A20-8-1/MEM56-CPP: Fix compiler compat issues

Fix false negative issues related to the library structure of smart pointers.

This commit makes the following changes:
 * Update `memory` stubs to move more functions to the __shared_ptr base class
 * Add dataflow summaries for smart pointer constructor calls and smart
   pointer get calls.
 * Add sanitizers to prevent flow into library code for the dataflow summaries
   added above.

Author: lcartey

cpp/common/src/codingstandards/cpp/SmartPointers.qll

@@ -29,6 +29,11 @@ abstract class AutosarSmartPointer extends Class {
       )
   }
 
+  FunctionCall getAGetCall() {
+    result.getTarget().hasName("get") and
+    result.getQualifier().getType().stripType() = this
+  }
+
   FunctionCall getAnInitializerExpr() {
     result =
       any(FunctionCall fc |

cpp/common/src/codingstandards/cpp/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.qll

@@ -29,6 +29,34 @@ private class PointerToSmartPointerConstructorFlowConfig extends TaintTracking::
       cc.getArgument(0) = sink.asExpr()
     )
   }
+
+  override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
+    // Summarize flow through constructor calls
+    exists(AutosarSmartPointer sp, ConstructorCall cc |
+      sp.getAConstructorCall() = cc and
+      cc = node2.asExpr() and
+      cc.getArgument(0) = node1.asExpr()
+    )
+    or
+    // Summarize flow through get() calls
+    exists(AutosarSmartPointer sp, FunctionCall fc |
+      sp.getAGetCall() = fc and
+      fc = node2.asExpr() and
+      fc.getQualifier() = node1.asExpr()
+    )
+  }
+
+  override predicate isSanitizerIn(DataFlow::Node node) {
+    // Exclude flow into header files outside the source archive which are summarized by the
+    // additional taint steps above.
+    exists(AutosarSmartPointer sp |
+      sp.getAConstructorCall().getTarget().getAParameter() = node.asParameter()
+      or
+      sp.getAGetCall().getTarget().getAParameter() = node.asParameter()
+    |
+      not exists(node.getLocation().getFile().getRelativePath())
+    )
+  }
 }
 
 query predicate problems(

cpp/common/test/includes/standard-library/memory.h

@@ -75,6 +75,9 @@ template <typename T> class __shared_ptr {
   template <class Y> void reset(Y *p);
   template <class Y, class D> void reset(Y *p, D d);
   template <class Y, class D, class A> void reset(Y *p, D d, A a);
+
+  long use_count() const noexcept;
+  T *get() const noexcept;
 };
 
 template <typename T> class shared_ptr : public __shared_ptr<T> {
@@ -90,8 +93,6 @@ template <typename T> class shared_ptr : public __shared_ptr<T> {
   T &operator*() const noexcept;
   T *operator->() const noexcept;
 
-  long use_count() const noexcept { return 0; }
-  T *get() const noexcept { return ptr; }
   shared_ptr<T> &operator=(const shared_ptr &) {}
   shared_ptr<T> &operator=(shared_ptr &&) { return *this; }
   template <typename S> shared_ptr &operator=(shared_ptr<T> &&) {

cpp/common/test/rules/ownedpointervaluestoredinunrelatedsmartpointer/OwnedPointerValueStoredInUnrelatedSmartPointer.expected

@@ -6,29 +6,18 @@ problems
 | test.cpp:12:28:12:29 | v2 | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 | Raw pointer flows to initialize multiple unrelated smart pointers. |
 | test.cpp:17:27:17:28 | v1 | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 | Raw pointer flows to initialize multiple unrelated smart pointers. |
 edges
-| ../../includes/standard-library/memory.h:76:17:76:19 | ptr | ../../includes/standard-library/memory.h:76:17:76:19 | ptr |
 | test.cpp:3:14:3:15 | v1 | test.cpp:5:27:5:28 | v1 |
 | test.cpp:3:14:3:15 | v1 | test.cpp:6:31:6:33 | call to get |
 | test.cpp:3:14:3:15 | v1 | test.cpp:7:28:7:29 | v2 |
 | test.cpp:4:13:4:14 | v1 | test.cpp:7:28:7:29 | v2 |
 | test.cpp:5:27:5:29 | call to shared_ptr | test.cpp:6:31:6:33 | call to get |
 | test.cpp:8:8:8:14 | 0 | test.cpp:9:28:9:29 | v2 |
 | test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 |
-| test.cpp:10:8:10:17 | new | test.cpp:11:28:11:29 | v2 |
 | test.cpp:10:8:10:17 | new | test.cpp:12:28:12:29 | v2 |
-| test.cpp:11:28:11:29 | ref arg v2 | test.cpp:12:28:12:29 | v2 |
-| test.cpp:11:28:11:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr |
-| test.cpp:11:28:11:29 | v2 | test.cpp:11:28:11:29 | ref arg v2 |
-| test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 |
 | test.cpp:16:13:16:22 | new | test.cpp:17:27:17:28 | v1 |
 | test.cpp:16:13:16:22 | new | test.cpp:19:6:19:7 | v1 |
-| test.cpp:17:27:17:28 | ref arg v1 | test.cpp:19:6:19:7 | v1 |
-| test.cpp:17:27:17:28 | v1 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr |
-| test.cpp:17:27:17:28 | v1 | test.cpp:17:27:17:28 | ref arg v1 |
 | test.cpp:19:6:19:7 | v1 | test.cpp:3:14:3:15 | v1 |
 nodes
-| ../../includes/standard-library/memory.h:76:17:76:19 | ptr | semmle.label | ptr |
-| ../../includes/standard-library/memory.h:76:17:76:19 | ptr | semmle.label | ptr |
 | test.cpp:3:14:3:15 | v1 | semmle.label | v1 |
 | test.cpp:4:13:4:14 | v1 | semmle.label | v1 |
 | test.cpp:5:27:5:28 | v1 | semmle.label | v1 |
@@ -38,15 +27,9 @@ nodes
 | test.cpp:8:8:8:14 | 0 | semmle.label | 0 |
 | test.cpp:9:28:9:29 | v2 | semmle.label | v2 |
 | test.cpp:10:8:10:17 | new | semmle.label | new |
-| test.cpp:11:28:11:29 | ref arg v2 | semmle.label | ref arg v2 |
-| test.cpp:11:28:11:29 | v2 | semmle.label | v2 |
 | test.cpp:11:28:11:29 | v2 | semmle.label | v2 |
 | test.cpp:12:28:12:29 | v2 | semmle.label | v2 |
 | test.cpp:16:13:16:22 | new | semmle.label | new |
-| test.cpp:17:27:17:28 | ref arg v1 | semmle.label | ref arg v1 |
-| test.cpp:17:27:17:28 | v1 | semmle.label | v1 |
 | test.cpp:17:27:17:28 | v1 | semmle.label | v1 |
 | test.cpp:19:6:19:7 | v1 | semmle.label | v1 |
 subpaths
-| test.cpp:11:28:11:29 | v2 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | test.cpp:11:28:11:29 | ref arg v2 |
-| test.cpp:17:27:17:28 | v1 | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | ../../includes/standard-library/memory.h:76:17:76:19 | ptr | test.cpp:17:27:17:28 | ref arg v1 |