Merge branch 'main' into enhancement/yaml

Author: intern4tional

c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.md

@@ -153,7 +153,7 @@ Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+D
 
 ## Implementation notes
 
-This query does not check for implicit function declarations as this is partially compiler checked.
+This query does not check for implicitly typed parameters, typedefs or member declarations as this is partially compiler checked.
 
 ## References
 

c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql

@@ -13,16 +13,10 @@
 
 import cpp
 import codingstandards.c.cert
+import codingstandards.cpp.rules.typeomitted.TypeOmitted
 
-from Declaration d
-where
-  not isExcluded(d, Declarations1Package::declareIdentifiersBeforeUsingThemQuery()) and
-  d.hasSpecifier("implicit_int") and
-  exists(Type t |
-    (d.(Variable).getType() = t or d.(Function).getType() = t) and
-    // Exclude "short" or "long", as opposed to "short int" or "long int".
-    t instanceof IntType and
-    // Exclude "signed" or "unsigned", as opposed to "signed int" or "unsigned int".
-    not exists(IntegralType it | it = t | it.isExplicitlySigned() or it.isExplicitlyUnsigned())
-  )
-select d, "Declaration " + d.getName() + " is missing a type specifier."
+class DeclareIdentifiersBeforeUsingThem extends TypeOmittedSharedQuery {
+  DeclareIdentifiersBeforeUsingThem() {
+    this = Declarations1Package::declareIdentifiersBeforeUsingThemQuery()
+  }
+}

c/cert/test/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.qlref

@@ -0,0 +1 @@
+c/common/test/rules/typeomitted/TypeOmitted.ql

c/cert/test/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.testref

@@ -0,0 +1,100 @@
+/** Provides a library for errno-setting functions. */
+
+import cpp
+
+/*
+ * An errno-setting function
+ */
+
+abstract class ErrnoSettingFunction extends Function { }
+
+/*
+ * An errno-setting function that return out-of-band errors indicators
+ */
+
+class OutOfBandErrnoSettingFunction extends ErrnoSettingFunction {
+  OutOfBandErrnoSettingFunction() {
+    this.hasGlobalName(["ftell", "fgetpos", "fsetpos", "mbrtowc", "wcrtomb", "wcsrtombs"])
+  }
+}
+
+/*
+ * An errno-setting function that return in-band errors indicators
+ */
+
+class InBandErrnoSettingFunction extends ErrnoSettingFunction {
+  InBandErrnoSettingFunction() {
+    this.hasGlobalName([
+        "fgetwc", "fputwc", "strtol", "wcstol", "strtoll", "wcstoll", "strtoul", "wcstoul",
+        "strtoull", "wcstoull", "strtoumax", "wcstoumax", "strtod", "wcstod", "strtof", "wcstof",
+        "strtold", "wcstold", "strtoimax", "wcstoimax"
+      ])
+  }
+}
+
+/*
+ * A assignment expression setting `errno` to 0
+ */
+
+class ErrnoZeroed extends AssignExpr {
+  ErrnoZeroed() {
+    this.getLValue() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() and
+    this.getRValue().getValue() = "0"
+  }
+}
+
+/*
+ * A guard controlled by a errno comparison
+ */
+
+abstract class ErrnoGuard extends StmtParent {
+  abstract ControlFlowNode getZeroedSuccessor();
+
+  abstract ControlFlowNode getNonZeroedSuccessor();
+}
+
+class ErrnoIfGuard extends EqualityOperation, ErrnoGuard {
+  ControlStructure i;
+
+  ErrnoIfGuard() {
+    this.getAnOperand() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() and
+    this.getAnOperand().getValue() = "0" and
+    i.getControllingExpr() = this
+  }
+
+  Stmt getThenSuccessor() {
+    i.getControllingExpr() = this and
+    (result = i.(IfStmt).getThen() or result = i.(Loop).getStmt())
+  }
+
+  Stmt getElseSuccessor() {
+    i.getControllingExpr() = this and
+    (
+      i.(IfStmt).hasElse() and result = i.(IfStmt).getElse()
+      or
+      result = i.getFollowingStmt()
+    )
+  }
+
+  override ControlFlowNode getZeroedSuccessor() {
+    if this instanceof EQExpr then result = this.getThenSuccessor() else result = getElseSuccessor()
+  }
+
+  override ControlFlowNode getNonZeroedSuccessor() {
+    if this instanceof NEExpr then result = this.getThenSuccessor() else result = getElseSuccessor()
+  }
+}
+
+class ErrnoSwitchGuard extends SwitchCase, ErrnoGuard {
+  ErrnoSwitchGuard() {
+    this.getSwitchStmt().getExpr() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr()
+  }
+
+  override ControlFlowNode getZeroedSuccessor() {
+    result = this.getAStmt() and this.getExpr().getValue() = "0"
+  }
+
+  override ControlFlowNode getNonZeroedSuccessor() {
+    result = this.getAStmt() and this.getExpr().getValue() != "0"
+  }
+}

c/common/src/codingstandards/c/Errno.qll

@@ -0,0 +1,16 @@
+import cpp
+
+//Identifiers that are candidates for checking uniqueness
+class InterestingIdentifiers extends Declaration {
+  InterestingIdentifiers() {
+    not this.isFromTemplateInstantiation(_) and
+    not this.isFromUninstantiatedTemplate(_) and
+    not this instanceof TemplateParameter and
+    not this.hasDeclaringType() and
+    not this instanceof Operator and
+    not this.hasName("main") and
+    exists(this.getADeclarationLocation())
+  }
+
+  string getSignificantName() { result = this.getName().prefix(31) }
+}

c/common/src/codingstandards/c/Identifiers.qll

@@ -0,0 +1,5 @@
+| test.c:4:7:4:9 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 |
+| test.c:7:13:7:15 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 |
+| test.c:10:12:10:14 | id1 | Variable is hiding variable $@. | test.c:1:5:1:7 | id1 | id1 |
+| test.c:11:14:11:16 | id1 | Variable is hiding variable $@. | test.c:10:12:10:14 | id1 | id1 |
+| test.c:24:24:24:26 | id2 | Variable is hiding variable $@. | test.c:22:5:22:7 | id2 | id2 |

c/common/test/rules/identifierhidden/IdentifierHidden.expected

@@ -0,0 +1,2 @@
+// GENERATED FILE - DO NOT MODIFY
+import codingstandards.cpp.rules.identifierhidden.IdentifierHidden

c/common/test/rules/identifierhidden/IdentifierHidden.ql

@@ -0,0 +1,30 @@
+int id1;
+
+void f1() {
+  int id1; // NON_COMPLIANT
+}
+
+void f2(int id1) {} // NON_COMPLIANT
+
+void f3() {
+  for (int id1; id1 < 1; id1++) { // NON_COMPLIANT
+    for (int id1; id1 < 1; id1++) {
+    } // NON_COMPLIANT
+  }
+}
+
+struct astruct {
+  int id1;
+};
+
+extern void g(struct astruct *p);
+
+int id2 = 0;
+
+void f4(struct astruct id2) { // NON_COMPLIANT
+  g(&id2);
+}
+
+void f5(struct astruct id3) { // COMPLIANT
+  g(&id2);
+}