IntegerOverflow: Improve descriptions.

lcartey · lcartey · commit f7951fb1f509 · 2023-03-21T23:28:20.000Z
diff --git a/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md b/c/cert/src/rules/INT30-C/UnsignedIntegerOperationsWrapAround.md
@@ -3,6 +3,8 @@
 This query implements the CERT-C rule INT30-C:
 
 > Ensure that unsigned integer operations do not wrap
+
+
 ## CERT
 
 ** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` **
diff --git a/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql b/c/cert/src/rules/INT31-C/IntegerConversionCausesDataLoss.ql
@@ -1,9 +1,10 @@
 /**
  * @id c/cert/integer-conversion-causes-data-loss
  * @name INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data
- * @description
+ * @description Converting an integer value to another integer type with a different sign or size
+ *              can lead to data loss or misinterpretation of the value.
  * @kind problem
- * @precision high
+ * @precision medium
  * @problem.severity error
  * @tags external/cert/id/int31-c
  *       correctness
diff --git a/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql b/c/cert/src/rules/INT32-C/SignedIntegerOverflow.ql
@@ -1,9 +1,10 @@
 /**
  * @id c/cert/signed-integer-overflow
  * @name INT32-C: Ensure that operations on signed integers do not result in overflow
- * @description
+ * @description The multiplication of two signed integers can lead to underflow or overflow and
+ *              therefore undefined behavior.
  * @kind problem
- * @precision high
+ * @precision medium
  * @problem.severity error
  * @tags external/cert/id/int32-c
  *       correctness
diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.md b/c/cert/src/rules/INT33-C/DivOrRemByZero.md
@@ -3,6 +3,8 @@
 This query implements the CERT-C rule INT33-C:
 
 > Ensure that division and remainder operations do not result in divide-by-zero errors
+
+
 ## CERT
 
 ** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` **
diff --git a/c/cert/src/rules/INT33-C/DivOrRemByZero.ql b/c/cert/src/rules/INT33-C/DivOrRemByZero.ql
@@ -3,7 +3,7 @@
  * @name INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors
  * @description Dividing or taking the remainder by zero is undefined behavior.
  * @kind problem
- * @precision high
+ * @precision medium
  * @problem.severity error
  * @tags external/cert/id/int33-c
  *       correctness
diff --git a/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql b/c/cert/src/rules/INT35-C/UseCorrectIntegerPrecisions.ql
@@ -1,7 +1,8 @@
 /**
  * @id c/cert/use-correct-integer-precisions
  * @name INT35-C: Use correct integer precisions
- * @description
+ * @description The precision of integer types in C cannot be deduced from the size of the type (due
+ *              to padding and sign bits) otherwise a loss of data may occur.
  * @kind problem
  * @precision high
  * @problem.severity error
diff --git a/rule_packages/c/IntegerOverflow.json b/rule_packages/c/IntegerOverflow.json
@@ -26,10 +26,10 @@
       },
       "queries": [
         {
-          "description": "",
+          "description": "Converting an integer value to another integer type with a different sign or size can lead to data loss or misinterpretation of the value.",
           "kind": "problem",
           "name": "Ensure that integer conversions do not result in lost or misinterpreted data",
-          "precision": "high",
+          "precision": "medium",
           "severity": "error",
           "short_name": "IntegerConversionCausesDataLoss",
           "tags": [
@@ -45,10 +45,10 @@
       },
       "queries": [
         {
-          "description": "",
+          "description": "The multiplication of two signed integers can lead to underflow or overflow and therefore undefined behavior.",
           "kind": "problem",
           "name": "Ensure that operations on signed integers do not result in overflow",
-          "precision": "high",
+          "precision": "medium",
           "severity": "error",
           "short_name": "SignedIntegerOverflow",
           "tags": [
@@ -68,7 +68,7 @@
           "description": "Dividing or taking the remainder by zero is undefined behavior.",
           "kind": "problem",
           "name": "Ensure that division and remainder operations do not result in divide-by-zero errors",
-          "precision": "high",
+          "precision": "medium",
           "severity": "error",
           "short_name": "DivOrRemByZero",
           "tags": [
@@ -84,7 +84,7 @@
       },
       "queries": [
         {
-          "description": "",
+          "description": "The precision of integer types in C cannot be deduced from the size of the type (due to padding and sign bits) otherwise a loss of data may occur.",
           "kind": "problem",
           "name": "Use correct integer precisions",
           "precision": "high",
