-
Notifications
You must be signed in to change notification settings - Fork 67
Implement MISRA RULE-21-13 and RULE-21-15 #190
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
44 commits
Select commit
Hold shift + click to select a range
fcc4fc6
update rules.csv
jeongsoolee09 05d577f
Update rule package description file
jeongsoolee09 13feea8
Create rule files
jeongsoolee09 ea40969
update ql files and add test.c for RULE-21-13
jeongsoolee09 cf0d756
Implement RULE-21-13
jeongsoolee09 5104114
Refine RULE-21-13 and its unit test
jeongsoolee09 e0e0193
Draft of RULE-21-15
jeongsoolee09 3185856
Refine RULE-21-15
jeongsoolee09 f9deae5
Refine RULE-21-15
jeongsoolee09 eca1f26
Refine RULE-21-15
jeongsoolee09 4064b6b
Update `.expected` files
jeongsoolee09 9adcc36
Refine analysis messages
jeongsoolee09 75ea8ff
Format test.c
jeongsoolee09 cc43205
Merge branch 'main' into jeongsoolee09/MISRA_21-13_and-21-15
jeongsoolee09 9336a3e
Some minor comments
jeongsoolee09 f798abe
Merge branch 'jeongsoolee09/MISRA_21-13_and-21-15' of github.com:gith…
jeongsoolee09 f09cc5d
Minor comment
jeongsoolee09 ddb85d0
Oh no
jeongsoolee09 9be18f2
Oh no (2)
jeongsoolee09 044350b
Add `CtypeGetcharFunctions` modelling class
jeongsoolee09 71f4dc4
Minor comments
jeongsoolee09 4d55a70
Modify/Add test cases to 21-13
jeongsoolee09 a9f2fbe
checkpoint
jeongsoolee09 9c1b343
Merge branch 'main' into jeongsoolee09/MISRA_21-13_and-21-15
jeongsoolee09 0aad1c6
Model getchar, Finalize query
jeongsoolee09 9456800
Merge branch 'main' into jeongsoolee09/MISRA_21-13_and-21-15
jeongsoolee09 c66a9d6
Minor comments && Update outdated .expected
jeongsoolee09 e3075df
Merge branch 'jeongsoolee09/MISRA_21-13_and-21-15' of github.com:gith…
jeongsoolee09 a0a2615
STR37-C: Handle macros in <ctype.h>
lcartey 6d477c0
remove an empty comment
jeongsoolee09 9e60a8f
Use UseOfToOrIsChar from CharFunctions
jeongsoolee09 7ee8379
Remove redundant predicate uses
jeongsoolee09 f7eadb0
Merge branch 'main' into jeongsoolee09/MISRA_21-13_and-21-15
jeongsoolee09 aa3b81f
Add .expected for clang and qcc
jeongsoolee09 bf6e11d
Merge branch 'jeongsoolee09/MISRA_21-13_and-21-15' of github.com:gith…
jeongsoolee09 ea4383e
Merge branch 'main' into jeongsoolee09/MISRA_21-13_and-21-15
jeongsoolee09 4c9f192
Add FP suspect case
jeongsoolee09 f9f8ecb
Oops, wrong branch
jeongsoolee09 535470f
Merge branch 'jeongsoolee09/MISRA_21-13_and-21-15' of github.com:gith…
jeongsoolee09 3928d06
Add test for gcc
jeongsoolee09 2a38ec7
Merge branch 'main' into jeongsoolee09/MISRA_21-13_and-21-15
jeongsoolee09 e2ef453
Put back StandardLibraryFunctionTypes
jeongsoolee09 63b1256
Modify RuleMetadata
jeongsoolee09 7dba082
Rename .expected.gcc file
jeongsoolee09 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
28 changes: 28 additions & 0 deletions
28
c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
/** | ||
* @id c/misra/ctype-function-arg-not-unsigned-char-or-eof | ||
* @name RULE-21-13: <ctype.h> function arguments shall be represented as unsigned char | ||
* @description Passing arguments to <ctype.h> functions outside the range of unsigned char or EOF | ||
* causes undefined behavior. | ||
* @kind problem | ||
* @precision very-high | ||
* @problem.severity error | ||
* @tags external/misra/id/rule-21-13 | ||
* external/misra/obligation/mandatory | ||
*/ | ||
|
||
import cpp | ||
import codingstandards.c.misra | ||
import codingstandards.cpp.CharFunctions | ||
import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis | ||
|
||
from UseOfToOrIsChar ctypeCall | ||
where | ||
not isExcluded(ctypeCall, | ||
StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and | ||
not exists(Expr ctypeCallArgument | ctypeCallArgument = ctypeCall.getConvertedArgument() | | ||
/* The argument's value should be in the EOF + `unsigned char` range. */ | ||
-1 <= lowerBound(ctypeCallArgument) and upperBound(ctypeCallArgument) <= 255 | ||
) | ||
select ctypeCall, | ||
"The <ctype.h> function " + ctypeCall + " accepts an argument " + ctypeCall.getConvertedArgument() | ||
+ " that is not an unsigned char nor an EOF." |
46 changes: 46 additions & 0 deletions
46
c/misra/src/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
/** | ||
* @id c/misra/memcpy-memmove-memcmp-arg-not-pointers-to-compatible-types | ||
* @name RULE-21-15: The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers | ||
* @description Passing pointers to incompatible types as arguments to memcpy, memmove and memcmp | ||
* indicates programmers' confusion. | ||
* @kind problem | ||
* @precision very-high | ||
* @problem.severity error | ||
* @tags external/misra/id/rule-21-15 | ||
* external/misra/obligation/required | ||
*/ | ||
|
||
import cpp | ||
import codingstandards.c.misra | ||
import codingstandards.c.Pointers | ||
|
||
class MemCmpMoveCpy extends Function { | ||
// Couldn't extend BuiltInFunction because it misses `memcmp` | ||
MemCmpMoveCpy() { | ||
this.getName().regexpMatch("mem(cmp|cpy|move)") and | ||
this.getADeclaration().getAFile().(HeaderFile).getBaseName() = "string.h" | ||
} | ||
} | ||
|
||
from FunctionCall fc | ||
where | ||
not isExcluded(fc, | ||
StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery()) and | ||
exists(MemCmpMoveCpy memfun, Type dstType, Type srcType | fc.getTarget() = memfun | | ||
dstType = fc.getArgument(0).getUnspecifiedType() and | ||
srcType = fc.getArgument(1).getUnspecifiedType() and | ||
( | ||
/* Case 1: dst and src are pointer types */ | ||
dstType instanceof PointerType and | ||
srcType instanceof PointerType | ||
or | ||
/* Case 2: dst and src are array types */ | ||
dstType instanceof ArrayType and | ||
srcType instanceof ArrayType | ||
) and | ||
not dstType = srcType | ||
) | ||
select fc, | ||
"The dest type " + fc.getArgument(0).getUnspecifiedType() + " and src type " + | ||
fc.getArgument(1).getUnspecifiedType() + " of function " + fc.getTarget() + | ||
" are not compatible." |
2 changes: 2 additions & 0 deletions
2
c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
| test.c:14:7:14:13 | call to isalnum | The <ctype.h> function call to isalnum accepts an argument c3 that is not an unsigned char nor an EOF. | | ||
| test.c:20:7:20:13 | call to isalnum | The <ctype.h> function call to isalnum accepts an argument c4 that is not an unsigned char nor an EOF. | |
2 changes: 2 additions & 0 deletions
2
c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.clang
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
| test.c:14:7:14:17 | isalnum(c) | The <ctype.h> function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | | ||
| test.c:20:7:20:17 | isalnum(c) | The <ctype.h> function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | |
2 changes: 2 additions & 0 deletions
2
c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.gcc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
| test.c:14:7:14:17 | isalnum(c) | The <ctype.h> function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | | ||
| test.c:20:7:20:17 | isalnum(c) | The <ctype.h> function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | |
2 changes: 2 additions & 0 deletions
2
c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.expected.qcc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
| test.c:14:7:14:17 | isalnum(c) | The <ctype.h> function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | | ||
| test.c:20:7:20:17 | isalnum(c) | The <ctype.h> function isalnum(c) accepts an argument (...) that is not an unsigned char nor an EOF. | |
1 change: 1 addition & 0 deletions
1
c/misra/test/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.qlref
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
#include <ctype.h> | ||
#include <stdio.h> | ||
|
||
void sample() { | ||
unsigned char c1 = 'c'; | ||
int r1 = isalnum( | ||
c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255] | ||
int r2 = isalnum(EOF); // COMPLIANT: EOF (-1) | ||
|
||
int x3 = 256; | ||
int x4 = x3; | ||
int c3 = x4; | ||
int r3 = | ||
isalnum(c3); // NON_COMPLIANT: is outside unsigned char range of [0, 255] | ||
|
||
unsigned char x5 = EOF; | ||
unsigned char x6 = x5; | ||
int c4 = x6 + 10000; | ||
int r4 = | ||
isalnum(c4); // NON_COMPLIANT: is outside unsigned char range of [0, 255] | ||
|
||
int c5 = getchar(); | ||
int r5 = isalnum( | ||
c5); // COMPLIANT: <stdio.h> source functions like getchar are modelled | ||
|
||
unsigned char x7; | ||
int c6; | ||
if (x7 == 1) { | ||
c6 = EOF; | ||
} else { | ||
c6 = 'c'; | ||
} | ||
int r6 = | ||
isalnum(c6); // COMPLIANT: either control branch make this call compliant | ||
|
||
int r7 = isalnum(EOF); // COMPLIANT: EOF (-1) | ||
} | ||
|
||
int main() { return 0; } | ||
jeongsoolee09 marked this conversation as resolved.
Show resolved
Hide resolved
|
2 changes: 2 additions & 0 deletions
2
c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.expected
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
| test.c:6:3:6:8 | call to memcpy | The dest type int * and src type char * of function memcpy are not compatible. | | ||
| test.c:18:3:18:9 | call to memmove | The dest type char[9] and src type int[2] of function memmove are not compatible. | |
1 change: 1 addition & 0 deletions
1
c/misra/test/rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.qlref
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
rules/RULE-21-15/MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes.ql |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
#include <string.h> | ||
|
||
void sample() { | ||
int from1 = 1000000; | ||
char to1; | ||
memcpy(&from1, &to1, 1); // NON_COMPLIANT, the types are not compatible | ||
|
||
int from2 = 1000000; | ||
int to2; | ||
memcpy(&from2, &to2, 2); // COMPLIANT | ||
|
||
char from3[] = "string"; | ||
char to3[7]; | ||
memmove(from3, to3, 7); // COMPLIANT | ||
|
||
char from4[] = "sstringg"; | ||
int to4[2]; | ||
memmove(from4, to4, 8); // NON_COMPLIANT, despite being equal in byte counts | ||
|
||
char from5[] = "STRING"; | ||
char to5[] = "string"; | ||
memcmp(from5, to5, 2); // COMPLIANT | ||
} | ||
|
||
int main() { return 0; } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
46 changes: 46 additions & 0 deletions
46
cpp/common/src/codingstandards/cpp/exclusions/c/StandardLibraryFunctionTypes.qll
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ | ||
import cpp | ||
import RuleMetadata | ||
import codingstandards.cpp.exclusions.RuleMetadata | ||
|
||
newtype StandardLibraryFunctionTypesQuery = | ||
TCtypeFunctionArgNotUnsignedCharOrEofQuery() or | ||
TMemcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery() | ||
|
||
predicate isStandardLibraryFunctionTypesQueryMetadata( | ||
Query query, string queryId, string ruleId, string category | ||
) { | ||
query = | ||
// `Query` instance for the `ctypeFunctionArgNotUnsignedCharOrEof` query | ||
StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery() and | ||
queryId = | ||
// `@id` for the `ctypeFunctionArgNotUnsignedCharOrEof` query | ||
"c/misra/ctype-function-arg-not-unsigned-char-or-eof" and | ||
ruleId = "RULE-21-13" and | ||
category = "mandatory" | ||
or | ||
query = | ||
// `Query` instance for the `memcpyMemmoveMemcmpArgNotPointersToCompatibleTypes` query | ||
StandardLibraryFunctionTypesPackage::memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery() and | ||
queryId = | ||
// `@id` for the `memcpyMemmoveMemcmpArgNotPointersToCompatibleTypes` query | ||
"c/misra/memcpy-memmove-memcmp-arg-not-pointers-to-compatible-types" and | ||
ruleId = "RULE-21-15" and | ||
category = "required" | ||
} | ||
|
||
module StandardLibraryFunctionTypesPackage { | ||
Query ctypeFunctionArgNotUnsignedCharOrEofQuery() { | ||
//autogenerate `Query` type | ||
result = | ||
// `Query` type for `ctypeFunctionArgNotUnsignedCharOrEof` query | ||
TQueryC(TStandardLibraryFunctionTypesPackageQuery(TCtypeFunctionArgNotUnsignedCharOrEofQuery())) | ||
} | ||
|
||
Query memcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery() { | ||
//autogenerate `Query` type | ||
result = | ||
// `Query` type for `memcpyMemmoveMemcmpArgNotPointersToCompatibleTypes` query | ||
TQueryC(TStandardLibraryFunctionTypesPackageQuery(TMemcpyMemmoveMemcmpArgNotPointersToCompatibleTypesQuery())) | ||
} | ||
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
{ | ||
"MISRA-C-2012": { | ||
"RULE-21-13": { | ||
"properties": { | ||
"obligation": "mandatory" | ||
}, | ||
"queries": [ | ||
{ | ||
"description": "Passing arguments to <ctype.h> functions outside the range of unsigned char or EOF causes undefined behavior.", | ||
"kind": "problem", | ||
"name": "<ctype.h> function arguments shall be represented as unsigned char", | ||
"precision": "very-high", | ||
"severity": "error", | ||
"short_name": "CtypeFunctionArgNotUnsignedCharOrEof", | ||
"tags": [] | ||
} | ||
], | ||
"title": "Any value passed to a function in <ctype.h> shall be representable as an unsigned char or be the value EOF" | ||
}, | ||
"RULE-21-15": { | ||
"properties": { | ||
"obligation": "required" | ||
}, | ||
"queries": [ | ||
{ | ||
"description": "Passing pointers to incompatible types as arguments to memcpy, memmove and memcmp indicates programmers' confusion.", | ||
"kind": "problem", | ||
"name": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers", | ||
"precision": "very-high", | ||
"severity": "error", | ||
"short_name": "MemcpyMemmoveMemcmpArgNotPointersToCompatibleTypes", | ||
"tags": [] | ||
} | ||
], | ||
"title": "The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unqualified versions of compatible types" | ||
} | ||
} | ||
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.