1 = call.getARestrictPtrArg() and + arg2 = call.getAPtrArg(_) and + // enforce ordering to remove permutations if multiple restrict-qualified args exist + (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and + ( + // check if two pointers address the same object + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg1.getAChild*())) and + ( + // one pointer value flows to both args + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "$@" and + sourceMessage2 = "source" and + source1 = source2 + or + // there are two separate values that flow from an AddressOfExpr of the same target + getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and + PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), + DataFlow::exprNode(arg2.getAChild*())) and + sourceMessage1 = "a pair of address-of expressions ($@, $@)" and + sourceMessage2 = "addressof1" and + not source1 = source2 + ) + ) and + // get the offset of the pointer arithmetic operand (or '0' if there is none) + argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and + argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and + ( + // case 1: the pointer args are the same. + // (definite aliasing) + argOffset1 = argOffset2 + or + // case 2: the pointer args are different, a size arg exists, + // and the size arg is greater than the difference between the offsets. + // (potential aliasing) + exists(Expr sizeArg | + sizeArg = call.getAPossibleSizeArg() and + getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() + ) + or + // case 3: the pointer args are different, and a size arg does not exist + // (potential aliasing) + not exists(call.getAPossibleSizeArg()) + ) and + lastMessage2 = "addressof2" and + arg2message = "aliased pointer" and + arg1message = "restrict-qualified parameter" and + message = + "Call to '" + call.getTarget().getName() + + "' passes an $@ to a $@ (pointer value derived from " + sourceMessage1 + "." + ) } diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll deleted file mode 100644 index b733f31feb..0000000000 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/donotpassaliasedpointertorestrictqualifiedparam_shared/DoNotPassAliasedPointerToRestrictQualifiedParam_Shared.qll +++ /dev/null @@ -1,193 +0,0 @@ -/** - * Provides a library which includes a `problems` predicate for reporting.... - */ - -import cpp -import codingstandards.cpp.Customizations -import codingstandards.cpp.Exclusions -import codingstandards.cpp.Pointers -import codingstandards.cpp.Variable -import codingstandards.cpp.dataflow.DataFlow -import semmle.code.cpp.pointsto.PointsTo -import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis - -/** - * A function that has a parameter with a restrict-qualified pointer type. - */ -class FunctionWithRestrictParameters extends Function { - Parameter restrictPtrParam; - - FunctionWithRestrictParameters() { - restrictPtrParam.getUnspecifiedType() instanceof PointerOrArrayType and - ( - restrictPtrParam.getType().hasSpecifier(["restrict"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["strcpy", "strncpy", "strcat", "strncat", "memcpy"]) and - restrictPtrParam = this.getParameter([0, 1]) - or - this.hasGlobalName(["strcpy_s", "strncpy_s", "strcat_s", "strncat_s", "memcpy_s"]) and - restrictPtrParam = this.getParameter([0, 2]) - or - this.hasGlobalName(["strtok_s"]) and - restrictPtrParam = this.getAParameter() - or - this.hasGlobalName(["printf", "printf_s", "scanf", "scanf_s"]) and - restrictPtrParam = this.getParameter(0) - or - this.hasGlobalName(["sprintf", "sprintf_s", "snprintf", "snprintf_s"]) and - restrictPtrParam = this.getParameter(3) - ) - } - - Parameter getARestrictPtrParam() { result = restrictPtrParam } -} - -/** - * A call to a function that has a parameter with a restrict-qualified pointer type. - */ -class CallToFunctionWithRestrictParameters extends FunctionCall { - CallToFunctionWithRestrictParameters() { - this.getTarget() instanceof FunctionWithRestrictParameters - } - - Expr getARestrictPtrArg() { - result = - this.getArgument(this.getTarget() - .(FunctionWithRestrictParameters) - .getARestrictPtrParam() - .getIndex()) - } - - Expr getAPtrArg(int index) { - result = this.getArgument(index) and - pointerValue(result) - } - - Expr getAPossibleSizeArg() { - exists(Parameter param | - param = this.getTarget().(FunctionWithRestrictParameters).getAParameter() and - param.getUnderlyingType() instanceof IntegralType and - // exclude __builtin_object_size - not result.(FunctionCall).getTarget() instanceof BuiltInFunction and - result = this.getArgument(param.getIndex()) - ) - } -} - -/** - * A `PointsToExpr` that is an argument of a pointer-type in a `CallToFunctionWithRestrictParameters` - */ -class CallToFunctionWithRestrictParametersArgExpr extends Expr { - int paramIndex; - - CallToFunctionWithRestrictParametersArgExpr() { - this = any(CallToFunctionWithRestrictParameters call).getAPtrArg(paramIndex) - } - - int getParamIndex() { result = paramIndex } -} - -int getStatedValue(Expr e) { - // `upperBound(e)` defaults to `exprMaxVal(e)` when `e` isn't analyzable. So to get a meaningful - // result in this case we pick the minimum value obtainable from dataflow and range analysis. - result = - upperBound(e) - .minimum(min(Expr source | DataFlow::localExprFlow(source, e) | source.getValue().toInt())) -} - -int getPointerArithmeticOperandStatedValue(CallToFunctionWithRestrictParametersArgExpr expr) { - result = getStatedValue(expr.(PointerArithmeticExpr).getOperand()) - or - // edge-case: &(array[index]) expressions - result = getStatedValue(expr.(AddressOfExpr).getOperand().(PointerArithmeticExpr).getOperand()) - or - // fall-back if `expr` is not a pointer arithmetic expression - not expr instanceof PointerArithmeticExpr and - not expr.(AddressOfExpr).getOperand() instanceof PointerArithmeticExpr and - result = 0 -} - -module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { pointerValue(source.asExpr()) } - - predicate isSink(DataFlow::Node sink) { - exists(CallToFunctionWithRestrictParameters call | - sink.asExpr() = call.getAPtrArg(_).getAChild*() - ) - } - - predicate isBarrierIn(DataFlow::Node node) { - exists(AddressOfExpr a | node.asExpr() = a.getOperand().getAChild*()) - } -} - -module PointerValueToRestrictArgFlow = DataFlow::Global; - -abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } - -Query getQuery() { - result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery -} - -query predicate problems( - CallToFunctionWithRestrictParameters call, string message, - CallToFunctionWithRestrictParametersArgExpr arg2, string arg2message, - CallToFunctionWithRestrictParametersArgExpr arg1, string arg1message, Expr source1, - string sourceMessage2, Expr source2, string lastMessage2 -) { - not isExcluded(call, getQuery()) and - exists(int argOffset1, int argOffset2, string sourceMessage1 | - arg1 = call.getARestrictPtrArg() and - arg2 = call.getAPtrArg(_) and - // enforce ordering to remove permutations if multiple restrict-qualified args exist - (not arg2 = call.getARestrictPtrArg() or arg2.getParamIndex() > arg1.getParamIndex()) and - ( - // check if two pointers address the same object - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg1.getAChild*())) and - ( - // one pointer value flows to both args - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source1), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "$@" and - sourceMessage2 = "source" and - source1 = source2 - or - // there are two separate values that flow from an AddressOfExpr of the same target - getAddressOfExprTargetBase(source1) = getAddressOfExprTargetBase(source2) and - PointerValueToRestrictArgFlow::flow(DataFlow::exprNode(source2), - DataFlow::exprNode(arg2.getAChild*())) and - sourceMessage1 = "a pair of address-of expressions ($@, $@)" and - sourceMessage2 = "addressof1" and - not source1 = source2 - ) - ) and - // get the offset of the pointer arithmetic operand (or '0' if there is none) - argOffset1 = getPointerArithmeticOperandStatedValue(arg1) and - argOffset2 = getPointerArithmeticOperandStatedValue(arg2) and - ( - // case 1: the pointer args are the same. - // (definite aliasing) - argOffset1 = argOffset2 - or - // case 2: the pointer args are different, a size arg exists, - // and the size arg is greater than the difference between the offsets. - // (potential aliasing) - exists(Expr sizeArg | - sizeArg = call.getAPossibleSizeArg() and - getStatedValue(sizeArg) > (argOffset1 - argOffset2).abs() - ) - or - // case 3: the pointer args are different, and a size arg does not exist - // (potential aliasing) - not exists(call.getAPossibleSizeArg()) - ) and - lastMessage2 = "addressof2" and - arg2message = "aliased pointer" and - arg1message = "restrict-qualified parameter" and - message = - "Call to '" + call.getTarget().getName() + - "' passes an $@ to a $@ (pointer value derived from " + sourceMessage1 + "." - ) -} From da779575eaca22ca348583cfb6da9523691e812b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 13:04:45 -0400 Subject: [PATCH 12/14] M0-2-1: missed more renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index dc3a521edf..1410ee52db 100644 --- a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, TestQuery { } From e2c4339ee96d9ee178f6154042a11da959e96d9b Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 13:08:57 -0400 Subject: [PATCH 13/14] M0-2-1: missed more renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll | 4 ++-- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll index b733f31feb..bea0235881 100644 --- a/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll +++ b/cpp/common/src/codingstandards/cpp/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.qll @@ -124,10 +124,10 @@ module PointerValueToRestrictArgConfig implements DataFlow::ConfigSig { module PointerValueToRestrictArgFlow = DataFlow::Global; -abstract class DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery extends Query { } +abstract class DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery extends Query { } Query getQuery() { - result instanceof DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery + result instanceof DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery } query predicate problems( diff --git a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index 1410ee52db..dc3a521edf 100644 --- a/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/cpp/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, TestQuery { } From eff451119807b1d31ecb0b2f1a6e3688bdb76b13 Mon Sep 17 00:00:00 2001 From: Kristen Newbury Date: Tue, 16 Jul 2024 13:17:32 -0400 Subject: [PATCH 14/14] M0-2-1: missed more renaming --- .../DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql index ebdb62c802..dc3a521edf 100644 --- a/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql +++ b/c/common/test/rules/donotpassaliasedpointertorestrictqualifiedparamshared/DoNotPassAliasedPointerToRestrictQualifiedParamShared.ql @@ -1,6 +1,6 @@ // GENERATED FILE - DO NOT MODIFY -import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparam_shared.DoNotPassAliasedPointerToRestrictQualifiedParam_Shared +import codingstandards.cpp.rules.donotpassaliasedpointertorestrictqualifiedparamshared.DoNotPassAliasedPointerToRestrictQualifiedParamShared -class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParam_SharedSharedQuery, +class TestFileQuery extends DoNotPassAliasedPointerToRestrictQualifiedParamSharedSharedQuery, TestQuery { }