FIO34-C: qcc support

library can access `stdin` or `_Stdin` by reference

Author: mbaluda

cpp/common/src/codingstandards/cpp/ReadErrorsAndEOF.qll

@@ -5,7 +5,11 @@ import codingstandards.cpp.standardlibrary.FileAccess
 /**
  * any call to function `feof()` or `ferror()`
  */
-abstract class FeofFerrorCall extends FunctionCall { }
+abstract class FeofFerrorCall extends FileAccess {
+  override VariableAccess getFileExpr() {
+    result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()]
+  }
+}
 
 class FeofCall extends FeofFerrorCall {
   FeofCall() { this.getTarget().hasGlobalName("feof") }
@@ -15,11 +19,6 @@ class FerrorCall extends FeofFerrorCall {
   FerrorCall() { this.getTarget().hasGlobalName("ferror") }
 }
 
-pragma[inline]
-predicate accessSameTarget(VariableAccess va1, VariableAccess va2) {
-  va1.getTarget() = va2.getTarget()
-}
-
 predicate isShortCircuitedEdge(ControlFlowNode fst, ControlFlowNode snd) {
   fst = any(LogicalAndExpr andOp).getLeftOperand() and snd = fst.getAFalseSuccessor()
   or
@@ -36,7 +35,7 @@ ControlFlowNode feofUnchecked(InBandErrorReadFunctionCall read) {
     not isShortCircuitedEdge(mid, result) and
     result = mid.getASuccessor() and
     //Stop recursion on call to feof/ferror on the correct file
-    not accessSameTarget(result.(FeofCall).getArgument(0), read.getFileExpr())
+    not sameFileSource(result.(FeofCall), read)
   )
 }
 
@@ -50,7 +49,7 @@ ControlFlowNode ferrorUnchecked(InBandErrorReadFunctionCall read) {
     not isShortCircuitedEdge(mid, result) and
     result = mid.getASuccessor() and
     //Stop recursion on call to ferror on the correct file
-    not accessSameTarget(result.(FerrorCall).getArgument(0), read.getFileExpr())
+    not sameFileSource(result.(FerrorCall), read)
   )
 }
 
@@ -112,6 +111,6 @@ predicate missingEOFWEOFChecks(InBandErrorReadFunctionCall read) {
   // another char is read before the comparison to EOF
   exists(FileReadFunctionCall fc |
     macroUnchecked(read) = fc and
-    accessSameTarget(read.getFileExpr(), fc.getFileExpr())
+    sameFileSource(read, fc)
   )
 }

cpp/common/src/codingstandards/cpp/standardlibrary/FileAccess.qll

@@ -98,7 +98,7 @@ class FOpenCall extends FunctionCall {
 }
 
 abstract class FileAccess extends FunctionCall {
-  abstract Expr getFileExpr();
+  abstract VariableAccess getFileExpr();
 }
 
 pragma[inline]
@@ -114,17 +114,17 @@ class ImplicitFileAccess extends FileAccess {
   string fileName;
 
   ImplicitFileAccess() {
-    fileName = "stdin" and
+    fileName = ["stdin", "_Stdin"] and
     this.getTarget().hasGlobalName(["getchar", "getwchar", "scanf", "scanf_s"])
     or
-    fileName = "stdout" and
+    fileName = ["stdout", "_Stdout"] and
     this.getTarget().hasGlobalName(["printf", "printf_s", "puts", "putchar", "putwchar"])
     or
-    fileName = "stderr" and this.getTarget().hasGlobalName("perror")
+    fileName = ["stderr", "_Stderr"] and this.getTarget().hasGlobalName("perror")
   }
 
   /** The expression corresponding to the accessed file */
-  override Expr getFileExpr() {
+  override VariableAccess getFileExpr() {
     fileName = result.(VariableAccess).getTarget().(GlobalVariable).toString() or
     fileName = result.findRootCause().(Macro).getName()
   }
@@ -141,10 +141,10 @@ class InBandErrorReadFunctionCall extends FileAccess {
   }
 
   /** The expression corresponding to the accessed file */
-  override Expr getFileExpr() {
+  override VariableAccess getFileExpr() {
     if this instanceof ImplicitFileAccess
     then result = this.(ImplicitFileAccess).getFileExpr()
-    else result = this.getArgument(0)
+    else result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()]
   }
 }
 
@@ -167,10 +167,11 @@ class FileReadFunctionCall extends FileAccess {
   }
 
   /** The expression corresponding to the accessed file */
-  override Expr getFileExpr() {
+  override VariableAccess getFileExpr() {
     if this instanceof ImplicitFileAccess
     then result = this.(ImplicitFileAccess).getFileExpr()
-    else result = this.getArgument(filePos)
+    else
+      result = [this.getArgument(filePos), this.getArgument(filePos).(AddressOfExpr).getAnOperand()]
   }
 }
 
@@ -195,10 +196,11 @@ class FileWriteFunctionCall extends FileAccess {
   }
 
   /** The expression corresponding to the accessed file */
-  override Expr getFileExpr() {
+  override VariableAccess getFileExpr() {
     if this instanceof ImplicitFileAccess
     then result = this.(ImplicitFileAccess).getFileExpr()
-    else result = this.getArgument(filePos)
+    else
+      result = [this.getArgument(filePos), this.getArgument(filePos).(AddressOfExpr).getAnOperand()]
   }
 }
 
@@ -209,7 +211,9 @@ class FileCloseFunctionCall extends FileAccess {
   FileCloseFunctionCall() { this.getTarget().hasGlobalName("fclose") }
 
   /** The expression corresponding to the accessed file */
-  override Expr getFileExpr() { result = this.getArgument(0) }
+  override VariableAccess getFileExpr() {
+    result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()]
+  }
 }
 
 /**
@@ -221,5 +225,7 @@ class FilePositioningFunctionCall extends FileAccess {
   }
 
   /** The expression corresponding to the accessed file */
-  override Expr getFileExpr() { result = this.getArgument(0) }
+  override VariableAccess getFileExpr() {
+    result = [this.getArgument(0), this.getArgument(0).(AddressOfExpr).getAnOperand()]
+  }
 }