diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 7406218e44..fdad8f9325 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -105,7 +105,6 @@ jobs: mkdir -p "$query_dir" # Copy each selected ql file, plus the related files (qhelp, qhelp implementation) cp "$copy_from_root_name.ql" "lgtm-cpp-query-pack/$copy_to_root_name.ql" - cp "$copy_from_root_name-implementation.qhelp" "lgtm-cpp-query-pack/$copy_to_root_name-implementation.qhelp" cp "$copy_from_root_name.qhelp" "lgtm-cpp-query-pack/$copy_to_root_name.qhelp" done } diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 605489a0e0..c4e26abc08 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -65,6 +65,13 @@ jobs: codeql-home: ${{ github.workspace }}/codeql_home add-to-path: false + - name: Pre-Compile Queries + id: pre-compile-queries + run: | + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path cpp --threads 0 cpp + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path c --search-path cpp --threads 0 c + + - name: Run test suites id: run-test-suites env: @@ -108,12 +115,20 @@ jobs: # XL runners have 8 cores, so split the tests into 8 "slices", and run one per thread num_slices = 8 procs = [] + for slice in range(1, num_slices+1): test_report_path = os.path.join(runner_temp, "${{ matrix.language }}", f"test_report_{runner_os}_{cli_version}_{stdlib_ref_ident}_slice_{slice}_of_{num_slices}.json") os.makedirs(os.path.dirname(test_report_path), exist_ok=True) test_report_file = open(test_report_path, 'w') files_to_close.append(test_report_file) - procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + if "${{ matrix.language }}".casefold() == "c".casefold(): + # c tests require cpp -- but we don't want c things on the cpp + # path in case of design errors. + cpp_language_root = Path(workspace, 'cpp') + procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={cpp_language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + else: + procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + for p in procs: p.wait() if p.returncode != 0: @@ -133,7 +148,7 @@ jobs: - name: Upload test results uses: actions/upload-artifact@v2 with: - name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} + name: ${{ matrix.language }}-test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | ${{ runner.temp }}/${{ matrix.language }}/test_report_${{ runner.os }}_${{ matrix.codeql_cli }}_${{ matrix.codeql_standard_library_ident }}_slice_*.json if-no-files-found: error @@ -148,11 +163,11 @@ jobs: - name: Validate test results run: | - for json_report in test-results-*/test_report_* + for json_report in *-test-results-*/test_report_* do jq --raw-output '"PASS \(map(select(.pass == true)) | length)/\(length)'" $json_report\"" "$json_report" done - FAILING_TESTS=$(jq --raw-output '.[] | select(.pass == false)' test-results-*/test_report_*.json) + FAILING_TESTS=$(jq --raw-output '.[] | select(.pass == false)' *-test-results-*/test_report_*.json) if [[ ! -z "$FAILING_TESTS" ]]; then echo "ERROR: The following tests failed:" echo $FAILING_TESTS | jq . diff --git a/.vscode/tasks.json b/.vscode/tasks.json index efcee24155..24432cd317 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -12,7 +12,6 @@ }, "problemMatcher": [] }, - { "label": "🔃 Standards Automation: Switch To Test or Implementation", "type": "shell", @@ -23,7 +22,6 @@ }, "problemMatcher": [] }, - { "label": "Standards Automation: Install Deps", "type": "shell", @@ -165,49 +163,52 @@ "type": "pickString", "options": [ "Allocations", + "BannedFunctions", "BannedSyntax", "BannedTypes", - "BannedFunctions", + "Classes", + "Classes", "Classes", "Comments", "Concurrency", + "Conditionals", "Const", + "DeadCode", "Declarations", "Exceptions1", "Exceptions2", + "Expressions", + "Freed", + "Functions", + "IO", "Includes", + "Initialization", + "IntegerConversion", "Invariants", - "IO", "Iterators", + "Lambdas", "Literals", "Loops", "Macros", + "Misc", + "MoveForward", "Naming", + "Null", + "OperatorInvariants", + "Operators", + "Pointers", "Scope", - "Classes", - "SmartPointers1", - "SmartPointers2", "SideEffects1", "SideEffects2", + "SmartPointers1", + "SmartPointers2", "Strings", + "Strings1", + "Strings2", "Syntax", "Templates", - "Classes", - "Freed", - "Initialization", - "Functions", - "Null", - "OperatorInvariants", - "VirtualFunctions", - "Conditionals", - "MoveForward", - "Operators", "TypeRanges", - "Lambdas", - "Pointers", - "IntegerConversion", - "Expressions", - "DeadCode" + "VirtualFunctions" ] }, { diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 586a651e22..9ecaaadc79 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

None

- - \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp index 458fbe3f7d..628d8290fb 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp @@ -1,33 +1,679 @@ -
- -
+
+

Evaluation of an expression may produce side effects. At specific points during execution, known as sequence points, all side effects of previous evaluations are complete, and no side effects of subsequent evaluations have yet taken place. Do not depend on the order of evaluation for side effects unless there is an intervening sequence point.

+

The C Standard, 6.5, paragraph 2 [ISO/IEC 9899:2011], states

+
+

If a side effect on a scalar object is unsequenced relative to either a different side effect on the same scalar object or a value computation using the value of the same scalar object, the behavior is undefined. If there are multiple allowable orderings of the subexpressions of an expression, the behavior is undefined if such an unsequenced side effect occurs in any of the orderings.

+
+

This requirement must be met for each allowable ordering of the subexpressions of a full expression; otherwise, the behavior is undefined. (See undefined behavior 35.)

+

The following sequence points are defined in the C Standard, Annex C [ISO/IEC 9899:2011]:

+ +

Furthermore, Section 6.5.16, paragraph 3 says (regarding assignment operations):

+
+

The side effect of updating the stored value of the left operand is sequenced after the value computations of the left and right operands.

+
+

This rule means that statements such as

+ i = i + 1; +a[i] = i; + +

have defined behavior, and statements such as the following do not:

+ /* i is modified twice between sequence points */ +i = ++i + 1; -
-

- ... -

+/* i is read other than to determine the value to be stored */ +a[i++] = i; + +

Not all instances of a comma in C code denote a usage of the comma operator. For example, the comma between arguments in a function call is not a sequence point. However, according to the C Standard, 6.5.2.2, paragraph 10 [ISO/IEC 9899:2011]

+
+

Every evaluation in the calling function (including other function calls) that is not otherwise specifically sequenced before or after the execution of the body of the called function is indeterminately sequenced with respect to the execution of the called function.

+
+

This rule means that the order of evaluation for function call arguments is unspecified and can happen in any order.

+
+
+

Programs cannot safely rely on the order of evaluation of operands between sequence points. In this noncompliant code example, i is evaluated twice without an intervening sequence point, so the behavior of the expression is undefined:

+ #include <stdio.h> -
+void func(int i, int *b) { + int a = i + b[++i]; + printf("%d, %d", a, i); +} +
+
+

These examples are independent of the order of evaluation of the operands and can be interpreted in only one way:

+ #include <stdio.h> -
-

- ... -

-
+void func(int i, int *b) { + int a; + ++i; + a = i + b[i]; + printf("%d, %d", a, i); +} +

Alternatively:

+ #include <stdio.h> - - - +void func(int i, int *b) { + int a = i + b[i + 1]; + ++i; + printf("%d, %d", a, i); +} +
+
+

The call to func() in this noncompliant code example has undefined behavior because there is no sequence point between the argument expressions:

+ extern void func(int i, int j); + +void f(int i) { + func(i++, i); +} +

The first (left) argument expression reads the value of i (to determine the value to be stored) and then modifies i. The second (right) argument expression reads the value of i between the same pair of sequence points as the first argument, but not to determine the value to be stored in i. This additional attempt to read the value of i has undefined behavior.

+
+
+

This compliant solution is appropriate when the programmer intends for both arguments to func() to be equivalent:

+ extern void func(int i, int j); + +void f(int i) { + i++; + func(i, i); +} +

This compliant solution is appropriate when the programmer intends for the second argument to be 1 greater than the first:

+ extern void func(int i, int j); + +void f(int i) { + int j = i++; + func(j, i); +} +
+
+

The order of evaluation for function arguments is unspecified. This noncompliant code example exhibits unspecified behavior but not undefined behavior:

+ extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} -
-
    -
  • ...
    • -
-
+int b(void) { + glob = 42; + return glob; +} + +void func(void) { + c(a(), b()); +} +

It is unspecified what order a() and b() are called in; the only guarantee is that both a() and b() will be called before c() is called. If a() or b() rely on shared state when calculating their return value, as they do in this example, the resulting arguments passed to c() may differ between compilers or architectures.

+
+
+

In this compliant solution, the order of evaluation for a() and b() is fixed, and so no unspecified behavior occurs:

+ extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} +int b(void) { + glob = 42; + return glob; +} + +void func(void) { + int a_val, b_val; + + a_val = a(); + b_val = b(); + + c(a_val, b_val); +} +
+
+

Attempting to modify an object multiple times between sequence points may cause that object to take on an unexpected value, which can lead to unexpected program behavior.

+ + + + + + + + + + + + + + + + + + + +
+ Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
+ EXP30-C + + Medium + + Probable + + Medium + + P8 + + L2 +
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Tool + + Version + + Checker + + Description +
+ + Astrée + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
+ + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP30 + +
+ + Clang + + + 3.9 + + -Wunsequenced + + Detects simple violations of this rule, but does not diagnose unsequenced function call arguments. +
+ + Compass/ROSE + + + + + Can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. It also must check that no variable is modified once, then read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator +
+ + Coverity + + + 2017.07 + + EVALUATION_ORDER + + Can detect the specific instance where a statement contains multiple side effects on the same value with an undefined evaluation order because, with different compiler flags or different compilers or platforms, the statement may behave differently +
+ + ECLAIR + + + 1.2 + + CC2.EXP30 + + Fully implemented +
+ + GCC + + + 4.3.5 + + + Can detect violations of this rule when the + -Wsequence-point + flag is used +
+ + Helix QAC + + + 2022.1 + + C0400, C0401, C0402, C0403, C0404, C0405 + +
+ + Klocwork + + + 2022.1 + + PORTING.VAR.EFFECTS + MISRA.INCR_DECR.OTHER + +
+ + LDRA tool suite + + + 9.7.1 + + 35 D, 1 Q, 9 S, 30 S, 134 S + + Partially implemented +
+ + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP30-a + CERT_C-EXP30-b + CERT_C-EXP30-c + CERT_C-EXP30-d + + The value of an expression shall be the same under any order of evaluation that the standard permits + Don't write code that depends on the order of evaluation of function arguments + Don't write code that depends on the order of evaluation of function designator and function arguments + Don't write code that depends on the order of evaluation of expression that involves a function call +
+ + PC-lint Plus + + + 1.4 + + 564 + + Partially supported +
+ + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP30-C + + + Checks for situations when expression value depends on order of evaluation or of side effects (rule partially covered) +
+ + PRQA QA-C + + + 9.7 + + 0400, 0401, 0402, + 0403, 0404, 0405 + + Fully implemented +
+ + PVS-Studio + + + 7.18 + + V532 + + , + + V567 + +
+ + RuleChecker + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
+ + Splint + + + 3.1.1 + + +
+ + SonarQube C/C++ Plugin + + + 3.11 + + IncAndDecMixedWithOtherOperators + +
+ + TrustInSoft Analyzer + + + 1.38 + + separated + + Exhaustively verified (see + + one compliant and one non-compliant example + + ). +
+
+
+

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

+
+
+

Key here (explains table format and definitions)

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Taxonomy + + Taxonomy item + + Relationship +
+ + CERT C + + + + EXP50-CPP. Do not depend on the order of evaluation for side effects + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + CERT Oracle Secure Coding Standard for Java + + + + EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + ISO/IEC TR 24772:2013 + + + Operator Precedence/Order of Evaluation [JCW] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + ISO/IEC TR 24772:2013 + + + Side-effects and Order of Evaluation [SAM] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + MISRA C:2012 + + + Rule 13.2 (required) + + CERT cross-reference in + + MISRA C:2012 – Addendum 3 + +
+ + CWE 2.11 + + + + CWE-758 + + + 2017-07-07: CERT: Rule subset of CWE +
+
+
+

Key here for mapping notes

+

CWE-758 and EXP30-C

+

Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)

+

CWE-758 = Union( EXP30-C, list) where list =

+ +
+
+ + + + + + + + + + + + + + + +
+ [ + + ISO/IEC 9899:2011 + + ] + + 6.5, "Expressions" + 6.5.2.2, "Function Calls" + Annex C, "Sequence Points" +
+ [ + + Saks 2007 + + ] + +
+ [ + + Summit 2005 + + ] + + Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11 +
+
\ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp index f7783bface..0ad32f85e2 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp @@ -8,9 +8,6 @@ -
- -
  • CERT-C: diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp index 458fbe3f7d..628d8290fb 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp @@ -1,33 +1,679 @@ -
    -
      -
    • required
      • -
    • implementation
      • -
    • automated
      • -
    -
    +
    +

    Evaluation of an expression may produce side effects. At specific points during execution, known as sequence points, all side effects of previous evaluations are complete, and no side effects of subsequent evaluations have yet taken place. Do not depend on the order of evaluation for side effects unless there is an intervening sequence point.

    +

    The C Standard, 6.5, paragraph 2 [ISO/IEC 9899:2011], states

    +
    +

    If a side effect on a scalar object is unsequenced relative to either a different side effect on the same scalar object or a value computation using the value of the same scalar object, the behavior is undefined. If there are multiple allowable orderings of the subexpressions of an expression, the behavior is undefined if such an unsequenced side effect occurs in any of the orderings.

    +
    +

    This requirement must be met for each allowable ordering of the subexpressions of a full expression; otherwise, the behavior is undefined. (See undefined behavior 35.)

    +

    The following sequence points are defined in the C Standard, Annex C [ISO/IEC 9899:2011]:

    +
      +
    • Between the evaluations of the function designator and actual arguments in a function call and the actual call
      • +
    • Between the evaluations of the first and second operands of the following operators:Logical AND: &&Logical OR: ||Comma: ,
      • +
    • Between the evaluations of the first operand of the conditional ?: operator and whichever of the second and third operands is evaluated
      • +
    • The end of a full declarator
      • +
    • Between the evaluation of a full expression and the next full expression to be evaluated; the following are full expressions:An initializer that is not part of a compound literalThe expression in an expression statementThe controlling expression of a selection statement (if or switch)The controlling expression of a while or do statementEach of the (optional) expressions of a for statementThe (optional) expression in a return statement
      • +
    • Immediately before a library function returns
      • +
    • After the actions associated with each formatted input/output function conversion specifier
      • +
    • Immediately before and immediately after each call to a comparison function, and also between any call to a comparison function and any movement of the objects passed as arguments to that call
      • +
    +

    Furthermore, Section 6.5.16, paragraph 3 says (regarding assignment operations):

    +
    +

    The side effect of updating the stored value of the left operand is sequenced after the value computations of the left and right operands.

    +
    +

    This rule means that statements such as

    + i = i + 1; +a[i] = i; + +

    have defined behavior, and statements such as the following do not:

    + /* i is modified twice between sequence points */ +i = ++i + 1; -
    -

    - ... -

    +/* i is read other than to determine the value to be stored */ +a[i++] = i; + +

    Not all instances of a comma in C code denote a usage of the comma operator. For example, the comma between arguments in a function call is not a sequence point. However, according to the C Standard, 6.5.2.2, paragraph 10 [ISO/IEC 9899:2011]

    +
    +

    Every evaluation in the calling function (including other function calls) that is not otherwise specifically sequenced before or after the execution of the body of the called function is indeterminately sequenced with respect to the execution of the called function.

    +
    +

    This rule means that the order of evaluation for function call arguments is unspecified and can happen in any order.

    +
    +
    +

    Programs cannot safely rely on the order of evaluation of operands between sequence points. In this noncompliant code example, i is evaluated twice without an intervening sequence point, so the behavior of the expression is undefined:

    + #include <stdio.h> -
    +void func(int i, int *b) { + int a = i + b[++i]; + printf("%d, %d", a, i); +}     +
    +
    +

    These examples are independent of the order of evaluation of the operands and can be interpreted in only one way:

    + #include <stdio.h> -
    -

    - ... -

    -
    +void func(int i, int *b) { + int a; + ++i; + a = i + b[i]; + printf("%d, %d", a, i); +}     +

    Alternatively:

    + #include <stdio.h> - - - +void func(int i, int *b) { + int a = i + b[i + 1]; + ++i; + printf("%d, %d", a, i); +} +
    +
    +

    The call to func() in this noncompliant code example has undefined behavior because there is no sequence point between the argument expressions:

    + extern void func(int i, int j); + +void f(int i) { + func(i++, i); +} +

    The first (left) argument expression reads the value of i (to determine the value to be stored) and then modifies i. The second (right) argument expression reads the value of i between the same pair of sequence points as the first argument, but not to determine the value to be stored in i. This additional attempt to read the value of i has undefined behavior.

    +
    +
    +

    This compliant solution is appropriate when the programmer intends for both arguments to func() to be equivalent:

    + extern void func(int i, int j); + +void f(int i) { + i++; + func(i, i); +} +

    This compliant solution is appropriate when the programmer intends for the second argument to be 1 greater than the first:

    + extern void func(int i, int j); + +void f(int i) { + int j = i++; + func(j, i); +} +
    +
    +

    The order of evaluation for function arguments is unspecified. This noncompliant code example exhibits unspecified behavior but not undefined behavior:

    + extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} -
    -
      -
    • ...
      • -
    -
    +int b(void) { + glob = 42; + return glob; +} + +void func(void) { + c(a(), b()); +}     +

    It is unspecified what order a() and b() are called in; the only guarantee is that both a() and b() will be called before c() is called. If a() or b() rely on shared state when calculating their return value, as they do in this example, the resulting arguments passed to c() may differ between compilers or architectures.

    +
    +
    +

    In this compliant solution, the order of evaluation for a() and b() is fixed, and so no unspecified behavior occurs:

    + extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} +int b(void) { + glob = 42; + return glob; +} + +void func(void) { + int a_val, b_val; + + a_val = a(); + b_val = b(); + + c(a_val, b_val); +} +
    +
    +

    Attempting to modify an object multiple times between sequence points may cause that object to take on an unexpected value, which can lead to unexpected program behavior.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + EXP30-C + + Medium + + Probable + + Medium + + P8 + + L2 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP30 + +
    + + Clang + + + 3.9 + + -Wunsequenced + + Detects simple violations of this rule, but does not diagnose unsequenced function call arguments. +
    + + Compass/ROSE + + + + + Can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. It also must check that no variable is modified once, then read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator +
    + + Coverity + + + 2017.07 + + EVALUATION_ORDER + + Can detect the specific instance where a statement contains multiple side effects on the same value with an undefined evaluation order because, with different compiler flags or different compilers or platforms, the statement may behave differently +
    + + ECLAIR + + + 1.2 + + CC2.EXP30 + + Fully implemented +
    + + GCC + + + 4.3.5 + + + Can detect violations of this rule when the + -Wsequence-point + flag is used +
    + + Helix QAC + + + 2022.1 + + C0400, C0401, C0402, C0403, C0404, C0405 + +
    + + Klocwork + + + 2022.1 + + PORTING.VAR.EFFECTS + MISRA.INCR_DECR.OTHER + +
    + + LDRA tool suite + + + 9.7.1 + + 35 D, 1 Q, 9 S, 30 S, 134 S + + Partially implemented +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP30-a + CERT_C-EXP30-b + CERT_C-EXP30-c + CERT_C-EXP30-d + + The value of an expression shall be the same under any order of evaluation that the standard permits + Don't write code that depends on the order of evaluation of function arguments + Don't write code that depends on the order of evaluation of function designator and function arguments + Don't write code that depends on the order of evaluation of expression that involves a function call +
    + + PC-lint Plus + + + 1.4 + + 564 + + Partially supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP30-C + + + Checks for situations when expression value depends on order of evaluation or of side effects (rule partially covered) +
    + + PRQA QA-C + + + 9.7 + + 0400, 0401, 0402, + 0403, 0404, 0405 + + Fully implemented +
    + + PVS-Studio + + + 7.18 + + V532 + + , + + V567 + +
    + + RuleChecker + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
    + + Splint + + + 3.1.1 + + +
    + + SonarQube C/C++ Plugin + + + 3.11 + + IncAndDecMixedWithOtherOperators + +
    + + TrustInSoft Analyzer + + + 1.38 + + separated + + Exhaustively verified (see + + one compliant and one non-compliant example + + ). +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + EXP50-CPP. Do not depend on the order of evaluation for side effects + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT Oracle Secure Coding Standard for Java + + + + EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TR 24772:2013 + + + Operator Precedence/Order of Evaluation [JCW] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TR 24772:2013 + + + Side-effects and Order of Evaluation [SAM] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + MISRA C:2012 + + + Rule 13.2 (required) + + CERT cross-reference in + + MISRA C:2012 – Addendum 3 + +
    + + CWE 2.11 + + + + CWE-758 + + + 2017-07-07: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-758 and EXP30-C

    +

    Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)

    +

    CWE-758 = Union( EXP30-C, list) where list =

    +
      +
    • Undefined behavior that results from anything other than reading and writing to a variable twice without an intervening sequence point.
      • +
    +
    +
    + + + + + + + + + + + + + + + +
    + [ + + ISO/IEC 9899:2011 + + ] + + 6.5, "Expressions" + 6.5.2.2, "Function Calls" + Annex C, "Sequence Points" +
    + [ + + Saks 2007 + + ] + +
    + [ + + Summit 2005 + + ] + + Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11 +
    +
    \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp index 6313114ff9..b1a3a347d1 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-implementation.qhelp b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp index 458fbe3f7d..f439c63755 100644 --- a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp +++ b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp @@ -1,33 +1,481 @@ -
    -
      -
    • required
      • -
    • implementation
      • -
    • automated
      • -
    -
    +
    +

    Some operators do not evaluate their operands beyond the type information the operands provide. When using one of these operators, do not pass an operand that would otherwise yield a side effect since the side effect will not be generated.

    +

    The sizeof operator yields the size (in bytes) of its operand, which may be an expression or the parenthesized name of a type. In most cases, the operand is not evaluated. A possible exception is when the type of the operand is a variable length array type (VLA); then the expression is evaluated. When part of the operand of the sizeof operator is a VLA type and when changing the value of the VLA's size expression would not affect the result of the operator, it is unspecified whether or not the size expression is evaluated. (See unspecified behavior 22.)

    +

    The operand passed to_Alignof is never evaluated, despite not being an expression. For instance, if the operand is a VLA type and the VLA's size expression contains a side effect, that side effect is never evaluated.

    +

    The operand used in the controlling expression of a _Generic selection expression is never evaluated.

    +

    Providing an expression that appears to produce side effects may be misleading to programmers who are not aware that these expressions are not evaluated, and in the case of a VLA used in sizeof, have unspecified results. As a result, programmers may make invalid assumptions about program state, leading to errors and possible software vulnerabilities.

    +

    This rule is similar to PRE31-C. Avoid side effects in arguments to unsafe macros.

    +
    +
    +

    In this noncompliant code example, the expression a++ is not evaluated:

    + #include <stdio.h> + +void func(void) { + int a = 14; + int b = sizeof(a++); + printf("%d, %d\n", a, b); +} +

    Consequently, the value of a after b has been initialized is 14.

    +
    +
    +

    In this compliant solution, the variable a is incremented outside of the sizeof operation:

    + #include <stdio.h> + +void func(void) { + int a = 14; + int b = sizeof(a); + ++a; + printf("%d, %d\n", a, b); +} +
    +
    +

    In this noncompliant code example, the expression ++n in the initialization expression of a must be evaluated because its value affects the size of the VLA operand of the sizeof operator. However, in the initialization expression of b, the expression ++n % 1 evaluates to 0. This means that the value of n does not affect the result of the sizeof operator. Consequently, it is unspecified whether or not n will be incremented when initializing b.

    + #include <stddef.h> +#include <stdio.h> + +void f(size_t n) { + /* n must be incremented */ + size_t a = sizeof(int[++n]); + + /* n need not be incremented */ + size_t b = sizeof(int[++n % 1 + 1]); -
    -

    - ... -

    + printf("%zu, %zu, %zu\n", a, b, n); + /* ... */ +} +
    +
    +

    This compliant solution avoids changing the value of the variable n used in each sizeof expression and instead increments n safely afterwards:

    + #include <stddef.h> +#include <stdio.h> + +void f(size_t n) { + size_t a = sizeof(int[n + 1]); + ++n; -
    + size_t b = sizeof(int[n % 1 + 1]); + ++n; + printf("%zu, %zu, %zu\n", a, b, n); + /* ... */ +} +     +
    +
    +

    This noncompliant code example attempts to modify a variable's value as part of the _Generic selection control expression. The programmer may expect that a is incremented, but because _Generic does not evaluate its control expression, the value of a is not modified.

    + #include <stdio.h> -
    -

    - ... -

    -
    +#define S(val) _Generic(val, int : 2, \ + short : 3, \ + default : 1) +void func(void) { + int a = 0; + int b = S(a++); + printf("%d, %d\n", a, b); +}     +
    +
    +

    In this compliant solution, a is incremented outside of the _Generic selection expression:

    + #include <stdio.h> - - - - -
    -
      -
    • ...
      • -
    -
    +#define S(val) _Generic(val, int : 2, \ + short : 3, \ + default : 1) +void func(void) { + int a = 0; + int b = S(a); + ++a; + printf("%d, %d\n", a, b); +}     +
    +
    +

    This noncompliant code example attempts to modify a variable while getting its default alignment value. The user may have expected val to be incremented as part of the _Alignof expression, but because _Alignof does not evaluate its operand, val is unchanged.

    + #include <stdio.h> + +void func(void) { + int val = 0; + /* ... */ + size_t align = _Alignof(int[++val]); + printf("%zu, %d\n", align, val); + /* ... */ +} +
    +
    +

    This compliant solution moves the expression out of the _Alignof operator:

    + #include <stdio.h> +void func(void) { + int val = 0; + /* ... */ + ++val; + size_t align = _Alignof(int[val]); + printf("%zu, %d\n", align, val); + /* ... */ +} +
    +
    +

    EXP44-C-EX1: Reading a volatile-qualified value is a side-effecting operation. However, accessing a value through a volatile-qualified type does not guarantee side effects will happen on the read of the value unless the underlying object is also volatile-qualified. Idiomatic reads of a volatile-qualified object are permissible as an operand to a sizeof(), _Alignof(), or _Generic expression, as in the following example:

    + void f(void) { + int * volatile v; + (void)sizeof(*v); +} +
    +
    +

    If expressions that appear to produce side effects are supplied to an operator that does not evaluate its operands, the results may be different than expected. Depending on how this result is used, it can lead to unintended program behavior.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + EXP44-C + + Low + + Unlikely + + Low + + P3 + + L3 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + alignof-side-effectgeneric-selection-side-effectsizeof + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP44 + +
    + + Clang + + + 3.9 + + -Wunevaluated-expression + + Can diagnose some instance of this rule, but not all (such as the + _Alignof + NCCE). +
    + + CodeSonar + + + 6.2p0 + + LANG.STRUCT.SE.SIZEOF + + Side effects in sizeof +
    + + Compass/ROSE + + + + +
    + + Coverity + + + 2017.07 + + MISRA C 2004 Rule 12.3 + + Partially implemented +
    + + ECLAIR + + + 1.2 + + CC2.EXP06 + + Fully implemented +
    + + Helix QAC + + + 2022.1 + + C3307 + +
    + + Klocwork + + + 2022.1 + + MISRA.SIZEOF.SIDE_EFFECT + +
    + + LDRA tool suite + + + 9.7.1 + + 54 S, 653 S + + Fully implemented +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP44-a + CERT_C-EXP44-b + + Object designated by a volatile lvalue should not be accessed in the operand of the sizeof operator + The function call that causes the side effect shall not be the operand of the sizeof operator +
    + + PC-lint Plus + + + 1.4 + + 9006 + + Partially supported: reports use of sizeof with an expression that would have side effects +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP44-C + + + Checks for situations when side effects of specified expressions are ignored (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 3307 + + Fully implemented +
    + + PVS-Studio + + + 7.18 + + V568 + +
    + + RuleChecker + + + 20.10 + + alignof-side-effectgeneric-selection-side-effectsizeof + + Fully checked +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + EXP52-CPP. Do not rely on side effects in unevaluated operands + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    +
    \ No newline at end of file diff --git a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp index 1069bc4211..b33510d090 100644 --- a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp +++ b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-implementation.qhelp b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp index 458fbe3f7d..01036cbe97 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp @@ -1,33 +1,688 @@ -
    -
      -
    • required
      • -
    • implementation
      • -
    • automated
      • -
    -
    - -
    -

    - ... -

    - -
    - -
    -

    - ... -

    -
    - - - - - -
    -
      -
    • ...
      • -
    -
    +
    +

    Do not use the assignment operator in the contexts listed in the following table because doing so typically indicates programmer error and can result in unexpected behavior.

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Operator + + Context +
    + if + + Controlling expression +
    + while + + Controlling expression +
    + do ... while + + Controlling expression +
    + for + + Second operand +
    + ?: + + First operand +
    + ?: + + Second or third operands, where the ternary expression is used in any of these contexts +
    + && + + Either operand +
    + || + + either operand +
    + , + + Second operand, when the comma expression is used in any of these contexts +
    +

    Performing assignment statements in other contexts do not violate this rule. However, they may violate other rules, such as EXP30-C. Do not depend on the order of evaluation for side effects.

    +

    Noncompliant Code Example

    +

    In this noncompliant code example, an assignment expression is the outermost expression in an if statement:

    + if (a = b) { + /* ... */ +} + +

    Although the intent of the code may be to assign b to a and test the value of the result for equality to 0, it is frequently a case of the programmer mistakenly using the assignment operator = instead of the equals operator ==. Consequently, many compilers will warn about this condition, making this coding error detectable by adhering to MSC00-C. Compile cleanly at high warning levels.

    +
    +
    +

    When the assignment of b to a is not intended, the conditional block is now executed when a is equal to b:

    + if (a == b) { + /* ... */ +} + +
    +
    +

    When the assignment is intended, this compliant solution explicitly uses inequality as the outermost expression while performing the assignment in the inner expression:

    + if ((a = b) != 0) { + /* ... */ +} + +

    It is less desirable in general, depending on what was intended, because it mixes the assignment in the condition, but it is clear that the programmer intended the assignment to occur.

    +
    +
    +

    In this noncompliant code example, the expression x = y is used as the controlling expression of the while statement:

    + do { /* ... */ } while (foo(), x = y); +
    +
    +

    When the assignment of y to x is not intended, the conditional block should be executed only when x is equal to y, as in this compliant solution:

    + do { /* ... */ } while (foo(), x == y); + +
    +
    +

    When the assignment is intended, this compliant solution can be used:

    + do { /* ... */ } while (foo(), (x = y) != 0); + +
    +
    +

    The same result can be obtained using the for statement, which is specifically designed to evaluate an expression on each iteration of the loop, just before performing the test in its controlling expression. Remember that its controlling expression is the second operand, where the assignment occurs in its third operand:

    + for (; x; foo(), x = y) { /* ... */ } +
    +
    +

    In this noncompliant example, the expression p = q is used as the controlling expression of the while statement:

    + do { /* ... */ } while (x = y, p = q); +
    +
    +

    In this compliant solution, the expression x = y is not used as the controlling expression of the while statement:

    + do { /* ... */ } while (x = y, p == q); + +
    +
    +

    This noncompliant code example has a typo that results in an assignment rather than a comparison.

    + while (ch = '\t' || ch == ' ' || ch == '\n') { + /* ... */ +} + +

    Many compilers will warn about this condition. This coding error would typically be eliminated by adherence to MSC00-C. Compile cleanly at high warning levels. Although this code compiles, it will cause unexpected behavior to an unsuspecting programmer. If the intent was to verify a string such as a password, user name, or group user ID, the code may produce significant vulnerabilities and require significant debugging.

    +
    +
    +

    When comparisons are made between a variable and a literal or const-qualified variable, placing the variable on the right of the comparison operation can prevent a spurious assignment.

    +

    In this code example, the literals are placed on the left-hand side of each comparison. If the programmer were to inadvertently use an assignment operator, the statement would assign ch to '\t', which is invalid and produces a diagnostic message.

    + while ('\t' = ch || ' ' == ch || '\n' == ch) { + /* ... */ +} +

    Due to the diagnostic, the typo will be easily spotted and fixed.

    + while ('\t' == ch || ' ' == ch || '\n' == ch) { + /* ... */ +} +

    As a result, any mistaken use of the assignment operator that could otherwise create a vulnerability for operations such as string verification will result in a compiler diagnostic regardless of compiler, warning level, or implementation.

    +
    +
    +

    EXP45-C-EX1: Assignment can be used where the result of the assignment is itself an operand to a comparison expression or relational expression. In this compliant example, the expression x = y is itself an operand to a comparison operation:

    + if ((x = y) != 0) { /* ... */ } +

    EXP45-C-EX2: Assignment can be used where the expression consists of a single primary expression. The following code is compliant because the expression x = y is a single primary expression:

    + if ((x = y)) { /* ... */ } +

    The following controlling expression is noncompliant because && is not a comparison or relational operator and the entire expression is not primary:

    + if ((v = w) && flag) { /* ... */ } +

    When the assignment of v to w is not intended, the following controlling expression can be used to execute the conditional block when v is equal to w:

    + if ((v == w) && flag) { /* ... */ }; +

    When the assignment is intended, the following controlling expression can be used:

    + if (((v = w) != 0) && flag) { /* ... */ }; +

    EXP45-C-EX3: Assignment can be used in a function argument or array index. In this compliant solution, the expression x = y is used in a function argument:

    + if (foo(x = y)) { /* ... */ } +
    +
    +

    Errors of omission can result in unintended program flow.

    + + + + + + + + + + + + + + + + + + + +
    + Recommendation + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + EXP45-C + + Low + + Likely + + Medium + + P6 + + L2 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + assignment-conditional + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP45 + +
    + + Clang + + + 3.9 + + -Wparentheses + + Can detect some instances of this rule, but does not detect all +
    + + CodeSonar + + + 6.2p0 + + LANG.STRUCT.CONDASSIGLANG.STRUCT.SE.CONDLANG.STRUCT.USEASSIGN + + Assignment in conditional + Condition contains side effects + Assignment result in expression +
    + + Compass/ROSE + + + + + Could detect violations of this recommendation by identifying any assignment expression as the top-level expression in an + if + or + while + statement +
    + + ECLAIR + + + 1.2 + + CC2.EXP18 + CC2.EXP21 + + Fully implemented +
    + + GCC + + + 4.3.5 + + + Can detect violations of this recommendation when the + -Wall + flag is used +
    + + Helix QAC + + + 2022.1 + + C3314, C3326, C3344, C3416 + C++4071, C++4074 + +
    + + Klocwork + + + 2022.1 + + ASSIGCOND.CALL + ASSIGCOND.GENMISRA.ASSIGN.COND + +
    + + LDRA tool suite + + + 9.7.1 + + 114 S, 132 S + + Enhanced Enforcement +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP45-b + CERT_C-EXP45-d + + Assignment operators shall not be used in conditions without brackets + Assignment operators shall not be used in expressions that yield a Boolean value +
    + + PC-lint Plus + + + 1.4 + + 720 + + Partially supported: reports Boolean test of unparenthesized assignment +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP45-C + + + Checks for invalid use of = (assignment) operator (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 3314, 3326, 3344, 3416 + + Partially implemented +
    + + PRQA QA-C++ + + + 4.4 + + 4071, 4074 + +
    + + PVS-Studio + + + 7.18 + + V559 + , + V633 + , + V699 + +
    + + RuleChecker + + + 20.10 + + assignment-conditional + + Fully checked +
    + + SonarQube C/C++ Plugin + + + 3.11 + + AssignmentInSubExpression + +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + EXP19-CPP. Do not perform assignments in conditional expressions + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT Oracle Secure Coding Standard for Java + + + + EXP51-J. Do not perform assignments in conditional expressions + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TR 24772:2013 + + + Likely Incorrect Expression [KOA] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TS 17961 + + + No assignment in conditional expressions [boolasgn] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-480 + + , Use of Incorrect Operator + + 2017-07-05: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-481 + + + 2017-07-05: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-480 and EXP45-C

    +

    Intersection( EXP45-C, EXP46-C) = Ø

    +

    CWE-480 = Union( EXP45-C, list) where list =

    +
      +
    • Usage of incorrect operator besides s/=/==/
      • +
    +

    CWE-569 and EXP45-C

    +

    CWE-480 = Subset( CWE-569)

    +
    +
    + + + + + + + + + + + +
    + [ + + Dutta 03 + + ] + + "Best Practices for Programming in C" +
    + [ + + Hatton 1995 + + ] + + Section 2.7.2, "Errors of Omission and Addition" +
    +
    \ No newline at end of file diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp index 240fef3e3e..82c72bc417 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings-implementation.qhelp b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp index 7cd34ab9f2..c289d0a58b 100644 --- a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp +++ b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO30-C/standard-example.c b/c/cert/src/rules/FIO30-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof-implementation.qhelp b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp index 5ba4f7c808..ddb42c3df5 100644 --- a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp +++ b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability-implementation.qhelp b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp index 4a648e11b0..980ea8be38 100644 --- a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp +++ b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO34-C/standard-example.c b/c/cert/src/rules/FIO34-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject-implementation.qhelp b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp index c9cb5b93ee..88766992b3 100644 --- a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp +++ b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO38-C/standard-example.c b/c/cert/src/rules/FIO38-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning-implementation.qhelp b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp index 7de21baaa1..333b34b2f1 100644 --- a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp +++ b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO39-C/standard-example.c b/c/cert/src/rules/FIO39-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure-implementation.qhelp b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp index d2b9fa3373..753fc0162f 100644 --- a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp +++ b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO40-C/standard-example.c b/c/cert/src/rules/FIO40-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects-implementation.qhelp b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp index 0468a54e20..9555b25cf1 100644 --- a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp +++ b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO41-C/standard-example.c b/c/cert/src/rules/FIO41-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp index d3b9cfb2f5..8349d80e59 100644 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp +++ b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO42-C/standard-example.c b/c/cert/src/rules/FIO42-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos-implementation.qhelp b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp index cdbaab7a86..9bd681d3f1 100644 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp +++ b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO44-C/standard-example.c b/c/cert/src/rules/FIO44-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile-implementation.qhelp b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp index f36147e9bf..7858cad959 100644 --- a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp +++ b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO46-C/standard-example.c b/c/cert/src/rules/FIO46-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers-standard.qhelp b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers-standard.qhelp new file mode 100644 index 0000000000..7d0bdffbc0 --- /dev/null +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers-standard.qhelp @@ -0,0 +1,597 @@ + + +
    +

    Pseudorandom number generators use mathematical algorithms to produce a sequence of numbers with good statistical properties, but the numbers produced are not genuinely random.

    +

    The C Standard rand() function makes no guarantees as to the quality of the random sequence produced. The numbers generated by some implementations of rand() have a comparatively short cycle and the numbers can be predictable. Applications that have strong pseudorandom number requirements must use a generator that is known to be sufficient for their needs.

    +
    +
    +

    The following noncompliant code generates an ID with a numeric part produced by calling the rand() function. The IDs produced are predictable and have limited randomness.

    + #include <stdio.h> +#include <stdlib.h> +  +enum { len = 12 }; +  +void func(void) { + /* + * id will hold the ID, starting with the characters + * "ID" followed by a random integer. + */ +  char id[len]; + int r; + int num; + /* ... */ + r = rand(); /* Generate a random integer */ + num = snprintf(id, len, "ID%-d", r); /* Generate the ID */ + /* ... */ +} +
    +
    +

    This compliant solution replaces the rand() function with the POSIX random() function:

    + #include <stdio.h> +#include <stdlib.h> +#include <time.h> + +enum { len = 12 };  + +void func(void) { + /* + * id will hold the ID, starting with the characters + * "ID" followed by a random integer. + */ +  char id[len]; + int r; + int num; + /* ... */ + struct timespec ts; + if (timespec_get(&ts, TIME_UTC) == 0) { +  /* Handle error */ + } + srandom(ts.tv_nsec ^ ts.tv_sec); /* Seed the PRNG */ + /* ... */ + r = random(); /* Generate a random integer */ + num = snprintf(id, len, "ID%-d", r); /* Generate the ID */ + /* ... */ +} +

    The POSIX random() function is a better pseudorandom number generator. Although on some platforms the low dozen bits generated by rand() go through a cyclic pattern, all the bits generated by random() are usable. The rand48 family of functions provides another alternative for pseudorandom numbers.

    +

    Although not specified by POSIX, arc4random() is another possibility for systems that support it. The arc4random(3) manual page [OpenBSD] states

    +
    +

    ... provides higher quality of data than those described in rand(3), random(3), and drand48(3).

    +
    +

    To achieve the best random numbers possible, an implementation-specific function must be used. When unpredictability is crucial and speed is not an issue, as in the creation of strong cryptographic keys, use a true entropy source, such as /dev/random, or a hardware device capable of generating random numbers. The /dev/random device can block for a long time if there are not enough events going on to generate sufficient entropy.

    +
    +
    +

    On Windows platforms, the BCryptGenRandom() function can be used to generate cryptographically strong random numbers. The Microsoft Developer Network BCryptGenRandom() reference [MSDN] states:

    +
    +

    The default random number provider implements an algorithm for generating random numbers that complies with the NIST SP800-90 standard, specifically the CTR_DRBG portion of that standard.

    +
    + #include <Windows.h> +#include <bcrypt.h> +#include <stdio.h> + +#pragma comment(lib, "Bcrypt") + +void func(void) { + BCRYPT_ALG_HANDLE Prov; + int Buffer; + if (!BCRYPT_SUCCESS( + BCryptOpenAlgorithmProvider(&Prov, BCRYPT_RNG_ALGORITHM, + NULL, 0))) { + /* handle error */ + } + if (!BCRYPT_SUCCESS(BCryptGenRandom(Prov, (PUCHAR) (&Buffer), + sizeof(Buffer), 0))) { + /* handle error */ + } + printf("Random number: %d\n", Buffer); + BCryptCloseAlgorithmProvider(Prov, 0); +} +
    +
    +

    The use of the rand() function can result in predictable random numbers.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + MSC30-C + + Medium + + Unlikely + + Low + + P6 + + L2 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + stdlib-use-rand + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-MSC30 + +
    + + Clang + + + 4.0 (prerelease) + + cert-msc30-c + + Checked by + clang-tidy +
    + + CodeSonar + + + 6.2p0 + + BADFUNC.RANDOM.RAND + + Use of rand +
    + + Compass/ROSE + + + + +
    + + Coverity + + + 2017.07 + + DONTCALL + + Implemented - weak support +
    + + ECLAIR + + + 1.2 + + CC2.MSC30 + + Fully implemented +
    + + Helix QAC + + + 2022.1 + + C5022 + C++5029 + +
    + + Klocwork + + + 2022.1 + + CERT.MSC.STD_RAND_CALL + +
    + + LDRA tool suite + + + 9.7.1 + + 44 S + + Enhanced enforcement +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-MSC30-a + + Do not use the rand() function for generating pseudorandom numbers +
    + + PC-lint Plus + + + 1.4 + + 586 + + Fully supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule MSC30-C + + + Checks for vulnerable pseudo-random number generator (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 5022 + + Fully implemented +
    + + PRQA QA-C++ + + + 4.4 + + 5029 + +
    + + RuleChecker + + + 20.10 + + stdlib-use-rand + + Fully checked +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT Oracle Secure Coding Standard for Java + + + + MSC02-J. Generate strong random numbers + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-327 + + , Use of a Broken or Risky Cryptographic Algorithm + + 2017-05-16: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-330 + + , Use of Insufficiently Random Values + + 2017-06-28: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-338 + + , Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) + + 2017-06-28: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-676 + + + 2017-05-18: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-327 and MSC30-C

    +
      +
    • CWE-327 forbids “broken or risky cryptographic algorithms” but does not specify what constitutes such an algo.
      • +
    +
      +
    • Per CERT judgement, rand() qualifies, so:
      • +
    +
      +
    • CWE-327 = Union( MSC30-C, list) where list =
      • +
    +
      +
    • Invocation of broken/risky crypto algorithms besides rand()
      • +
    +

    CWE-338 and MSC30-C

    +

    CWE-338 = Union( MSC30-C, list) where list =

    +
      +
    • Use of a weak PRNG besides standard C rand().
      • +
    +

    CWE-330 and MSC30-C

    +

    Independent( MSC30-C, MSC32-C, CON33-C)

    +

    CWE-330 = Union( MSC30-C, MSC32-C, CON33-C, list) where list = other improper use or creation of random values. (EG the would qualify)

    +

    MSC30-C, MSC32-C and CON33-C are independent, they have no intersections. They each specify distinct errors regarding PRNGs.

    +

    CWE-676 and MSC30-C

    +
      +
    • Independent( ENV33-C, CON33-C, STR31-C, EXP33-C, MSC30-C, ERR34-C)
      • +
    +
      +
    • MSC30-C implies that rand() is dangerous.
      • +
    +
      +
    • CWE-676 = Union( MSC30-C, list) where list =
      • +
    +
      +
    • Invocation of other dangerous functions, besides rand().
      • +
    +
    +
    + + + + + + + + + + + +
    + [ + + MSDN + + ] + + " + + BCryptGenRandom() Function + + " +
    + [ + + OpenBSD + + ] + + + arc4random() + +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.qhelp b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.qhelp new file mode 100644 index 0000000000..fa84110011 --- /dev/null +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule MSC30-C:

    +
    +

    Do not use the rand() function for generating pseudorandom numbers

    +
    +     + + +
  • + CERT-C: + MSC30-C: Do not use the rand() function for generating pseudorandom numbers + . +
    • +     + \ No newline at end of file diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql new file mode 100644 index 0000000000..5feb7d5f99 --- /dev/null +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql @@ -0,0 +1,21 @@ +/** + * @id c/cert/rand-used-for-generating-pseudorandom-numbers + * @name MSC30-C: Do not use the rand() function for generating pseudorandom numbers + * @description rand() shall not be used to generate pseudorandom numbers. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc30-c + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers + +class RandUsedForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { + RandUsedForGeneratingPseudorandomNumbersQuery() { + this = MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() + } +} diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators-standard.qhelp b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators-standard.qhelp new file mode 100644 index 0000000000..ee66852ba9 --- /dev/null +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators-standard.qhelp @@ -0,0 +1,425 @@ + + +
    +

    A pseudorandom number generator (PRNG) is a deterministic algorithm capable of generating sequences of numbers that approximate the properties of random numbers. Each sequence is completely determined by the initial state of the PRNG and the algorithm for changing the state. Most PRNGs make it possible to set the initial state, also called the seed state. Setting the initial state is called seeding the PRNG.

    +

    Calling a PRNG in the same initial state, either without seeding it explicitly or by seeding it with the same value, results in generating the same sequence of random numbers in different runs of the program. Consider a PRNG function that is seeded with some initial seed value and is consecutively called to produce a sequence of random numbers, S. If the PRNG is subsequently seeded with the same initial seed value, then it will generate the same sequence S.

    +

    As a result, after the first run of an improperly seeded PRNG, an attacker can predict the sequence of random numbers that will be generated in the future runs. Improperly seeding or failing to seed the PRNG can lead to vulnerabilities, especially in security protocols.

    +

    The solution is to ensure that the PRNG is always properly seeded. A properly seeded PRNG will generate a different sequence of random numbers each time it is run.

    +

    Not all random number generators can be seeded. True random number generators that rely on hardware to produce completely unpredictable results do not need to be and cannot be seeded. Some high-quality PRNGs, such as the /dev/random device on some UNIX systems, also cannot be seeded. This rule applies only to algorithmic pseudorandom number generators that can be seeded.

    +
    +
    +

    This noncompliant code example generates a sequence of 10 pseudorandom numbers using the random() function. When random() is not seeded, it behaves like rand(), producing the same sequence of random numbers each time any program that uses it is run.

    + #include <stdio.h> +#include <stdlib.h> +  +void func(void) { + for (unsigned int i = 0; i < 10; ++i) { + /* Always generates the same sequence */ + printf("%ld, ", random()); + } +} +

    The output is as follows:

    + 1st run: 1804289383, 846930886, 1681692777, 1714636915, 1957747793, 424238335, 719885386, 1649760492, 596516649, + 1189641421, +2nd run: 1804289383, 846930886, 1681692777, 1714636915, 1957747793, 424238335, 719885386, 1649760492, 596516649, + 1189641421, +... +nth run: 1804289383, 846930886, 1681692777, 1714636915, 1957747793, 424238335, 719885386, 1649760492, 596516649, + 1189641421, +
    +
    +

    Call srandom() before invoking random() to seed the random sequence generated by random(). This compliant solution produces different random number sequences each time the function is called, depending on the resolution of the system clock:

    + #include <stdio.h> +#include <stdlib.h> +#include <time.h> +  +void func(void) { + struct timespec ts; + if (timespec_get(&ts, TIME_UTC) == 0) { + /* Handle error */ + } else { + srandom(ts.tv_nsec ^ ts.tv_sec); + for (unsigned int i = 0; i < 10; ++i) { + /* Generates different sequences at different runs */ +  printf("%ld, ", random()); + } + } +} + +

    The output is as follows:

    + 1st run: 198682410, 2076262355, 910374899, 428635843, 2084827500, 1558698420, 4459146, 733695321, 2044378618, 1649046624, +2nd run: 1127071427, 252907983, 1358798372, 2101446505, 1514711759, 229790273, 954268511, 1116446419, 368192457, + 1297948050, +3rd run: 2052868434, 1645663878, 731874735, 1624006793, 938447420, 1046134947, 1901136083, 418123888, 836428296, + 2017467418, +

    This may not be sufficiently random for concurrent execution, which may lead to correlated generated series in different threads. Depending on the application and the desired level of security, a programmer may choose alternative ways to seed PRNGs. In general, hardware is more capable than software of generating real random numbers (for example, by sampling the thermal noise of a diode).

    +
    +
    +

    The BCryptGenRandom() function does not run the risk of not being properly seeded because its arguments serve as seeders:

    + #include <stdio.h> +#include <Windows.h> +#include <Bcrypt.h> +#include <Ntstatus.h> +#include <Wincrypt.h> + +void func(void) { + BCRYPT_ALG_HANDLE hAlgorithm = NULL; + long rand_buf; + PUCHAR pbBuffer = (PUCHAR) &rand_buf; + ULONG cbBuffer = sizeof(rand_buf); + ULONG dwFlags = BCRYPT_USE_SYSTEM_PREFERRED_RNG; + NTSTATUS status; + for (unsigned int i = 0; i < 10; ++i) { + status = BCryptGenRandom(hAlgorithm, pbBuffer, cbBuffer, dwFlags); + if (status == STATUS_SUCCESS) { + printf("%ld, ", rand_buf); + } else { + /* Handle Error */ + } + } +} + +

    The output is as follows:

    + 1st run: -683378946, 1957231690, 1933176011, -1745403355, -883473417, 882992405, 169629816, 1824800038, 899851668, 1702784647, +2nd run: -58750553, -1921870721, -1973269161, 1512649964, -673518452, 234003619, -1622633366, 1312389688, -2125631172, 2067680022, +3rd run: -189899579, 1220698973, 752205360, -1826365616, 79310867, 1430950090, -283206168, -941773185, 129633665, 543448789, +
    +
    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + MSC32-C + + Medium + + Likely + + Low + + P18 + + L1 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + + Supported, but no explicit checker +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-MSC32 + +
    + + Helix QAC + + + 2022.1 + + C5031 + C++5036 + +
    + + Klocwork + + + 2022.1 + + CERT.MSC.SEED_RANDOM + +
    + + PC-lint Plus + + + 1.4 + + 2460, 2461, 2760 + + Fully supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule MSC32-C + + + Checks for: + Deterministic random output from constant seedeterministic random output from constant seed, predictable random output from predictable seedredictable random output from predictable seed. + Rule fully covered. +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-MSC32-d + + Properly seed pseudorandom number generators +
    + + PRQA QA-C + + + 9.7 + + 5031  + +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C Secure Coding Standard + + + + MSC30-C. Do not use the rand() function for generating pseudorandom numbers + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT C + + + + MSC51-CPP. Ensure your random number generator is properly seeded + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-327 + + , Use of a Broken or Risky Cryptographic Algorithm + + 2017-05-16: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-330 + + , Use of Insufficiently Random Values + + 2017-06-28: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-331 + + , Insufficient Entropy + + 2017-06-28: CERT: Exact +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-327 and MSC32-C

    +
      +
    • Intersection( MSC30-C, MSC32-C) = Ø
      • +
    +
      +
    • MSC32-C says to properly seed pseudorandom number generators. For example, if you call rand(), make sure to seed it properly by calling srand() first. So far, we haven’t found any calls to rand().
      • +
    +
      +
    • Failure to seed a PRNG causes it to produce reproducible (hence insecure) series of random numbers.
      • +
    +
      +
    • CWE-327 = Union( MSC32-C, list) where list =
      • +
    +
      +
    • Invocation of broken/risky crypto algorithms that are not properly seeded
      • +
    +

    CWE-330 and MSC32-C

    +

    Independent( MSC30-C, MSC32-C, CON33-C)

    +

    CWE-330 = Union( MSC30-C, MSC32-C, CON33-C, list) where list = other improper use or creation of random values. (EG the would qualify)

    +

    MSC30-C, MSC32-C and CON33-C are independent, they have no intersections. They each specify distinct errors regarding PRNGs.

    +
    +
    + + + + + + + +
    + [ + + MSDN + + ] + + " + + BCryptGenRandom() Function + + " +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qhelp b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qhelp new file mode 100644 index 0000000000..70be073e93 --- /dev/null +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule MSC32-C:

    +
    +

    Properly seed pseudorandom number generators

    +
    +     + + +
  • + CERT-C: + MSC32-C: Properly seed pseudorandom number generators + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql new file mode 100644 index 0000000000..b175dd5fa2 --- /dev/null +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql @@ -0,0 +1,44 @@ +/** + * @id c/cert/properly-seed-pseudorandom-number-generators + * @name MSC32-C: Properly seed pseudorandom number generators + * @description Improperly seeded random number generators can lead to insecure code. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc32-c + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +/** Defines a class that models function calls to srandom() */ +class SRandomCall extends FunctionCall { + SRandomCall(){ + getTarget().hasGlobalOrStdName("srandom") + } + + /** Holds if the call is not obviously trivial. */ + predicate isTrivial(){ + getArgument(0) instanceof Literal + } +} + +from FunctionCall fc +where + not isExcluded(fc, MiscPackage::properlySeedPseudorandomNumberGeneratorsQuery()) and + + // find all calls to random() + fc.getTarget().hasGlobalOrStdName("random") and + + // where there isn't a call to srandom that comes before it that is + // non-trivial + not exists(SRandomCall sr | + // normally we would want to do this in reverse --- but srandom() is + // not pure and the order does not matter. + sr.getASuccessor*() = fc and not sr.isTrivial() + ) + + +select fc, "Call to `random()` without a valid call to `srandom()`." diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction-standard.qhelp b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction-standard.qhelp new file mode 100644 index 0000000000..08dadda262 --- /dev/null +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction-standard.qhelp @@ -0,0 +1,524 @@ + + +
    +

    If control reaches the closing curly brace (}) of a non-void function without evaluating a return statement, using the return value of the function call is undefined behavior. (See undefined behavior 88.)

    +
    +
    +

    In this noncompliant code example, control reaches the end of the checkpass() function when the two strings passed to strcmp() are not equal, resulting in undefined behavior. Many compilers will generate code for the checkpass() function, returning various values along the execution path where no return statement is defined.

    + #include <string.h> +#include <stdio.h> +  +int checkpass(const char *password) { + if (strcmp(password, "pass") == 0) { + return 1; + } +} + +void func(const char *userinput) { + if (checkpass(userinput)) { + printf("Success\n"); + } +} +

    This error is frequently diagnosed by compilers. (See MSC00-C. Compile cleanly at high warning levels.)

    +
    +
    +

    This compliant solution ensures that the checkpass() function always returns a value:

    + #include <string.h> +#include <stdio.h> +  +int checkpass(const char *password) { + if (strcmp(password, "pass") == 0) { + return 1; + } + return 0; +} + +void func(const char *userinput) { + if (checkpass(userinput)) { + printf("Success!\n"); + } +} +
    +
    +

    In this noncompliant code example, control reaches the end of the getlen() function when input does not contain the integer delim. Because the potentially undefined return value of getlen() is later used as an index into an array, a buffer overflow may occur.

    + #include <stddef.h> +  +size_t getlen(const int *input, size_t maxlen, int delim) { + for (size_t i = 0; i < maxlen; ++i) { + if (input[i] == delim) { + return i; + } + } +} +  +void func(int userdata) { + size_t i; + int data[] = { 1, 1, 1 }; + i = getlen(data, sizeof(data), 0); + data[i] = userdata; +} +

    Implementation Details (GCC)

    +

    Violating this rule can have unexpected consequences, as in the following example:

    + #include <stdio.h> + +size_t getlen(const int *input, size_t maxlen, int delim) { + for (size_t i = 0; i < maxlen; ++i) { + if (input[i] == delim) { + return i; + } + } +} + +int main(int argc, char **argv) { + size_t i; + int data[] = { 1, 1, 1 }; + + i = getlen(data, sizeof(data), 0); + printf("Returned: %zu\n", i); + data[i] = 0; + + return 0; +} +

    When this program is compiled with -Wall on most versions of the GCC compiler, the following warning is generated:

    + example.c: In function 'getlen': +example.c:12: warning: control reaches end of non-void function + +

    None of the inputs to the function equal the delimiter, so when run with GCC 5.3 on Linux, control reaches the end of the getlen() function, which is undefined behavior and in this test returns 3, causing an out-of-bounds write to the data array.

    +
    +
    +

    This compliant solution changes the interface of getlen() to store the result in a user-provided pointer and returns a status indicator to report success or failure. The best method for handling this type of error is specific to the application and the type of error. (See ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy for more on error handling.)

    + #include <stddef.h> +  +int getlen(const int *input, size_t maxlen, int delim, +  size_t *result) { + if (result == NULL) { + return -1; + } + for (size_t i = 0; i < maxlen; ++i) { + if (input[i] == delim) { + *result = i; + return 0; + } + } + return -1; +} + +void func(int userdata) { + size_t i; + int data[] = {1, 1, 1}; + if (getlen(data, sizeof(data), 0, &i) != 0) { + /* Handle error */ + } else { + data[i] = userdata; + } +} + +
    +
    +

    MSC37-C-EX1: According to the C Standard, 5.1.2.2.3, paragraph 1 [ISO/IEC 9899:2011], "Reaching the } that terminates the main function returns a value of 0." As a result, it is permissible for control to reach the end of the main() function without executing a return statement.

    +

    MSC37-C-EX2: It is permissible for a control path to not return a value if that code path is never taken and a function marked _Noreturn is called as part of that code path. For example:

    + #include <stdio.h> +#include <stdlib.h> + +_Noreturn void unreachable(const char *msg) { + printf("Unreachable code reached: %s\n", msg); + exit(1); +} + +enum E { + One, + Two, + Three +}; + +int f(enum E e) { + switch (e) { + case One: return 1; + case Two: return 2; + case Three: return 3; + } + unreachable("Can never get here"); +} +
    +
    +

    Using the return value from a non-void function where control reaches the end of the function without evaluating a return statement can lead to buffer overflow vulnerabilities as well as other unexpected program behaviors.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + MSC37-C + + High + + Unlikely + + Low + + P9 + + L2 +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + return-implicit + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-MSC37 + +
    + + CodeSonar + + + 6.2p0 + + LANG.STRUCT.MRS + + Missing return statement +
    + + Coverity + + + 2017.07 + + MISSING_RETURN + + Implemented +
    + + Helix QAC + + + 2022.1 + + C2888 + C++2888, C++4022 + +
    + + Klocwork + + + 2022.1 + + FUNCRET.GEN + FUNCRET.IMPLICIT + +
    + + LDRA tool suite + + + 9.7.1 + + 2 D, 36 S, 66 S + + Fully implemented +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-MSC37-a + + All exit paths from a function with non-void return type shall have an explicit return statement with an expression +
    + + PC-lint Plus + + + 1.4 + + 533 + + Fully supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule MSC37-C + + + Checks for missing return statement (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 2888 + +
    + + PRQA QA-C++ + + + 4.4 + + 2888, 4022  + +
    + + RuleChecker + + + 20.10 + + return-implicit + + Fully checked +
    + + SonarQube C/C++ Plugin + + + 3.11 + + S935 + +
    + + TrustInSoft Analyzer + + + 1.38 + + Body of function falls-through + + Exhaustively verified. +
    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C Secure Coding Standard + + + + MSC01-C. Strive for logical completeness + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-758 + + + 2017-07-07: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-758 and MSC37-C

    +

    Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)

    +

    CWE-758 = Union( MSC37-C, list) where list =

    +

    Undefined behavior that results from anything other than failing to return a value from a function that expects one

    +
    +
    + + + + + + + +
    + [ + + ISO/IEC 9899:2011 + + ] + + 5.1.2.2.3, "Program Termination" +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.qhelp b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.qhelp new file mode 100644 index 0000000000..28a45a9317 --- /dev/null +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule MSC37-C:

    +
    +

    Ensure that control never reaches the end of a non-void function

    +
    +     + + +
  • + CERT-C: + MSC37-C: Ensure that control never reaches the end of a non-void function + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql new file mode 100644 index 0000000000..2f141417bf --- /dev/null +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql @@ -0,0 +1,22 @@ +/** + * @id c/cert/control-flow-reaches-the-end-of-a-non-void-function + * @name MSC37-C: Ensure that control never reaches the end of a non-void function + * @description Non-void functions that end without an explicit return can produce unpredictable + * results. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc37-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn + +class ControlFlowReachesTheEndOfANonVoidFunctionQuery extends NonVoidFunctionDoesNotReturnSharedQuery { + ControlFlowReachesTheEndOfANonVoidFunctionQuery() { + this = MiscPackage::controlFlowReachesTheEndOfANonVoidFunctionQuery() + } +} diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals-standard.qhelp b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals-standard.qhelp new file mode 100644 index 0000000000..458fbe3f7d --- /dev/null +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals-standard.qhelp @@ -0,0 +1,33 @@ + + +
    +
      +
    • required
      • +
    • implementation
      • +
    • automated
      • +
    +
    + +
    +

    + ... +

    + +
    + +
    +

    + ... +

    +
    + + + + + +
    +
      +
    • ...
      • +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qhelp b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qhelp new file mode 100644 index 0000000000..9d78ccdf9d --- /dev/null +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule STR30-C:

    +
    +

    Do not attempt to modify string literals

    +
    +     + + +
  • + CERT-C: + STR30-C: Do not attempt to modify string literals + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql new file mode 100644 index 0000000000..b26cc1a040 --- /dev/null +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql @@ -0,0 +1,154 @@ +/** + * @id c/cert/do-not-attempt-to-modify-string-literals + * @name STR30-C: Do not attempt to modify string literals + * @description Modifying a string literal can produce unexpected effects. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/str30-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.security.BufferWrite +import semmle.code.cpp.dataflow.DataFlow + +/** + * Class that includes into `BufferWrite` functions that will modify their + * first argument. This is an extension of `BufferWrite` which covers the case + * of opaque writes via library functions. + */ +class ModifiesFirstArgFunction extends BufferWrite, FunctionCall { + Expr modifiedExpr; + + ModifiesFirstArgFunction() { + getTarget().getName() = ["mkstemp", "memset", "memcpy", "memmove"] and + getArgument(0) = modifiedExpr + } + + override Type getBufferType() { none() } + + override Expr getDest() { result = modifiedExpr } +} + +/** + * Models a dataflow wherein a source is either a implicit or explicit string + * literal that is assigned to a non modifiable type or wherein the string + * literal arises as a argument to a function that may modify its argument. + */ +class ImplicitOrExplicitStringLiteralModifiedConfiguration extends DataFlow::Configuration { + ImplicitOrExplicitStringLiteralModifiedConfiguration() { + this = "ImplicitOrExplicitStringLiteralModifiedConfiguration" + } + + override predicate isSource(DataFlow::Node node) { + // usage through variables + exists(Variable v | + v.getAnAssignedValue() = node.asExpr() and + ( + node.asExpr() instanceof ImplicitStringLiteral or + node.asExpr() instanceof StringLiteralOrConstChar + ) and + v.getType().getUnderlyingType() instanceof CharPointerType + ) + or + // direct usage of string literals as function parameters + exists(BufferWrite bw | + bw.getDest() = node.asExpr() and + ( + node.asExpr() instanceof ImplicitStringLiteral or + node.asExpr() instanceof StringLiteralOrConstChar + ) + ) + } + + override predicate isSink(DataFlow::Node node) { + // it's either a buffer write of some kind that we + // know about + exists(BufferWrite bw | bw.getDest() = node.asExpr()) + or + // or it is a direct assignment of some kind - including reassignment of the pointer + exists(AssignExpr aexp | aexp.getLValue().(ArrayExpr).getArrayBase() = node.asExpr()) + or + exists(AssignExpr aexp | aexp.getLValue().(PointerDereferenceExpr).getOperand() = node.asExpr()) + } +} + +class MaybeReturnsStringLiteralFunctionCall extends FunctionCall { + MaybeReturnsStringLiteralFunctionCall() { + getTarget().getName() in [ + "strpbrk", "strchr", "strrchr", "strstr", "wcspbrk", "wcschr", "wcsrchr", "wcsstr", + "memchr", "wmemchr" + ] + } +} + +class ImplicitStringLiteral extends Expr { + ImplicitStringLiteral() { + exists(MaybeReturnsStringLiteralFunctionCall fc, Variable e | + e.getAnAssignedValue() = fc and + this = fc and + // additionally, we require that the first argument is either an explicit + // or implicit string literal + ( + // directly a string literal + fc.getArgument(0) instanceof StringLiteralOrConstChar + or + // a string literal flows into it + exists(StringLiteralOrConstChar sl | + DataFlow::localFlow(DataFlow::exprNode(sl), DataFlow::exprNode(fc.getArgument(0))) + ) + or + // or a base flows into it + exists(ImplicitStringLiteralBase base | + DataFlow::localFlow(DataFlow::exprNode(base), DataFlow::exprNode(fc.getArgument(0))) + ) + ) + ) + } +} + +class StringLiteralOrConstChar extends Expr { + StringLiteralOrConstChar() { + this instanceof StringLiteral + or + getUnspecifiedType() instanceof CharPointerType and + getType().(PointerType).getBaseType().isConst() + } +} + +/** + * Since it is possible to produce an implicit literal by either + * an explicit literal being passed to one of these functions this + * class exists to establish the "base" type, that is an explicit + * string literal passed or flowing into the first argument. The other + * Implicit string literal class will then check to see if it is inductively + * an implicit string literal. + */ +class ImplicitStringLiteralBase extends Expr { + ImplicitStringLiteralBase() { + exists(MaybeReturnsStringLiteralFunctionCall fc, Variable e | + e.getAnAssignedValue() = fc and + this = fc and + // it either directly gets a string literal or one via flow + ( + fc.getArgument(0) instanceof StringLiteralOrConstChar or + exists(StringLiteralOrConstChar sl | + DataFlow::localFlow(DataFlow::exprNode(sl), DataFlow::exprNode(fc.getArgument(0))) + ) + ) + ) + } +} + +from Expr literal, Expr literalWrite, ImplicitOrExplicitStringLiteralModifiedConfiguration config +where + not isExcluded(literal, Strings1Package::doNotAttemptToModifyStringLiteralsQuery()) and + not isExcluded(literalWrite, Strings1Package::doNotAttemptToModifyStringLiteralsQuery()) and + config.hasFlow(DataFlow::exprNode(literal), DataFlow::exprNode(literalWrite)) +select literalWrite, + "This operation may write to a string that may be a string literal that was $@.", literal, + "created here" diff --git a/c/cert/src/rules/STR30-C/standard-example.c b/c/cert/src/rules/STR30-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator-standard.qhelp b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator-standard.qhelp new file mode 100644 index 0000000000..458fbe3f7d --- /dev/null +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator-standard.qhelp @@ -0,0 +1,33 @@ + + +
    +
      +
    • required
      • +
    • implementation
      • +
    • automated
      • +
    +
    + +
    +

    + ... +

    + +
    + +
    +

    + ... +

    +
    + + + + + +
    +
      +
    • ...
      • +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qhelp b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qhelp new file mode 100644 index 0000000000..4cd91b96b8 --- /dev/null +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule STR31-C:

    +
    +

    Guarantee that storage for strings has sufficient space for character data and the null terminator

    +
    +     + + +
  • + CERT-C: + STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql new file mode 100644 index 0000000000..24e55f80d3 --- /dev/null +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql @@ -0,0 +1,67 @@ +/** + * @id c/cert/strings-has-sufficient-space-for-the-null-terminator + * @name STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator + * @description Many library functions in the C standard library assume C strings are null + * terminated and failing to null terminate strings may lead to unpredictable program + * behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/str31-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.internal.TaintTrackingUtil +import codingstandards.cpp.PossiblyUnsafeStringOperation + +/** + * Models a class of function calls that are unsafe. + */ +class PossiblyUnsafeStringFunctionCall extends FunctionCall { + PossiblyUnsafeStringFunctionCall() { getTarget().getName() = ["gets", "getchar"] } +} + +/** + * Models a family of expression that produce results that are + * potentially unbounded. + */ +class PossiblyUnboundedExpr extends Expr { + PossiblyUnboundedExpr() { + // argv + exists(Function f | + f.hasName("main") and + this = f.getParameter(1).getAnAccess() + ) + or + // getenv + exists(FunctionCall fc | + fc.getTarget().hasName("getenv") and + this = fc + ) + } +} + +from Expr e +where + not isExcluded(e, Strings1Package::stringsHasSufficientSpaceForTheNullTerminatorQuery()) and + e instanceof PossiblyUnsafeStringOperation + or + e instanceof PossiblyUnsafeStringFunctionCall + or + exists(CharArrayInitializedWithStringLiteral cl | + cl.getContainerLength() <= cl.getStringLiteralLength() and + TaintTracking::localTaint(DataFlow::exprNode(cl), DataFlow::exprNode(e)) + ) + or + e instanceof PossiblyUnboundedExpr and + exists(FunctionCall fc | + fc.getTarget() instanceof StandardCStringFunction and + TaintTracking::localTaint(DataFlow::exprNode(e), DataFlow::exprNode(fc.getAnArgument())) + ) +select e, + "Expression produces or consumes a string that may not have sufficient space for a null-terminator." diff --git a/c/cert/src/rules/STR31-C/standard-example.c b/c/cert/src/rules/STR31-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString-standard.qhelp b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString-standard.qhelp new file mode 100644 index 0000000000..458fbe3f7d --- /dev/null +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString-standard.qhelp @@ -0,0 +1,33 @@ + + +
    +
      +
    • required
      • +
    • implementation
      • +
    • automated
      • +
    +
    + +
    +

    + ... +

    + +
    + +
    +

    + ... +

    +
    + + + + + +
    +
      +
    • ...
      • +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qhelp b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qhelp new file mode 100644 index 0000000000..c1f38a0a52 --- /dev/null +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule STR32-C:

    +
    +

    Do not pass a non-null-terminated character sequence to a library function that expects a string

    +
    +     + + +
  • + CERT-C: + STR32-C: Do not pass a non-null-terminated character sequence to a library function that expects a string + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql new file mode 100644 index 0000000000..a65e7958be --- /dev/null +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql @@ -0,0 +1,75 @@ +/** + * @id c/cert/non-null-terminated-to-function-that-expects-a-string + * @name STR32-C: Do not pass a non-null-terminated character sequence to a library function that expects a string + * @description Passing a string that is not null-terminated can lead to unpredictable program + * behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/str32-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Naming +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.internal.TaintTrackingUtil +import codingstandards.cpp.PossiblyUnsafeStringOperation + +/** + * Models a function that is part of the standard library that expects a + * null-terminated string as an argument. Note that most standard library + * functions expect this; as a simplifying assumption we assume that a flow + * into these functions implies such a usage. + */ +class ExpectsNullTerminatedStringAsArgumentFunctionCall extends FunctionCall { + Expr e; + + ExpectsNullTerminatedStringAsArgumentFunctionCall() { + Naming::Cpp14::hasStandardLibraryFunctionName(getTarget().getName()) and + exists(Type t | + e = getAnArgument() and + t = getTarget().getAParameter().getType().(DerivedType).getBaseType*() and + (t instanceof CharType or t instanceof Wchar_t) + ) + } + + /** + * This predicate will produce a result equal to any argument of a function + * that expects null-terminated strings. + */ + Expr getAnExpectingExpr() { result = e } +} + +from ExpectsNullTerminatedStringAsArgumentFunctionCall fc, Expr e, Expr target +where + target = fc.getAnExpectingExpr() and + not isExcluded(fc, Strings1Package::nonNullTerminatedToFunctionThatExpectsAStringQuery()) and + ( + exists(PossiblyUnsafeStringOperation op | + // don't report violations of the same function call. + not op = fc and + e = op and + TaintTracking::localTaint(DataFlow::exprNode(op.getAnArgument()), DataFlow::exprNode(target)) + ) + or + exists(CharArrayInitializedWithStringLiteral op | + e = op and + op.getContainerLength() <= op.getStringLiteralLength() and + TaintTracking::localTaint(DataFlow::exprNode(op), DataFlow::exprNode(target)) + ) + ) and + // don't report cases flowing to this node where there is a flow from a + // literal assignment of a null terminator + not exists(AssignExpr aexp | + aexp.getLValue() instanceof ArrayExpr and + aexp.getRValue() instanceof Zero and + TaintTracking::localTaint(DataFlow::exprNode(aexp.getRValue()), DataFlow::exprNode(target)) and + // this must be AFTER the operation causing the non-null termination to be valid. + aexp.getAPredecessor*() = e + ) +select fc, "String modified by $@ is passed to function expecting a null-terminated string.", e, + "this expression" diff --git a/c/cert/src/rules/STR32-C/standard-example.c b/c/cert/src/rules/STR32-C/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 2ff75c7471..dfe16b190e 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: cert-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected index 50449f4a2f..f131146842 100644 --- a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected @@ -1,5 +1,5 @@ -| test.c:4:20:4:26 | * ... | A FILE object is being copied. | -| test.c:11:21:11:30 | * ... | A FILE object is being copied. | -| test.c:17:21:17:31 | * ... | A FILE object is being copied. | -| test.c:23:15:23:21 | * ... | A FILE object is being copied. | -| test.c:36:19:36:28 | * ... | A FILE object is being copied. | +| test.c:10:20:10:26 | * ... | A FILE object is being copied. | +| test.c:17:21:17:30 | * ... | A FILE object is being copied. | +| test.c:23:21:23:31 | * ... | A FILE object is being copied. | +| test.c:29:15:29:21 | * ... | A FILE object is being copied. | +| test.c:42:19:42:28 | * ... | A FILE object is being copied. | \ No newline at end of file diff --git a/c/cert/test/rules/FIO38-C/test.c b/c/cert/test/rules/FIO38-C/test.c index f1b3f616ca..0f0eb111ac 100644 --- a/c/cert/test/rules/FIO38-C/test.c +++ b/c/cert/test/rules/FIO38-C/test.c @@ -1,4 +1,10 @@ #include +#if !defined(__DEFINED_struct__IO_FILE) +struct _IO_FILE { + char __x; +}; +#define __DEFINED_struct__IO_FILE +#endif int f1(void) { FILE my_stdout = *stdout; // NON_COMPLIANT diff --git a/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref b/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref new file mode 100644 index 0000000000..31cba60b74 --- /dev/null +++ b/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.expected b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.expected new file mode 100644 index 0000000000..f905fb4559 --- /dev/null +++ b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.expected @@ -0,0 +1,3 @@ +| test.c:6:19:6:24 | call to random | Call to `random()` without a valid call to `srandom()`. | +| test.c:18:19:18:24 | call to random | Call to `random()` without a valid call to `srandom()`. | +| test.c:25:19:25:24 | call to random | Call to `random()` without a valid call to `srandom()`. | diff --git a/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qlref b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qlref new file mode 100644 index 0000000000..c00a554d47 --- /dev/null +++ b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qlref @@ -0,0 +1 @@ +rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC32-C/test.c b/c/cert/test/rules/MSC32-C/test.c new file mode 100644 index 0000000000..c147bc1e96 --- /dev/null +++ b/c/cert/test/rules/MSC32-C/test.c @@ -0,0 +1,26 @@ +#include +#include +#include + +void f1(void) { + printf("%ld, ", random()); // NON_COMPLIANT +} + +void f2(void) { + struct timespec ts; + timespec_get(&ts, TIME_UTC); + srandom(ts.tv_nsec ^ ts.tv_sec); + printf("%ld, ", random()); // COMPLIANT +} + +void f3(void) { + srandom(1); + printf("%ld, ", random()); // NON_COMPLIANT +} + +#define SEED 100 + +void f4(void) { + srandom(SEED); + printf("%ld, ", random()); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/cert/test/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.testref b/c/cert/test/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.testref new file mode 100644 index 0000000000..6ddd134ce3 --- /dev/null +++ b/c/cert/test/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.testref @@ -0,0 +1 @@ +c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected new file mode 100644 index 0000000000..27ef66bc7a --- /dev/null +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -0,0 +1,53 @@ +| test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | +| test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | +| test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | +| test.c:58:3:58:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:56:13:56:18 | call to strchr | created here | +| test.c:65:6:65:6 | b | This operation may write to a string that may be a string literal that was $@. | test.c:63:7:63:13 | call to strrchr | created here | +| test.c:87:13:87:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:87:13:87:20 | codeql | created here | +| test.c:88:12:88:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:88:12:88:19 | codeql | created here | +| test.c:89:12:89:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:89:12:89:19 | codeql | created here | +| test.c:90:13:90:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:90:13:90:20 | codeql | created here | +| test.c:91:12:91:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:91:12:91:19 | codeql | created here | +| test.c:92:13:92:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:92:13:92:20 | codeql | created here | +| test.c:93:12:93:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:93:12:93:19 | codeql | created here | +| test.c:94:13:94:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:94:13:94:20 | codeql | created here | +| test.c:100:13:100:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:101:12:101:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:102:12:102:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:103:13:103:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:104:12:104:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:105:13:105:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:106:12:106:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:107:13:107:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:113:13:113:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:114:12:114:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:115:12:115:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:116:13:116:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:117:12:117:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:118:13:118:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:119:12:119:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:120:13:120:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:125:13:125:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:125:13:125:14 | aa | created here | +| test.c:126:12:126:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:126:12:126:13 | aa | created here | +| test.c:127:12:127:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:127:12:127:13 | aa | created here | +| test.c:128:13:128:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:128:13:128:14 | aa | created here | +| test.c:129:12:129:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:129:12:129:13 | aa | created here | +| test.c:130:13:130:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:130:13:130:14 | aa | created here | +| test.c:131:12:131:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:131:12:131:13 | aa | created here | +| test.c:132:13:132:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:132:13:132:14 | aa | created here | +| test.c:137:11:137:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:138:10:138:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:139:10:139:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:140:11:140:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:141:10:141:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:142:11:142:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:143:10:143:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:144:11:144:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:154:11:154:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:155:10:155:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:156:10:156:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:157:11:157:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:158:10:158:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:159:11:159:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:160:10:160:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:161:11:161:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qlref b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qlref new file mode 100644 index 0000000000..e780711b64 --- /dev/null +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qlref @@ -0,0 +1 @@ +rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR30-C/test.c b/c/cert/test/rules/STR30-C/test.c new file mode 100644 index 0000000000..8c30592058 --- /dev/null +++ b/c/cert/test/rules/STR30-C/test.c @@ -0,0 +1,184 @@ +#include +#include + +// explicit string literals +void f1_explicit() { + char *a = "codeql"; + a[0] = 'a'; // NON_COMPLIANT +} + +void f2_explicit() { + char a[] = "codeql"; + a[0] = 'a'; // COMPLIANT +} + +void f3_explicit() { + char a[7] = "codeql"; + a[0] = 'a'; // COMPLIANT +} + +void f4_explicit() { + char *a = "codeql"; + if (a[0] == 'a') { // COMPLIANT + ; + } +} + +// implicit string literals +void f1_implicit() { + char *a = strchr("codeql", 'c'); + a[0] = 'a'; // NON_COMPLIANT +} + +void f2_implicit() { + char *a = strchr("codeql", 'c'); + char *b = strchr(a, 'c'); + b[0] = 'a'; // NON_COMPLIANT - implicitly literal +} + +void f3_implicit() { + char a_base[7]; + char *a = strchr(a_base, 'c'); + char *b = strchr(a, 'c'); + b[0] = 'a'; // COMPLIANT -- not implicitly literal +} + +void f4_implicit() { + char *a = strchr("codeql", 'c'); + if (a[0] == 'a') { // COMPLIANT + ; + } +} + +void f5_implicit() { + char *a_base = "codeql"; + char *a = strchr(a_base, 'c'); + char *b = strchr(a, 'c'); + + b[0] = 'a'; // NON_COMPLIANT - implicitly literal +} + +void f7_implicit(const char *a) { + char *b; + b = strrchr(a, 'c'); + if (b) { + *b = '\0'; // NON_COMPLIANT + } +} + +// local scope +void f5_local(const char *aa) { + + // allowed cases + { + char a[] = "codeql"; + mkstemp(a); // COMPLIANT + memset(a, '0', 100); // COMPLIANT + memcpy(a, "0", 100); // COMPLIANT + memmove(a, "0", 100); // COMPLIANT + strcat(a, "0"); // COMPLIANT + strncat(a, "0", 100); // COMPLIANT + strcpy(a, "0"); // COMPLIANT + strncpy(a, "0", 100); // COMPLIANT + } + + // explicit 1 + { + mkstemp("codeql"); // NON_COMPLIANT + memset("codeql", '0', 100); // NON_COMPLIANT + memcpy("codeql", "0", 100); // NON_COMPLIANT + memmove("codeql", "0", 100); // NON_COMPLIANT + strcat("codeql", "0"); // NON_COMPLIANT + strncat("codeql", "0", 100); // NON_COMPLIANT + strcpy("codeql", "0"); // NON_COMPLIANT + strncpy("codeql", "0", 100); // NON_COMPLIANT + } + + // explicit 2 + { + char *a = "codeql"; + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT + } + + { + // implicit + char *a = strchr("codeql", 'c'); + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT + } + + { + // implicit + mkstemp(aa); // NON_COMPLIANT + memset(aa, '0', 100); // NON_COMPLIANT + memcpy(aa, "0", 100); // NON_COMPLIANT + memmove(aa, "0", 100); // NON_COMPLIANT + strcat(aa, "0"); // NON_COMPLIANT + strncat(aa, "0", 100); // NON_COMPLIANT + strcpy(aa, "0"); // NON_COMPLIANT + strncpy(aa, "0", 100); // NON_COMPLIANT + } +} +// flow scope +void f5_flow(char *a) { + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT +} + +void f5_explicit() { + char *a = "codeql"; + f5_flow(a); + f5_flow("codeql"); +} + +void f6_flow(char *a) { + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT +} + +void f6_implicit() { + char *a = strchr("codeql", 'c'); + f6_flow(a); + f6_flow("codeql"); +} + +void f7_flow(char *a) { + mkstemp(a); // COMPLIANT + memset(a, '0', 100); // COMPLIANT + memcpy(a, "0", 100); // COMPLIANT + memmove(a, "0", 100); // COMPLIANT + strcat(a, "0"); // COMPLIANT + strncat(a, "0", 100); // COMPLIANT + strcpy(a, "0"); // COMPLIANT + strncpy(a, "0", 100); // COMPLIANT +} + +void f7_ok() { + char a[10] = "codeql"; + f7_flow(a); +} \ No newline at end of file diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected new file mode 100644 index 0000000000..d5529dd26d --- /dev/null +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -0,0 +1,7 @@ +| test.c:10:20:10:24 | Co | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:32:3:32:9 | call to strncat | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:37:7:37:10 | call to gets | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:48:14:48:19 | call to getenv | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:53:20:53:23 | argv | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qlref b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qlref new file mode 100644 index 0000000000..77925ee7ad --- /dev/null +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qlref @@ -0,0 +1 @@ +rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR31-C/test.c b/c/cert/test/rules/STR31-C/test.c new file mode 100644 index 0000000000..1abfeba84d --- /dev/null +++ b/c/cert/test/rules/STR31-C/test.c @@ -0,0 +1,58 @@ +#include +#include +#include + +char *gets(char *s); // Needs to be forward declared because it is an inherently + // dangerous function + +void f1() { + char a1_nt[7] = "CodeQL"; // COMPLIANT + char a1_nnt[3] = "Cod"; // NON_COMPLIANT + + char a1[9]; + char a2[10]; + char a9[10]; + + strncpy(a2, a1, + 5); // NON_COMPLIANT - not null terminated because n < length(src) + strncpy(a9, a1, 10); // COMPLIANT - is null terminated; n > length(src) +} + +void f2() { + char a1[10]; + char a2[10]; + + snprintf(a1, 10, "CodeQL %d", 3); // COMPLIANT - will be null terminated + snprintf(a2, 11, "CodeQL %d", + 3); // NON_COMPLIANT - will not be null terminated +} + +void f3() { + char a1[2]; + strncat(a1, "CodeQL", 5); // NON_COMPLIANT - will not be null terminated +} + +void f4() { + char s2[10]; + if (gets(s2) == NULL) { // NON_COMPLIANT + } +} + +void f5() { + char a1[100]; + char *a2 = getenv("editor"); +} + +void f6() { + char a1[100]; + char *a2 = getenv("editor"); // NON_COMPLIANT + strcpy(a1, a2); +} + +int main(int argc, char *argv[]) { + char *const a1 = argv[0]; // NON_COMPLIANT + char a2[100]; + strcpy(a2, a1); + + return 0; +} \ No newline at end of file diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected new file mode 100644 index 0000000000..bddddc6cb6 --- /dev/null +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -0,0 +1,16 @@ +| test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | +| test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | +| test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:24:3:24:8 | call to strlen | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:33:3:33:9 | call to wprintf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:30:24:30:29 | Co | this expression | +| test.c:46:3:46:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | +| test.c:47:3:47:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | +| test.c:55:3:55:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | +| test.c:56:3:56:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | +| test.c:62:3:62:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | +| test.c:63:3:63:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | +| test.c:75:3:75:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | +| test.c:76:3:76:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | +| test.c:85:3:85:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | +| test.c:86:3:86:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qlref b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qlref new file mode 100644 index 0000000000..bb2e2338e7 --- /dev/null +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qlref @@ -0,0 +1 @@ +rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR32-C/test.c b/c/cert/test/rules/STR32-C/test.c new file mode 100644 index 0000000000..288ef7e5e0 --- /dev/null +++ b/c/cert/test/rules/STR32-C/test.c @@ -0,0 +1,87 @@ +#include +#include +#include + +void f1() { + char a1_nt[7] = "CodeQL"; // is null terminated + char a1_nnt[3] = "Cod"; // is NOT null termianted + + char a1[9]; + char a2[10]; + char a9[10]; + + strncpy(a2, a1, 5); // not null terminated because n < length(src) + strncpy(a9, a1, 10); // is null terminated; n > length(src) + + printf("%s", a1_nt); // COMPLIANT + printf(a1_nt); // COMPLIANT + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + printf("%s", a2); // NON_COMPLIANT + printf(a2); // NON_COMPLIANT + strlen(a2); // NON_COMPLIANT + + printf(a9); // COMPLIANT + printf(a9); // COMPLIANT + + wchar_t wa1_nt[7] = L"CodeQL"; // is null terminated + wchar_t wa1_nnt[3] = L"Cod"; // is NOT null termianted + + wprintf(wa1_nt); // COMPLIANT + wprintf(wa1_nnt); // NON_COMPLIANT +} + +void f2() { + char a1[10]; + char a2[10]; + + snprintf(a1, 10, "CodeQL %d", 3); // will be null terminated + snprintf(a2, 11, "CodeQL %d", 3); // will not be null terminated + + printf("%s", a1); // COMPLIANT + printf(a1); // COMPLIANT + + printf("%s", a2); // NON_COMPLIANT + printf(a2); // NON_COMPLIANT +} + +void f3() { + char a1[2]; + + strncat(a1, "CodeQL", 5); // will not be null terminated + + printf(a1); // NON_COMPLIANT + printf("%s", a1); // NON_COMPLIANT +} + +void f4() { + char a1_nnt[3] = "Cod"; // is NOT null termianted + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + a1_nnt[2] = '\0'; + + printf("%s", a1_nnt); // COMPLIANT + printf(a1_nnt); // COMPLIANT +} + +f5() { + char a1_nnt[3] = "Cod"; // is NOT null termianted + char a2[10] = "CodeQL"; + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + a1_nnt[2] = '\0'; + + printf("%s", a1_nnt); // COMPLIANT + printf(a1_nnt); // COMPLIANT + + strncpy(a1_nnt, a2, 1); // not null terminated because n < length(src) + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Expr.qll b/c/common/src/codingstandards/c/Expr.qll index 200f67ff7b..eadc870486 100644 --- a/c/common/src/codingstandards/c/Expr.qll +++ b/c/common/src/codingstandards/c/Expr.qll @@ -1,25 +1,10 @@ import cpp -/* A full expression as defined in ISO/IEC 9899:2011 Annex C point 1. */ +/* A full expression as defined in ISO/IEC 9899:2011 6.8 point 4 and Annex C point 1 item 5. */ class FullExpr extends Expr { FullExpr() { - // An initializer that is not part of a compound literal (see 6.7.9). - this instanceof AssignExpr and not this.getParent+() instanceof AggregateLiteral - or - // The expression in an expression statement (see 6.8.3) - any(ExprStmt s).getExpr() = this - or - // The controlling expression of a selection statement (see 6.8.4) or - // the controlling expression of a `while`, `do`, or `for` statement (see 6.8.5) - any(ControlStructure s).getControllingExpr() = this - or - // Each of the possible optional expressions, besides the controlling expression, - // of a `for` statement (see 6.8.5.3). Note that if `clause-1` will be an expression statement if - // it is an expression and is therefore handle in the expression statement case. - any(ForStmt s).getUpdate() = this - or - // The expression in a `return` statement, if any (see 6.8.6.4) - any(ReturnStmt s).getExpr() = this + not this.getParent() instanceof Expr and + not exists(Variable v | v.getInitializer().getExpr() = this) } } diff --git a/c/common/src/codingstandards/c/Ordering.qll b/c/common/src/codingstandards/c/Ordering.qll index 14f776f93e..955cba5e50 100644 --- a/c/common/src/codingstandards/c/Ordering.qll +++ b/c/common/src/codingstandards/c/Ordering.qll @@ -64,6 +64,10 @@ module Ordering { // Note we don't strictly check if `e2` is the next to be evaluated full expression and rely on the // `isCandidate` configuration to minimze the scope or related full expressions. e1 instanceof FullExpr and e2 instanceof FullExpr + or + // The side effect of updating the stored value of the left operand is sequenced after the value computations of the left and right operands. + // See 6.5.16 + e2.(Assignment).getAnOperand().getAChild*() = e1 ) } diff --git a/c/common/src/codingstandards/c/SideEffects.qll b/c/common/src/codingstandards/c/SideEffects.qll new file mode 100644 index 0000000000..3cea568e3e --- /dev/null +++ b/c/common/src/codingstandards/c/SideEffects.qll @@ -0,0 +1,41 @@ +/** A module that implements the side effects described in 5.1.2.3 section 1 of the ISO/IEC 9899:2011 standard. */ + +import cpp +import semmle.code.cpp.security.FileWrite +import codingstandards.cpp.SideEffect +import codingstandards.cpp.sideeffect.Customizations + +private class ModifyingLocalObject extends LocalSideEffect::Range { + ModifyingLocalObject() { + this.(AssignExpr).getLValue().(VariableAccess).getTarget() instanceof LocalScopeVariable + or + this.(CrementOperation).getOperand().(VariableAccess).getTarget() instanceof LocalScopeVariable + } +} + +private class ModifyingGlobalObject extends GlobalSideEffect::Range { + ModifyingGlobalObject() { + this.(AssignExpr).getLValue().(VariableAccess).getTarget() instanceof GlobalVariable + or + this.(CrementOperation).getOperand().(VariableAccess).getTarget() instanceof GlobalVariable + } +} + +private class VolatileAccess extends GlobalSideEffect::Range, VariableAccess { + VolatileAccess() { + this.getTarget().isVolatile() and + // Exclude value computation of an lvalue expression soley used to determine the identity + // of the object. As noted in the footnote of 6.5.16 point 3 it is implementation dependend + // whether the value of the assignment expression deterived from the left operand after the assignment + // is determined by reading the object. We assume it is not for assignments that are a child of an + // expression statement because the value is not used and is required for the compliant MISRA-C:2012 case: + // `extern volatile int v; v = v & 0x80;` + not exists(ExprStmt s | s.getExpr().(Assignment).getLValue() = this) + } +} + +private class ExternalFunctionCall extends GlobalSideEffect::Range, FunctionCall { + ExternalFunctionCall() { not exists(this.getTarget().getBlock()) } +} + +private class FileWriteEffect extends ExternalSideEffect::Range, FileWrite { } diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index d5851968b6..ddab9cafc2 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-c-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/c/common/test/expr/FullExpr.expected b/c/common/test/expr/FullExpr.expected index b25672bc29..4785b90024 100644 --- a/c/common/test/expr/FullExpr.expected +++ b/c/common/test/expr/FullExpr.expected @@ -1,8 +1,9 @@ -| fullexpr.c:11:3:11:5 | ... ++ | -| fullexpr.c:13:7:13:7 | i | -| fullexpr.c:15:10:15:10 | i | -| fullexpr.c:18:12:18:12 | i | -| fullexpr.c:20:8:20:12 | ... = ... | -| fullexpr.c:20:15:20:20 | ... < ... | -| fullexpr.c:20:23:20:25 | ++ ... | -| fullexpr.c:23:10:23:10 | i | +| fullexpr.c:8:18:11:37 | temporary object | +| fullexpr.c:13:3:13:5 | ... ++ | +| fullexpr.c:15:7:15:7 | i | +| fullexpr.c:17:10:17:10 | i | +| fullexpr.c:20:12:20:12 | i | +| fullexpr.c:22:8:22:12 | ... = ... | +| fullexpr.c:22:15:22:20 | ... < ... | +| fullexpr.c:22:23:22:25 | ++ ... | +| fullexpr.c:25:10:25:10 | i | diff --git a/c/common/test/expr/fullexpr.c b/c/common/test/expr/fullexpr.c index f4229e3bd3..5384f6add2 100644 --- a/c/common/test/expr/fullexpr.c +++ b/c/common/test/expr/fullexpr.c @@ -5,8 +5,10 @@ struct foo { void full_expr() { int i; - struct foo f = (struct foo){ - .i = 0, .j = 0}; // Not a full expression, part of a compound expression. + struct foo f = (struct foo){// Compound expression is a full expression. + .i = 0, // Assignments not a full expression, part + // of a compound expression. + .j = 0}; i++; // Full expression, part of expression statement diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 7f28bccc17..35fc480d26 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-c-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-c-coding-standards extractor: cpp diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 2002dd53e5..2925a83ae7 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards diff --git a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql new file mode 100644 index 0000000000..808aa1ba7c --- /dev/null +++ b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/side-effect-and-crement-in-full-expression + * @name RULE-13-3: A full expression containing an increment (++) or decrement (--) operator should have no other + * @description A full expression containing an increment (++) or decrement (--) operator should + * have no other potential side effects other than that caused by the increment or + * decrement operator + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-13-3 + * readability + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Expr +import codingstandards.c.SideEffects + +from FullExpr e, SideEffect se, CrementOperation op +where + not isExcluded(e, SideEffects2Package::sideEffectAndCrementInFullExpressionQuery()) and + e.getAChild+() = op and + se = getASideEffect(e) and + not se instanceof CrementOperation +select e, "The full expression contains the $@ and the $@.", op, op.getOperator(), se, "side effect" diff --git a/c/misra/src/rules/RULE-13-3/standard-example.c b/c/misra/src/rules/RULE-13-3/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql b/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql new file mode 100644 index 0000000000..6867455a45 --- /dev/null +++ b/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/modification-of-function-parameter + * @name RULE-17-8: A function parameter should not be modified + * @description A function parameter behaves in the same manner as an object with automatic storage + * duration and the effects of modifying a parameter are not visible in the calling + * function. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-17-8 + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Parameter p, VariableAccess va +where + not isExcluded(va, SideEffects2Package::modificationOfFunctionParameterQuery()) and + p.getAnAccess() = va and + va.isModified() +select va, "The parameter $@ is modified.", p, p.getName() diff --git a/c/misra/src/rules/RULE-17-8/standard-example.c b/c/misra/src/rules/RULE-17-8/standard-example.c new file mode 100644 index 0000000000..e69de29bb2 diff --git a/c/misra/src/rules/RULE-20-1/standard-example.c b/c/misra/src/rules/RULE-20-1/standard-example.c new file mode 100644 index 0000000000..b52af7fb03 --- /dev/null +++ b/c/misra/src/rules/RULE-20-1/standard-example.c @@ -0,0 +1,5 @@ +#define F1_MACRO +#include "f1.h" /* Compliant */ +#include "f2.h" /* Compliant */ +int32_t i = 0; +#include "f3.h" /* Non-compliant */ \ No newline at end of file diff --git a/c/misra/src/rules/RULE-20-2/standard-example.c b/c/misra/src/rules/RULE-20-2/standard-example.c new file mode 100644 index 0000000000..cfccf247a7 --- /dev/null +++ b/c/misra/src/rules/RULE-20-2/standard-example.c @@ -0,0 +1 @@ +#include "fi'le.h" /* Non-compliant */ \ No newline at end of file diff --git a/c/misra/src/rules/RULE-20-9/standard-example.c b/c/misra/src/rules/RULE-20-9/standard-example.c new file mode 100644 index 0000000000..9ecd802b4c --- /dev/null +++ b/c/misra/src/rules/RULE-20-9/standard-example.c @@ -0,0 +1,11 @@ +#if M == 0 /* Non-compliant */ +/* Does 'M' expand to zero or is it undefined? */ +#endif +#if defined(M) /* Compliant - M is not evaluated */ +#if M == 0 /* Compliant - M is known to be defined */ +/* 'M' must expand to zero. */ +#endif +#endif +/* Compliant - B is only evaluated in ( B == 0 ) if it is defined */ +#if defined(B) && (B == 0) +#endif \ No newline at end of file diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index c91e0ca32f..87c89cb5ce 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: misra-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.expected b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.expected new file mode 100644 index 0000000000..9226e89ce0 --- /dev/null +++ b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.expected @@ -0,0 +1,4 @@ +| test.c:16:3:16:11 | ... = ... | The full expression contains the $@ and the $@. | test.c:16:8:16:11 | ... ++ | ++ | test.c:16:3:16:11 | ... = ... | side effect | +| test.c:21:7:21:23 | ... > ... | The full expression contains the $@ and the $@. | test.c:21:15:21:18 | -- ... | -- | test.c:3:19:3:20 | g1 | side effect | +| test.c:25:7:25:23 | ... > ... | The full expression contains the $@ and the $@. | test.c:25:15:25:18 | -- ... | -- | test.c:25:8:25:9 | call to f2 | side effect | +| test.c:33:3:33:28 | ... = ... | The full expression contains the $@ and the $@. | test.c:33:25:33:28 | ... ++ | ++ | test.c:33:3:33:28 | ... = ... | side effect | diff --git a/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.qlref b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.qlref new file mode 100644 index 0000000000..ab7975eb5e --- /dev/null +++ b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.qlref @@ -0,0 +1 @@ +rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-3/test.c b/c/misra/test/rules/RULE-13-3/test.c new file mode 100644 index 0000000000..6187de20b7 --- /dev/null +++ b/c/misra/test/rules/RULE-13-3/test.c @@ -0,0 +1,48 @@ + +extern volatile int g1; +int f1() { return g1 + 1; } + +extern int f2(); + +int f3() { return 1; } + +struct S1 { + int l1; +}; + +void test() { + int l1, l2; + + l2 = l1++; // NON_COMPLIANT + + int l3 = l1; + l1++; // COMPLIANT + + if ((f1() + --l1) > 0) // NON_COMPLIANT + { + } + + if ((f2() + --l1) > 0) // NON_COMPLIANT + { + } + + if ((f3() + --l1) > 0) // COMPLIANT + { + } + + l3 = (l2 == l2) ? 0 : l1++; // NON_COMPLIANT + + int l4[1] = {0}; + l4[0]++; // COMPLIANT + + struct S1 l5 = {.l1 = 0}; + l5.l1++; // COMPLIANT + + struct S1 *l6; + l6->l1++; // COMPLIANT + + int *l7 = &l1; + ++(*l7); // COMPLIANT + *l7++; // COMPLIANT + (*l7)++; // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.expected b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.expected new file mode 100644 index 0000000000..1b8c6e5ba6 --- /dev/null +++ b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.expected @@ -0,0 +1,2 @@ +| test.c:2:3:2:4 | p1 | The parameter $@ is modified. | test.c:1:13:1:14 | p1 | p1 | +| test.c:7:3:7:4 | p1 | The parameter $@ is modified. | test.c:6:14:6:15 | p1 | p1 | diff --git a/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.qlref b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.qlref new file mode 100644 index 0000000000..6d759d1579 --- /dev/null +++ b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.qlref @@ -0,0 +1 @@ +rules/RULE-17-8/ModificationOfFunctionParameter.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-8/test.c b/c/misra/test/rules/RULE-17-8/test.c new file mode 100644 index 0000000000..62e06622b0 --- /dev/null +++ b/c/misra/test/rules/RULE-17-8/test.c @@ -0,0 +1,9 @@ +void f1(int p1) { + p1 = 1; // NON_COMPLIANT +} + +int g1 = 1; +void f2(int *p1) { + p1 = &g1; // NON_COMPLIANT + *p1 = g1; // COMPLIANT +} \ No newline at end of file diff --git a/change_notes/2022-04-06-rand-refactor.md b/change_notes/2022-04-06-rand-refactor.md new file mode 100644 index 0000000000..744c3255b5 --- /dev/null +++ b/change_notes/2022-04-06-rand-refactor.md @@ -0,0 +1 @@ +- Refactored `A26-5-1` and `MSC50-CPP` to share the same query with `MSC30-C`. \ No newline at end of file diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 21a87c80cc..31eb8beee7 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql b/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql index ef14664bf9..8a377b9f65 100644 --- a/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql +++ b/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql @@ -44,5 +44,5 @@ where subclass = shadowingVariable.getDeclaringType() ) ) -select f, "Member function $@ is shadowed by $@ in derived class @a", f, f.getName(), e, +select f, "Member function $@ is shadowed by $@ in derived class $@", f, f.getName(), e, description, subclass, subclass.getName() diff --git a/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql b/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql index 4e9d5c3131..2085be5b99 100644 --- a/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql +++ b/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql @@ -27,5 +27,5 @@ where not f.isDefaulted() and not f.isCompilerGenerated() and not f.getBlock().getLocation().hasLocationInfo("", 0, 0, 0, 0) -select f, "Non-final virtual function $@ is introduced in final class @$.", f, f.getName(), +select f, "Non-final virtual function $@ is introduced in final class $@.", f, f.getName(), f.getDeclaringType(), f.getDeclaringType().getName() diff --git a/cpp/autosar/src/rules/A15-1-5/standard-example.cpp b/cpp/autosar/src/rules/A15-1-5/standard-example.cpp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql b/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql index 38872a3182..bcf5357f57 100644 --- a/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql +++ b/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql @@ -14,11 +14,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -predicate isRand(FunctionCall fc) { fc.getTarget().hasGlobalOrStdName("rand") } - -from FunctionCall fc -where - not isExcluded(fc, BannedFunctionsPackage::pseudorandomNumbersGeneratedUsingRandQuery()) and - isRand(fc) -select fc, "Use of banned function " + fc.getTarget().getQualifiedName() + "." +class PseudorandomNumbersGeneratedUsingRandQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { + PseudorandomNumbersGeneratedUsingRandQuery() { + this = BannedFunctionsPackage::pseudorandomNumbersGeneratedUsingRandQuery() + } +} diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index ec8efd6777..195698fe83 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp diff --git a/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected b/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected index 6983b4ddcb..b8fd44dc43 100644 --- a/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected +++ b/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected @@ -1 +1 @@ -| test.cpp:4:8:4:9 | f1 | Member function $@ is shadowed by $@ in derived class @a | test.cpp:4:8:4:9 | f1 | f1 | test.cpp:13:8:13:9 | f1 | this member function | test.cpp:11:7:11:13 | Derived | Derived | +| test.cpp:4:8:4:9 | f1 | Member function $@ is shadowed by $@ in derived class $@ | test.cpp:4:8:4:9 | f1 | f1 | test.cpp:13:8:13:9 | f1 | this member function | test.cpp:11:7:11:13 | Derived | Derived | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected b/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected index d16f6aee9c..7c35a98c9c 100644 --- a/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected +++ b/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected @@ -1,2 +1,2 @@ -| test.cpp:12:8:12:8 | g | Non-final virtual function $@ is introduced in final class @$. | test.cpp:12:8:12:8 | g | g | test.cpp:9:7:9:13 | Derived | Derived | -| test.cpp:14:16:14:16 | h | Non-final virtual function $@ is introduced in final class @$. | test.cpp:14:16:14:16 | h | h | test.cpp:9:7:9:13 | Derived | Derived | +| test.cpp:12:8:12:8 | g | Non-final virtual function $@ is introduced in final class $@. | test.cpp:12:8:12:8 | g | g | test.cpp:9:7:9:13 | Derived | Derived | +| test.cpp:14:16:14:16 | h | Non-final virtual function $@ is introduced in final class $@. | test.cpp:14:16:14:16 | h | h | test.cpp:9:7:9:13 | Derived | Derived | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.expected b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.expected deleted file mode 100644 index 1a3344c361..0000000000 --- a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:3:47:3:55 | call to rand | Use of banned function std::rand. | diff --git a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.qlref b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.qlref deleted file mode 100644 index 968fd714a7..0000000000 --- a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.testref b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.testref new file mode 100644 index 0000000000..31cba60b74 --- /dev/null +++ b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 26346cf48b..003fb7b7cf 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked-implementation.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp index 9e888978c1..75d7fdfc64 100644 --- a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp +++ b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked-implementation.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp index 1f8ae81b6f..808cb603e4 100644 --- a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp +++ b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions-implementation.qhelp b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp index 92b70ccf68..20b4d1923b 100644 --- a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp +++ b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads-implementation.qhelp b/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp b/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp index 0b0874bf87..ba85c19d8d 100644 --- a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp +++ b/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder-implementation.qhelp b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp index b11939010d..a5ded3d35b 100644 --- a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp +++ b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop-implementation.qhelp b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp index 0da21dcc6f..af8e3fd47e 100644 --- a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp +++ b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables-implementation.qhelp b/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp b/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp index 6daf7ea91a..af50203caa 100644 --- a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp +++ b/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex-implementation.qhelp b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp index f1b7dc7a0b..752a10d867 100644 --- a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp +++ b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit-implementation.qhelp b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp index 2438bf8d26..06299a50dd 100644 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp +++ b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert-implementation.qhelp b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp index 3731f713a4..ba1165f575 100644 --- a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp +++ b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess-implementation.qhelp b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp index 05b8fe2633..9c8ecf1ce8 100644 --- a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp +++ b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow-implementation.qhelp b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp index 09e6adb30e..10164978a5 100644 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp +++ b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges-implementation.qhelp b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp index 51cd887adb..3a2e37be8e 100644 --- a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp +++ b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers-implementation.qhelp b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp index 4dbb447a8a..4acb8354e3 100644 --- a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp +++ b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator-implementation.qhelp b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp index 5d1561f97f..27710371de 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects-implementation.qhelp b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp index 92aa867675..d2a83dd11e 100644 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp +++ b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate-implementation.qhelp b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp index a80e7888ad..e844de0b06 100644 --- a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp +++ b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable-implementation.qhelp b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp index 1030c85c27..6bf05bffe4 100644 --- a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp +++ b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction-implementation.qhelp b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp index 0928595f3f..db2fd3c761 100644 --- a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp +++ b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp index 72e29bcf7b..1e47f79818 100644 --- a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp index 692b744e35..7a4d271e5e 100644 --- a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp index d26212f76e..fb1c4bd2c9 100644 --- a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp index e6ba11db60..82a8a64a7b 100644 --- a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp index 5aab15a778..1d0dbd4c40 100644 --- a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp index 56fa858e67..1d25d68604 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp index 0cc04c2da3..11c8ba2ae3 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp index db3263896e..00e3f9dba6 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier-implementation.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp index a92d5f0842..e47ceb43db 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp +++ b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration-implementation.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp index 9c8408d47c..f6d47b4e22 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp +++ b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction-implementation.qhelp b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp index fceae59e3d..cbdf56b80c 100644 --- a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp +++ b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries-implementation.qhelp b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp index e58c04c852..ea0b927cc5 100644 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp +++ b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit-implementation.qhelp b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp index b1c4ac046f..3a93c502ff 100644 --- a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp +++ b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions-implementation.qhelp b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp index 0f1237d943..7781d75a4a 100644 --- a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp +++ b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces-implementation.qhelp b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp index 3085f98eba..7bca071087 100644 --- a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp +++ b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile-implementation.qhelp b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp index 113b3eefbe..eacdf902c1 100644 --- a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp +++ b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed-implementation.qhelp b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp index 8fa5f43910..0a909aa735 100644 --- a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp +++ b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp index b50a1bb53f..5243c6e6f9 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp index d55f61c6c1..a9ccd96a73 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp index 98f4e75388..f871c5c3f5 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp index c5a6537d4c..86efd7d17f 100644 --- a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp index b69bdc6d95..68e8276df2 100644 --- a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions-implementation.qhelp b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp index f78844a827..473f9fb2a7 100644 --- a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp +++ b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp-implementation.qhelp b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp index 4f740363af..d06a4066ae 100644 --- a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp +++ b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock-implementation.qhelp b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp index 7e9dad10c0..56ed5b76e7 100644 --- a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp +++ b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert-implementation.qhelp b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp index e440b6f961..4b3f30df6f 100644 --- a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp +++ b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications-implementation.qhelp b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp index 33d637bda5..97ddffd886 100644 --- a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp +++ b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety-implementation.qhelp b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp index 715b977b41..729647f547 100644 --- a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp +++ b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions-implementation.qhelp b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp index 304c230848..6feed00907 100644 --- a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp +++ b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting-implementation.qhelp b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp index e896263925..91102cdf0c 100644 --- a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp +++ b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries-implementation.qhelp b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp index ab2e069b43..46a5bf7c99 100644 --- a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp +++ b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible-implementation.qhelp b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp index e8390cab03..0c8a21a0e0 100644 --- a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp +++ b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference-implementation.qhelp b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp index 96bbff9709..024d2d9d5b 100644 --- a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp +++ b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber-implementation.qhelp b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp index 9fd4014c2c..a4d5567099 100644 --- a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp +++ b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments-implementation.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp index 30485d51cd..98ea01687f 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects-implementation.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp index 699dcae3ba..2e2043586f 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType-implementation.qhelp b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp index bab2733028..d4221a920e 100644 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp +++ b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp index 5c737b5cb7..61fb64f7b0 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp index e61f7fd5f9..16e28086e6 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp index 3ca2680fa0..cb380a43a5 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp index 854075684e..29ba45f75d 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp index ebaa58fa52..0050a16236 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory-implementation.qhelp b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp index 92cb07e3fa..163b713517 100644 --- a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp +++ b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert-implementation.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp index b70aed5741..30ec446462 100644 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp +++ b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert-implementation.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp index 594bededd7..c2c00bf442 100644 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp +++ b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert-implementation.qhelp b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp index 97c36b86d1..4c4bca1e51 100644 --- a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp +++ b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage-implementation.qhelp b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp index 5c75dda2fd..63512d0915 100644 --- a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp +++ b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass-implementation.qhelp b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp index 8c52759b7a..c7a9a20a8e 100644 --- a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp +++ b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass-implementation.qhelp b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp index 09bb4a5719..520541c4ed 100644 --- a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp +++ b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart-implementation.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp index d6dc4cf082..83cd57e245 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp +++ b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart-implementation.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp index 35845e58ca..c0df5abcf6 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp +++ b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart-implementation.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp index c8fa7c609e..3405f83f2a 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp +++ b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember-implementation.qhelp b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp index 5d10c114db..9c422eb68c 100644 --- a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp +++ b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries-implementation.qhelp b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp index a48b6f90f0..25f5f152eb 100644 --- a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp +++ b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference-implementation.qhelp b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp index 561708c291..47350453c2 100644 --- a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp +++ b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference-implementation.qhelp b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp index 365bf5cd85..14b0826e4f 100644 --- a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp +++ b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation-implementation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp index 70ee335874..d974ca606e 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp +++ b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation-implementation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp index 9709abc106..70f10334c2 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp +++ b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation-implementation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp index 8807a291d8..ef2663ac6f 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp +++ b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject-implementation.qhelp b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp index 4e38c3b1c0..cf87df9f2a 100644 --- a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp +++ b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition-implementation.qhelp b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp index 9e842328e5..7241204eef 100644 --- a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp +++ b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp index 6cb834b3c4..c4f28931d5 100644 --- a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp +++ b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue-implementation.qhelp b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp index 25a87e7213..3876482d71 100644 --- a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp +++ b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree-implementation.qhelp b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp index e3b5de6a2b..6038851fba 100644 --- a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp +++ b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources-implementation.qhelp b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp index 6ec536afe9..b199f60451 100644 --- a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp +++ b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors-implementation.qhelp b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp index 41775fd8d2..3155e7f4d8 100644 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp +++ b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject-implementation.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp index cd10bab2fe..3a0979f97b 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp +++ b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject-implementation.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp index 76b5d56818..1f026cc345 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp +++ b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert-implementation.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp index 802d356750..180d3837f4 100644 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp +++ b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert-implementation.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp index 93f8399f1b..d477c38ce6 100644 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp +++ b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp index 74b4259210..c9ddb67c0e 100644 --- a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp index 24b1f19164..9f878aa7c0 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp index fb683fda9a..d6125106e8 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp index 1579bf3922..1d4ae1f835 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert-implementation.qhelp b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp index ccbf2c9419..3f6689d244 100644 --- a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp +++ b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes-implementation.qhelp b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp index b9db9ba421..dbe04bcf7a 100644 --- a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp +++ b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers-implementation.qhelp b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp index 34cd311084..ae3d8bd918 100644 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp +++ b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 28467b825f..ea2f3be3e5 100644 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -12,11 +12,10 @@ import cpp import codingstandards.cpp.cert +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -predicate isRand(FunctionCall fc) { fc.getTarget().hasGlobalOrStdName("rand") } - -from FunctionCall fc -where - not isExcluded(fc, BannedFunctionsPackage::doNotUseRandForGeneratingPseudorandomNumbersQuery()) and - isRand(fc) -select fc, "Use of banned function " + fc.getTarget().getQualifiedName() + "." +class DoNotUseRandForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { + DoNotUseRandForGeneratingPseudorandomNumbersQuery() { + this = BannedFunctionsPackage::doNotUseRandForGeneratingPseudorandomNumbersQuery() + } +} diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator-implementation.qhelp b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp index 84e3c43ebc..5e7142dc63 100644 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp +++ b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert-implementation.qhelp b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp index 6b483ec441..ee98722262 100644 --- a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp +++ b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert-implementation.qhelp b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp index 626d147afc..8c0ae3f926 100644 --- a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp +++ b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction-implementation.qhelp b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp index 0090cc162e..ec6d3c36a5 100644 --- a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp +++ b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors-implementation.qhelp b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp index 5b29f05c2f..1eb3013748 100644 --- a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp +++ b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects-implementation.qhelp b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp index 4747aa95ce..a17536cd98 100644 --- a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp +++ b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor-implementation.qhelp b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp index 3f48aa04eb..6e42d3cc05 100644 --- a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp +++ b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP52-CPP/standard-example.cpp b/cpp/cert/src/rules/OOP52-CPP/standard-example.cpp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit-implementation.qhelp b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp index f2016bd3d8..a889e932bd 100644 --- a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp +++ b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment-implementation.qhelp b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp index e155b4552b..24ec825f7f 100644 --- a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp +++ b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember-implementation.qhelp b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp index 923368136f..d4118a33ef 100644 --- a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp +++ b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember-implementation.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp index 3644ad6551..4c9929ef75 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember-implementation.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp index c1ecb19027..ae912456e7 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements-implementation.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp index 95b1501a6b..0989b59e1d 100644 --- a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp +++ b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements-implementation.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp index d33ab9e086..8be1346a27 100644 --- a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp +++ b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions-implementation.qhelp b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp index a99655f0e7..e90c025f2a 100644 --- a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp +++ b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject-implementation.qhelp b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp index 641d8c9ef1..b1a12b0a47 100644 --- a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp +++ b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert-implementation.qhelp b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp index ddc7b58e1d..3280090bf2 100644 --- a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp +++ b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert-implementation.qhelp b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp index 61310c9399..2b753a2392 100644 --- a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp +++ b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer-implementation.qhelp b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp index d023c155e3..87becb82cc 100644 --- a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp +++ b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString-implementation.qhelp b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp index 9a82fa5e18..940566ee9c 100644 --- a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp +++ b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess-implementation.qhelp b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp index 421fb87c8d..f3dbea681d 100644 --- a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp +++ b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 9d0f025046..11d4756c24 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: cert-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qlref b/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qlref deleted file mode 100644 index 5c79d42038..0000000000 --- a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.testref b/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.testref new file mode 100644 index 0000000000..31cba60b74 --- /dev/null +++ b/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/MSC50-CPP/test.cpp b/cpp/cert/test/rules/MSC50-CPP/test.cpp deleted file mode 100644 index 03d820a15e..0000000000 --- a/cpp/cert/test/rules/MSC50-CPP/test.cpp +++ /dev/null @@ -1,3 +0,0 @@ -#include - -void test_use_of_rand() { int random_number = std::rand() % 10; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll b/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll index 5fbd40ae5e..ab454957e1 100644 --- a/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll +++ b/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll @@ -78,3 +78,31 @@ class PossiblyUnsafeStringOperation extends FunctionCall { ) } } + +/** + * Models a character array that is initialized with a string literal. + */ +class CharArrayInitializedWithStringLiteral extends Expr { + int stringLiteralLength; + int containerLength; + + CharArrayInitializedWithStringLiteral() { + exists(Variable v, StringLiteral sl | + v.getInitializer().getExpr() = sl and + ( + // `getValueText()` includes the quotes of the string + // this calculation is to subtract that overage. This also handles + // wide strings initialized with L"" + if sl.getValueText().charAt(0) = "L" + then sl.getValueText().length() - 3 = stringLiteralLength + else sl.getValueText().length() - 2 = stringLiteralLength + ) and + containerLength = v.getType().(ArrayType).getArraySize() and + this = sl + ) + } + + int getStringLiteralLength() { result = stringLiteralLength } + + int getContainerLength() { result = containerLength } +} diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql index 4c968ae152..bb4cabd80a 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql @@ -2,7 +2,6 @@ * @id cpp/coding-standards/invalid-deviation-permits * @name Invalid deviation permits * @description Deviation permits marked as invalid will not be applied. - * @kind problem */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql index 2004ad90f2..ec555a8a57 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql @@ -2,7 +2,6 @@ * @id cpp/coding-standards/invalid-deviations * @name Invalid deviations * @description Deviation records marked as invalid will not be applied. - * @kind problem */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll new file mode 100644 index 0000000000..c63fe7c7d2 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll @@ -0,0 +1,58 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype MiscQuery = + TRandUsedForGeneratingPseudorandomNumbersQuery() or + TProperlySeedPseudorandomNumberGeneratorsQuery() or + TControlFlowReachesTheEndOfANonVoidFunctionQuery() + +predicate isMiscQueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `randUsedForGeneratingPseudorandomNumbers` query + MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() and + queryId = + // `@id` for the `randUsedForGeneratingPseudorandomNumbers` query + "c/cert/rand-used-for-generating-pseudorandom-numbers" and + ruleId = "MSC30-C" + or + query = + // `Query` instance for the `properlySeedPseudorandomNumberGenerators` query + MiscPackage::properlySeedPseudorandomNumberGeneratorsQuery() and + queryId = + // `@id` for the `properlySeedPseudorandomNumberGenerators` query + "c/cert/properly-seed-pseudorandom-number-generators" and + ruleId = "MSC32-C" + or + query = + // `Query` instance for the `controlFlowReachesTheEndOfANonVoidFunction` query + MiscPackage::controlFlowReachesTheEndOfANonVoidFunctionQuery() and + queryId = + // `@id` for the `controlFlowReachesTheEndOfANonVoidFunction` query + "c/cert/control-flow-reaches-the-end-of-a-non-void-function" and + ruleId = "MSC37-C" +} + +module MiscPackage { + Query randUsedForGeneratingPseudorandomNumbersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `randUsedForGeneratingPseudorandomNumbers` query + TQueryC(TMiscPackageQuery(TRandUsedForGeneratingPseudorandomNumbersQuery())) + } + + Query properlySeedPseudorandomNumberGeneratorsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `properlySeedPseudorandomNumberGenerators` query + TQueryC(TMiscPackageQuery(TProperlySeedPseudorandomNumberGeneratorsQuery())) + } + + Query controlFlowReachesTheEndOfANonVoidFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `controlFlowReachesTheEndOfANonVoidFunction` query + TQueryC(TMiscPackageQuery(TControlFlowReachesTheEndOfANonVoidFunctionQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 54910ea2bc..9f5fb09566 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -4,23 +4,32 @@ import codingstandards.cpp.exclusions.RuleMetadata //** Import packages for this language **/ import IO1 import IO2 +import Misc import Preprocessor1 import SideEffects1 +import SideEffects2 +import Strings1 import Syntax /** The TQuery type representing this language * */ newtype TCQuery = TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or + TMiscPackageQuery(MiscQuery q) or TPreprocessor1PackageQuery(Preprocessor1Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or + TSideEffects2PackageQuery(SideEffects2Query q) or + TStrings1PackageQuery(Strings1Query q) or TSyntaxPackageQuery(SyntaxQuery q) /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isIO1QueryMetadata(query, queryId, ruleId) or isIO2QueryMetadata(query, queryId, ruleId) or + isMiscQueryMetadata(query, queryId, ruleId) or isPreprocessor1QueryMetadata(query, queryId, ruleId) or isSideEffects1QueryMetadata(query, queryId, ruleId) or + isSideEffects2QueryMetadata(query, queryId, ruleId) or + isStrings1QueryMetadata(query, queryId, ruleId) or isSyntaxQueryMetadata(query, queryId, ruleId) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll new file mode 100644 index 0000000000..c14446ee92 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll @@ -0,0 +1,42 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype SideEffects2Query = + TSideEffectAndCrementInFullExpressionQuery() or + TModificationOfFunctionParameterQuery() + +predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `sideEffectAndCrementInFullExpression` query + SideEffects2Package::sideEffectAndCrementInFullExpressionQuery() and + queryId = + // `@id` for the `sideEffectAndCrementInFullExpression` query + "c/misra/side-effect-and-crement-in-full-expression" and + ruleId = "RULE-13-3" + or + query = + // `Query` instance for the `modificationOfFunctionParameter` query + SideEffects2Package::modificationOfFunctionParameterQuery() and + queryId = + // `@id` for the `modificationOfFunctionParameter` query + "c/misra/modification-of-function-parameter" and + ruleId = "RULE-17-8" +} + +module SideEffects2Package { + Query sideEffectAndCrementInFullExpressionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sideEffectAndCrementInFullExpression` query + TQueryC(TSideEffects2PackageQuery(TSideEffectAndCrementInFullExpressionQuery())) + } + + Query modificationOfFunctionParameterQuery() { + //autogenerate `Query` type + result = + // `Query` type for `modificationOfFunctionParameter` query + TQueryC(TSideEffects2PackageQuery(TModificationOfFunctionParameterQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll new file mode 100644 index 0000000000..7a401ea5b3 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll @@ -0,0 +1,58 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Strings1Query = + TDoNotAttemptToModifyStringLiteralsQuery() or + TStringsHasSufficientSpaceForTheNullTerminatorQuery() or + TNonNullTerminatedToFunctionThatExpectsAStringQuery() + +predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `doNotAttemptToModifyStringLiterals` query + Strings1Package::doNotAttemptToModifyStringLiteralsQuery() and + queryId = + // `@id` for the `doNotAttemptToModifyStringLiterals` query + "c/cert/do-not-attempt-to-modify-string-literals" and + ruleId = "STR30-C" + or + query = + // `Query` instance for the `stringsHasSufficientSpaceForTheNullTerminator` query + Strings1Package::stringsHasSufficientSpaceForTheNullTerminatorQuery() and + queryId = + // `@id` for the `stringsHasSufficientSpaceForTheNullTerminator` query + "c/cert/strings-has-sufficient-space-for-the-null-terminator" and + ruleId = "STR31-C" + or + query = + // `Query` instance for the `nonNullTerminatedToFunctionThatExpectsAString` query + Strings1Package::nonNullTerminatedToFunctionThatExpectsAStringQuery() and + queryId = + // `@id` for the `nonNullTerminatedToFunctionThatExpectsAString` query + "c/cert/non-null-terminated-to-function-that-expects-a-string" and + ruleId = "STR32-C" +} + +module Strings1Package { + Query doNotAttemptToModifyStringLiteralsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotAttemptToModifyStringLiterals` query + TQueryC(TStrings1PackageQuery(TDoNotAttemptToModifyStringLiteralsQuery())) + } + + Query stringsHasSufficientSpaceForTheNullTerminatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `stringsHasSufficientSpaceForTheNullTerminator` query + TQueryC(TStrings1PackageQuery(TStringsHasSufficientSpaceForTheNullTerminatorQuery())) + } + + Query nonNullTerminatedToFunctionThatExpectsAStringQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonNullTerminatedToFunctionThatExpectsAString` query + TQueryC(TStrings1PackageQuery(TNonNullTerminatedToFunctionThatExpectsAStringQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.qll b/cpp/common/src/codingstandards/cpp/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.qll new file mode 100644 index 0000000000..d4c26ad34d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.qll @@ -0,0 +1,18 @@ +/** + * Provides a library which includes a `problems` predicate for uses of rand() + * for generating random numbers. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery extends Query { } + +Query getQuery() { result instanceof DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery } + +query predicate problems(FunctionCall fc, string message) { + not isExcluded(fc, getQuery()) and + fc.getTarget().hasGlobalOrStdName("rand") and + message = "Use of banned function " + fc.getTarget().getQualifiedName() + "." +} diff --git a/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll b/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll index dbc4d13dda..bb3fb7fad7 100644 --- a/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll +++ b/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll @@ -1,10 +1,10 @@ import cpp import codingstandards.cpp.SideEffect import codingstandards.cpp.sideeffect.Customizations -import codingstandards.cpp.Allocations -import codingstandards.cpp.Expr -import codingstandards.cpp.Variable -import semmle.code.cpp.security.FileWrite +private import codingstandards.cpp.Allocations +private import codingstandards.cpp.Expr +private import codingstandards.cpp.Variable +private import semmle.code.cpp.security.FileWrite /** A function call that performs an IO operation and thus exhibts an external side effect. */ private class IOFunctionCall extends FunctionCall, ExternalSideEffect::Range { diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index b66d6f2831..109077ece2 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: codeql-cpp diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 47f83b0926..907404ca8d 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.expected b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected similarity index 100% rename from cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.expected rename to cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql new file mode 100644 index 0000000000..05388363d1 --- /dev/null +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers diff --git a/cpp/autosar/test/rules/A26-5-1/test.cpp b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A26-5-1/test.cpp rename to cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index fbc916b8af..173ccaa1d8 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,3 @@ name: misra-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 17b683f28c..c269fe7d74 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: misra-cpp-coding-standards extractor: cpp diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index e3c48fe632..5a8be4085e 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,3 @@ name: report-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: codeql-cpp diff --git a/development_handbook.md b/development_handbook.md index acc2da6f03..2c0967afbb 100644 --- a/development_handbook.md +++ b/development_handbook.md @@ -60,7 +60,6 @@ In the repository, this will be organised as follows: / .ql .qhelp - -implementation.qhelp codeql-suites/ -default.qls ... @@ -205,7 +204,6 @@ python3 scripts/generate_rules/generate_package_files.py After running this script, the following files will be generated in the `//src/rules//` directory: - A `.ql` query file with the query metadata pre-populated, and the standard imports included. - A `.qhelp` query help file with some boilerplate text describing the purpose of the query. - - A `-implementation.qhelp` query help file with a space to enter details about the implementation of this rule in the query. In addition, the following files will be generated in the `//test/rules//` directory: - An empty `test.cpp` file. @@ -214,7 +212,7 @@ In addition, the following files will be generated in the `//tes The script can be safely re-run, except in a few notable cases listed below. Re-running the script has the following effect: - Overwrites the `.qhelp` file and `.qlref` file. - - Touches the `-implementation.qhelp`, `test.cpp` and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. + - Touches the `test.cpp` and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. - Updates the `.ql` query by overwriting the query metadata block only. The QL portion of the file is left untouched. The notable exceptions are: diff --git a/rule_packages/c/Misc.json b/rule_packages/c/Misc.json new file mode 100644 index 0000000000..8d7f515e2e --- /dev/null +++ b/rule_packages/c/Misc.json @@ -0,0 +1,66 @@ +{ + "CERT-C": { + "MSC30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "rand() shall not be used to generate pseudorandom numbers.", + "kind": "problem", + "name": "Do not use the rand() function for generating pseudorandom numbers", + "precision": "very-high", + "severity": "error", + "short_name": "RandUsedForGeneratingPseudorandomNumbers", + "shared_implementation_short_name" : "DoNotUseRandForGeneratingPseudorandomNumbers", + "tags": [ + "security" + ] + } + ], + "title": "Do not use the rand() function for generating pseudorandom numbers" + }, + "MSC32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Improperly seeded random number generators can lead to insecure code.", + "kind": "problem", + "name": "Properly seed pseudorandom number generators", + "precision": "very-high", + "severity": "error", + "short_name": "ProperlySeedPseudorandomNumberGenerators", + "tags": [ + "security" + ] + } + ], + "title": "Properly seed pseudorandom number generators", + "implementation_scope": { + "description": "This rule will be checked by looking for calls to random that are no preceded by a call to srandom(). We perform a simple check for the argument to srandom() and verify it is not a literal (or a value easily deduced to be a literal)." + } + }, + "MSC37-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Non-void functions that end without an explicit return can produce unpredictable results.", + "kind": "problem", + "name": "Ensure that control never reaches the end of a non-void function", + "precision": "very-high", + "severity": "error", + "short_name": "ControlFlowReachesTheEndOfANonVoidFunction", + "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", + "tags": [ + "correctness" + ] + } + ], + "title": "Ensure that control never reaches the end of a non-void function" + } + } +} \ No newline at end of file diff --git a/rule_packages/c/Preprocessor1.json b/rule_packages/c/Preprocessor1.json index 21ad88ea15..b93bc72731 100644 --- a/rule_packages/c/Preprocessor1.json +++ b/rule_packages/c/Preprocessor1.json @@ -37,6 +37,7 @@ "correctness" ] } + ], "title": "The # and ## preprocessor operators should not be used" }, @@ -55,7 +56,11 @@ "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", + "items": [] + } } ], "title": "The ', \" or \\ characters and the /* or // character sequences shall not occur in a header file name" @@ -76,7 +81,11 @@ "tags": [ "correctness", "readability" - ] + ], + "implementation_scope": { + "description": "This query does not detect the case where an undefined character is used but not actually evaluated, for example, as a result of the inclusion of a logical AND operator in the #if expression.", + "items": [] + } } ], "title": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be #define\ufffdd before evaluation" diff --git a/rule_packages/c/SideEffects2.json b/rule_packages/c/SideEffects2.json new file mode 100644 index 0000000000..9c8c3b71ec --- /dev/null +++ b/rule_packages/c/SideEffects2.json @@ -0,0 +1,43 @@ +{ + "MISRA-C-2012": { + "RULE-13-3": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator", + "kind": "problem", + "name": "A full expression containing an increment (++) or decrement (--) operator should have no other", + "precision": "very-high", + "severity": "warning", + "short_name": "SideEffectAndCrementInFullExpression", + "tags": [ + "readability", + "correctness" + ] + } + ], + "title": "A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator" + }, + "RULE-17-8": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A function parameter behaves in the same manner as an object with automatic storage duration and the effects of modifying a parameter are not visible in the calling function.", + "kind": "problem", + "name": "A function parameter should not be modified", + "precision": "very-high", + "severity": "warning", + "short_name": "ModificationOfFunctionParameter", + "tags": [ + "correctness" + ] + } + ], + "title": "A function parameter should not be modified" + } + } +} \ No newline at end of file diff --git a/rule_packages/c/Strings1.json b/rule_packages/c/Strings1.json new file mode 100644 index 0000000000..159034b4aa --- /dev/null +++ b/rule_packages/c/Strings1.json @@ -0,0 +1,67 @@ +{ + "CERT-C": { + "STR30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Modifying a string literal can produce unexpected effects.", + "kind": "problem", + "name": "Do not attempt to modify string literals", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotAttemptToModifyStringLiterals", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not attempt to modify string literals" + }, + "STR31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Many library functions in the C standard library assume C strings are null terminated and failing to null terminate strings may lead to unpredictable program behavior.", + "kind": "problem", + "name": "Guarantee that storage for strings has sufficient space for character data and the null terminator", + "precision": "medium", + "severity": "error", + "short_name": "StringsHasSufficientSpaceForTheNullTerminator", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Guarantee that storage for strings has sufficient space for character data and the null terminator", + "implementation_scope": { + "description": "The enforcement of this rule does not try to approximate the effects of loops and as such may not find cases where a loop operation on a string fails to null terminate a string (or causes an overflow)." + } + }, + "STR32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Passing a string that is not null-terminated can lead to unpredictable program behavior.", + "kind": "problem", + "name": "Do not pass a non-null-terminated character sequence to a library function that expects a string", + "precision": "medium", + "severity": "error", + "short_name": "NonNullTerminatedToFunctionThatExpectsAString", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not pass a non-null-terminated character sequence to a library function that expects a string" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/BannedFunctions.json b/rule_packages/cpp/BannedFunctions.json index 2ea991c641..a6b37765dd 100644 --- a/rule_packages/cpp/BannedFunctions.json +++ b/rule_packages/cpp/BannedFunctions.json @@ -62,6 +62,7 @@ "precision": "very-high", "severity": "error", "short_name": "PseudorandomNumbersGeneratedUsingRand", + "shared_implementation_short_name" : "DoNotUseRandForGeneratingPseudorandomNumbers", "tags": [ "security" ] @@ -220,6 +221,7 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotUseRandForGeneratingPseudorandomNumbers", + "shared_implementation_short_name" : "DoNotUseRandForGeneratingPseudorandomNumbers", "tags": [ "security" ] diff --git a/rule_packages/cpp/Macros.json b/rule_packages/cpp/Macros.json index dc4d22047b..c244016887 100644 --- a/rule_packages/cpp/Macros.json +++ b/rule_packages/cpp/Macros.json @@ -44,7 +44,11 @@ "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", + "items": [] + } } ], "title": "The ', \", /*, //, \\ characters shall not occur in a header file name or in #include directive." @@ -211,7 +215,11 @@ "tags": [ "correctness", "readability" - ] + ], + "implementation_scope": { + "description": "This query does not detect the case where an undefined character is used but not actually evaluated, for example, as a result of the inclusion of a logical AND operator in the #if expression.", + "items": [] + } } ], "title": "Undefined macro identifiers shall not be used in #if or #elif pre-processor directives, except as operands to the defined operator." diff --git a/rules.csv b/rules.csv index c4e9e02246..a9c0272804 100755 --- a/rules.csv +++ b/rules.csv @@ -592,12 +592,12 @@ c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,Contracts,Medium, c,CERT-C,SIG34-C,Yes,Rule,,,Do not call signal() from within interruptible signal handlers,,Contracts,Medium, c,CERT-C,SIG35-C,Yes,Rule,,,Do not return from a computational exception signal handler,,Contracts,Easy, -c,CERT-C,STR30-C,Yes,Rule,,,Do not attempt to modify string literals,,Strings,Medium, -c,CERT-C,STR31-C,Yes,Rule,,,Guarantee that storage for strings has sufficient space for character data and the null terminator,STR50-CPP,Strings,Very Hard, -c,CERT-C,STR32-C,Yes,Rule,,,Do not pass a non-null-terminated character sequence to a library function that expects a string,STR51-CPP,Strings,Very Hard, -c,CERT-C,STR34-C,Yes,Rule,,,Cast characters to unsigned char before converting to larger integer sizes,,Strings,Hard, -c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be representable as an unsigned char,,Strings,Medium, -c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings,Medium, +c,CERT-C,STR30-C,Yes,Rule,,,Do not attempt to modify string literals,,Strings1,Medium, +c,CERT-C,STR31-C,Yes,Rule,,,Guarantee that storage for strings has sufficient space for character data and the null terminator,STR50-CPP,Strings1,Very Hard, +c,CERT-C,STR32-C,Yes,Rule,,,Do not pass a non-null-terminated character sequence to a library function that expects a string,STR51-CPP,Strings1,Very Hard, +c,CERT-C,STR34-C,Yes,Rule,,,Cast characters to unsigned char before converting to larger integer sizes,,Strings2,Hard, +c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be representable as an unsigned char,,Strings2,Medium, +c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings2,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, @@ -688,7 +688,7 @@ c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5 c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium, -c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects2,Medium, +c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects,Medium, c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, c,MISRA-C-2012,RULE-13-4,Yes,Advisory,,,The result of an assignment operator should not be used,M6-2-1,SideEffects1,Easy, c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && or || operator shall not contain persistent side effects,M5-14-1,SideEffects1,Import, diff --git a/scripts/generate_rules/templates/template-implementation.qhelp b/scripts/generate_rules/templates/template-implementation.qhelp deleted file mode 100644 index a01fab8d10..0000000000 --- a/scripts/generate_rules/templates/template-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/scripts/generate_rules/templates/template.qhelp b/scripts/generate_rules/templates/template.qhelp index 144340ae0b..dbad358130 100644 --- a/scripts/generate_rules/templates/template.qhelp +++ b/scripts/generate_rules/templates/template.qhelp @@ -20,9 +20,6 @@ {% endif %} {% endif %} -
    - -
    {% if standard_title | length %}