Update RULE-21-17 and RULE-21-18 tests

Nikita Kraiouchkine · Nikita Kraiouchkine · commit 883eccac0a80 · 2023-04-06T00:32:58.000+02:00
diff --git a/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected b/c/misra/test/rules/RULE-21-17/StringFunctionPointerArgumentOutOfBounds.expected
@@ -1 +1,26 @@
-No expected results have yet been specified
+| test.c:31:5:31:10 | call to strcat | The $@ passed to strcat might not be null-terminated. | test.c:31:12:31:15 | buf1 | argument | test.c:31:12:31:15 | buf1 |  |
+| test.c:36:5:36:10 | call to strcat | The size of the $@ passed to strcat is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:36:24:36:30 | 12345 | read buffer | test.c:36:12:36:19 | call to get_ca_5 | write buffer |
+| test.c:38:5:38:10 | call to strcat | The size of the $@ passed to strcat is 5 bytes, but the size of the $@ is only 4 bytes. | test.c:38:28:38:33 | 1234 | read buffer | test.c:38:12:38:25 | ... + ... | write buffer |
+| test.c:43:5:43:10 | call to strchr | The $@ passed to strchr might not be null-terminated. | test.c:43:12:43:18 | ca5_bad | argument | test.c:43:12:43:18 | ca5_bad |  |
+| test.c:45:5:45:10 | call to strchr | The $@ passed to strchr is 5 bytes, but an offset of 5 bytes is used to access it. | test.c:45:12:45:23 | ... + ... | read buffer | test.c:45:12:45:23 | ... + ... |  |
+| test.c:47:5:47:11 | call to strrchr | The $@ passed to strrchr might not be null-terminated. | test.c:47:13:47:19 | ca5_bad | argument | test.c:47:13:47:19 | ca5_bad |  |
+| test.c:49:5:49:11 | call to strrchr | The $@ passed to strrchr is 5 bytes, but an offset of 5 bytes is used to access it. | test.c:49:13:49:24 | ... + ... | read buffer | test.c:49:13:49:24 | ... + ... |  |
+| test.c:53:5:53:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:53:22:53:28 | ca5_bad | argument | test.c:53:22:53:28 | ca5_bad |  |
+| test.c:55:5:55:10 | call to strcmp | The $@ passed to strcmp might not be null-terminated. | test.c:55:12:55:18 | ca5_bad | argument | test.c:55:12:55:18 | ca5_bad |  |
+| test.c:58:5:58:11 | call to strcoll | The $@ passed to strcoll might not be null-terminated. | test.c:58:23:58:29 | ca5_bad | argument | test.c:58:23:58:29 | ca5_bad |  |
+| test.c:60:5:60:11 | call to strcoll | The $@ passed to strcoll might not be null-terminated. | test.c:60:13:60:19 | ca5_bad | argument | test.c:60:13:60:19 | ca5_bad |  |
+| test.c:66:5:66:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:66:22:66:28 | test1 | read buffer | test.c:66:12:66:19 | ca5_good | write buffer |
+| test.c:70:5:70:10 | call to strcpy | The $@ passed to strcpy might not be null-terminated. | test.c:70:24:70:30 | ca5_bad | argument | test.c:70:24:70:30 | ca5_bad |  |
+| test.c:71:5:71:10 | call to strcpy | The size of the $@ passed to strcpy is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:71:24:71:31 | ca6_good | read buffer | test.c:71:12:71:19 | call to get_ca_5 | write buffer |
+| test.c:76:5:76:11 | call to strcspn | The $@ passed to strcspn might not be null-terminated. | test.c:76:13:76:19 | ca5_bad | argument | test.c:76:13:76:19 | ca5_bad |  |
+| test.c:78:5:78:11 | call to strcspn | The $@ passed to strcspn is null. | test.c:78:13:78:16 | 0 | argument | test.c:78:13:78:16 | 0 |  |
+| test.c:80:5:80:10 | call to strspn | The $@ passed to strspn might not be null-terminated. | test.c:80:12:80:18 | ca5_bad | argument | test.c:80:12:80:18 | ca5_bad |  |
+| test.c:82:5:82:10 | call to strspn | The $@ passed to strspn is null. | test.c:82:12:82:15 | 0 | argument | test.c:82:12:82:15 | 0 |  |
+| test.c:86:5:86:10 | call to strlen | The $@ passed to strlen might not be null-terminated. | test.c:86:12:86:18 | ca5_bad | argument | test.c:86:12:86:18 | ca5_bad |  |
+| test.c:88:5:88:10 | call to strlen | The $@ passed to strlen is 5 bytes, but an offset of 5 bytes is used to access it. | test.c:88:12:88:23 | ... + ... | read buffer | test.c:88:12:88:23 | ... + ... |  |
+| test.c:93:5:93:11 | call to strpbrk | The $@ passed to strpbrk might not be null-terminated. | test.c:93:13:93:19 | ca5_bad | argument | test.c:93:13:93:19 | ca5_bad |  |
+| test.c:95:5:95:11 | call to strpbrk | The $@ passed to strpbrk is null. | test.c:95:13:95:16 | 0 | argument | test.c:95:13:95:16 | 0 |  |
+| test.c:102:5:102:10 | call to strstr | The $@ passed to strstr might not be null-terminated. | test.c:102:12:102:18 | ca5_bad | argument | test.c:102:12:102:18 | ca5_bad |  |
+| test.c:111:5:111:10 | call to strtok | The $@ passed to strtok is null. | test.c:111:18:111:21 | 0 | argument | test.c:111:18:111:21 | 0 |  |
+| test.c:113:5:113:10 | call to strtok | The $@ passed to strtok might not be null-terminated. | test.c:113:12:113:18 | ca5_bad | argument | test.c:113:12:113:18 | ca5_bad |  |
+| test.c:117:5:117:10 | call to strtok | The $@ passed to strtok might not be null-terminated. | test.c:117:22:117:28 | ca6_bad | argument | test.c:117:22:117:28 | ca6_bad |  |
diff --git a/c/misra/test/rules/RULE-21-17/test.c b/c/misra/test/rules/RULE-21-17/test.c
@@ -0,0 +1,119 @@
+// test partially copied from CERT-C ARR38-C test
+#include <stdlib.h>
+#include <string.h>
+
+char *get_ca_5(void) {
+  void *ptr = malloc(5 * sizeof(char));
+  memset(ptr, 0, 5 * sizeof(char));
+  return (char *)ptr;
+}
+
+void test(void) {
+  char ca5_good[5] = "test";  // ok
+  char ca5_bad[5] = "test1";  // no null terminator
+  char ca6_good[6] = "test1"; // ok
+  char ca6_bad[6] = "test12"; // no null terminator
+
+  // strcat
+  {
+    char buf0[10]; // memset after first use
+    char buf1[10]; // no memset
+    char buf2[10]; // memset before first use
+    char buf3[10] = {'\0'};
+    char buf4[10] = "12345";
+
+    strcat(buf0, " "); // NON_COMPLIANT[FALSE_NEGATIVE] - not null terminated at
+                       // initialization
+
+    memset(buf0, 0, sizeof(buf0)); // COMPLIANT
+    memset(buf2, 0, sizeof(buf2)); // COMPLIANT
+
+    strcat(buf1, " ");     // NON_COMPLIANT - not null terminated
+    strcat(buf2, " ");     // COMPLIANT
+    strcat(buf3, " ");     // COMPLIANT
+    strcat(buf4, "12345"); // NON_COMPLIANT[FALSE_NEGATIVE]
+
+    strcat(get_ca_5(), "12345");    // NON_COMPLIANT
+    strcat(get_ca_5(), "1234");     // COMPLIANT
+    strcat(get_ca_5() + 1, "1234"); // NON_COMPLIANT
+  }
+  // strchr and strrchr
+  {
+    strchr(ca5_good, 't');     // COMPLIANT
+    strchr(ca5_bad, 't');      // NON_COMPLIANT
+    strchr(ca5_good + 4, 't'); // COMPLIANT
+    strchr(ca5_good + 5, 't'); // NON_COMPLIANT
+    strrchr(ca5_good, 1);      // COMPLIANT
+    strrchr(ca5_bad, 1);       // NON_COMPLIANT
+    strrchr(ca5_good + 4, 1);  // COMPLIANT
+    strrchr(ca5_good + 5, 1);  // NON_COMPLIANT
+  }
+  // strcmp and strcoll
+  {
+    strcmp(ca5_good, ca5_bad);   // NON_COMPLIANT
+    strcmp(ca5_good, ca5_good);  // COMPLIANT
+    strcmp(ca5_bad, ca5_good);   // NON_COMPLIANT
+    strcmp(ca5_good, ca6_good);  // COMPLIANT
+    strcmp(ca6_good, ca5_good);  // COMPLIANT
+    strcoll(ca5_good, ca5_bad);  // NON_COMPLIANT
+    strcoll(ca5_good, ca5_good); // COMPLIANT
+    strcoll(ca5_bad, ca5_good);  // NON_COMPLIANT
+    strcoll(ca5_good, ca6_good); // COMPLIANT
+    strcoll(ca6_good, ca5_good); // COMPLIANT
+  }
+  // strcpy
+  {
+    strcpy(ca5_good, "test1"); // NON_COMPLIANT
+    strcpy(ca5_bad, "test");   // COMPLIANT
+    // strcpy to char buffer indirect
+    strcpy(get_ca_5(), ca5_good); // COMPLIANT
+    strcpy(get_ca_5(), ca5_bad);  // NON_COMPLIANT
+    strcpy(get_ca_5(), ca6_good); // NON_COMPLIANT
+  }
+  // strcspn and strspn
+  {
+    strcspn(ca5_good, "test");       // COMPLIANT
+    strcspn(ca5_bad, "test");        // NON_COMPLIANT - not null-terminated
+    strcspn(ca5_good, "1234567890"); // COMPLIANT
+    strcspn(NULL, "12345");          // NON_COMPLIANT
+    strspn(ca5_good, "test");        // COMPLIANT
+    strspn(ca5_bad, "test");         // NON_COMPLIANT - not null-terminated
+    strspn(ca5_good, "1234567890");  // COMPLIANT
+    strspn(NULL, "12345");           // NON_COMPLIANT
+  }
+  // strlen
+  {
+    strlen(ca5_bad);      // NON_COMPLIANT
+    strlen(ca5_good + 4); // COMPLIANT
+    strlen(ca5_good + 5); // NON_COMPLIANT
+  }
+  // strpbrk
+  {
+    strpbrk(ca5_good, "test");       // COMPLIANT
+    strpbrk(ca5_bad, "test");        // NON_COMPLIANT - not null-terminated
+    strpbrk(ca5_good, "1234567890"); // COMPLIANT
+    strpbrk(NULL, "12345");          // NON_COMPLIANT
+  }
+  // strstr
+  {
+    strstr("12345", "123");         // COMPLIANT
+    strstr("123", "12345");         // COMPLIANT
+    strstr(ca5_good, "test");       // COMPLIANT
+    strstr(ca5_bad, "test");        // NON_COMPLIANT - not null-terminated
+    strstr(ca5_good, "1234567890"); // COMPLIANT
+  }
+  // strtok
+  {
+    char ca5_good[5] = "test";  // ok
+    char ca5_bad[5] = "test1";  // no null terminator
+    char ca6_good[6] = "test1"; // ok
+    char ca6_bad[6] = "test12"; // no null terminator
+    strtok(NULL, NULL);         // NON_COMPLIANT - 2nd arg null
+    strtok(NULL, "");           // COMPLIANT
+    strtok(ca5_bad, "");        // NON_COMPLIANT - 1st arg not null-terminated
+    strtok(ca5_good, "");       // COMPLIANT
+    strtok(ca6_good, ca5_good); // COMPLIANT
+    strtok(ca6_good + 4, ca6_good); // COMPLIANT
+    strtok(ca6_good, ca6_bad); // NON_COMPLIANT - 2nd arg not null-terminated
+  }
+}
diff --git a/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected b/c/misra/test/rules/RULE-21-18/StringLibrarySizeArgumentOutOfBounds.expected
@@ -28,8 +28,8 @@
 | test.c:77:5:77:11 | call to strncat | The $@ passed to strncat might not be null-terminated. | test.c:77:13:77:16 | buf1 | argument | test.c:77:13:77:16 | buf1 |  |
 | test.c:81:5:81:11 | call to strncat | The size of the $@ passed to strncat is 6 bytes, but the size of the $@ is only 5 bytes. | test.c:81:25:81:31 | 12345 | read buffer | test.c:81:13:81:20 | call to get_ca_5 | write buffer |
 | test.c:83:5:83:11 | call to strncat | The size of the $@ passed to strncat is 5 bytes, but the size of the $@ is only 4 bytes. | test.c:83:29:83:34 | 1234 | read buffer | test.c:83:13:83:26 | ... + ... | write buffer |
-| test.c:94:5:94:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:94:23:94:30 | ca5_good | read buffer | test.c:94:33:94:33 | 6 | size argument |
-| test.c:95:5:95:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:95:13:95:20 | ca5_good | write buffer | test.c:95:32:95:32 | 6 | size argument |
-| test.c:95:5:95:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:95:23:95:29 | ca5_bad | read buffer | test.c:95:32:95:32 | 6 | size argument |
-| test.c:102:5:102:11 | call to strxfrm | The size of the $@ passed to strxfrm is 64 bytes, but the $@ is 65 bytes. | test.c:102:13:102:15 | buf | write buffer | test.c:102:25:102:39 | ... + ... | size argument |
-| test.c:104:5:104:11 | call to strxfrm | The $@ passed to strxfrm might not be null-terminated. | test.c:104:22:104:25 | buf2 | argument | test.c:104:22:104:25 | buf2 |  |
+| test.c:93:5:93:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:93:23:93:30 | ca5_good | read buffer | test.c:93:33:93:33 | 6 | size argument |
+| test.c:94:5:94:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:94:13:94:20 | ca5_good | write buffer | test.c:94:32:94:32 | 6 | size argument |
+| test.c:94:5:94:11 | call to strncmp | The size of the $@ passed to strncmp is 5 bytes, but the $@ is 6 bytes. | test.c:94:23:94:29 | ca5_bad | read buffer | test.c:94:32:94:32 | 6 | size argument |
+| test.c:101:5:101:11 | call to strxfrm | The size of the $@ passed to strxfrm is 64 bytes, but the $@ is 65 bytes. | test.c:101:13:101:15 | buf | write buffer | test.c:101:25:101:39 | ... + ... | size argument |
+| test.c:103:5:103:11 | call to strxfrm | The $@ passed to strxfrm might not be null-terminated. | test.c:103:22:103:25 | buf2 | argument | test.c:103:22:103:25 | buf2 |  |
diff --git a/c/misra/test/rules/RULE-21-18/test.c b/c/misra/test/rules/RULE-21-18/test.c
@@ -87,7 +87,6 @@ void test(void) {
     char ca5_good[5] = "test";      // ok
     char ca5_bad[5] = "test1";      // no null terminator
     char ca6_good[6] = "test1";     // ok
-    char ca6_bad[6] = "test12";     // no null terminator
     strncmp(ca5_good, ca5_bad, 4);  // COMPLIANT
     strncmp(ca5_good, ca5_bad, 5);  // COMPLIANT
     strncmp(ca6_good, ca5_bad, 5);  // COMPLIANT
