github/codeql-coding-standardsPublic

NotificationsYou must be signed in to change notification settings
Fork70
Star172

Commite7455c0

committed

Merge remote-tracking branch 'origin/main' into michaelrfairhurst/implement-rule-amendments-tc2

2 parentsc55a173 +a7955d8 commite7455c0Copy full SHA for e7455c0

File tree

306 files changed

+7961

-1887

lines changed

.github/workflows
- upgrade_codeql_dependencies.yml
amendments.csv
change_notes
cpp
- autosar
  - src
    - codeql-pack.lock.yml
    - qlpack.yml
    - rules
      - A15-4-4
        MissingNoExcept.ql
      - A18-5-2
        DoNotUseNonPlacementNew.ql
      - A2-7-3
        UndocumentedUserDefinedType.ql
      - A3-1-5
        NonTrivialNonTemplateFunctionDefinedInsideClassDefinition.ql
      - A5-1-9
        IdenticalLambdaExpressions.ql
        LambdaEquivalence.qll
      - A7-1-1
        DeclarationUnmodifiedObjectMissingConstSpecifier.ql
      - A7-1-2
        FunctionMissingConstexpr.ql
      - A8-4-4
        FunctionReturnMultipleValueCondition.ql
      - M5-2-2
        PointerToAVirtualBaseClassCastToAPointer.ql
      - M5-3-1
        EachOperandOfTheOperatorTheLogicalAndOrTheLogicalOperatorsShallHaveTypeBool.ql
  - test
    - codeql-pack.lock.yml
    - qlpack.yml
    - rules
      - A15-4-4
        coding-standards.xml
        test.cpp
      - A2-7-3
        test.cpp
      - A3-1-5
        test.cpp
      - A5-1-9
        test.cpp
      - A7-1-1
        test.cpp
      - A7-1-2
        FunctionMissingConstexpr.expected
        FunctionMissingConstexpr.qlref
        VariableMissingConstexpr.expected
        test.cpp
      - M5-3-1
        test.cpp
- cert
  - src
    - codeql-pack.lock.yml
    - qlpack.yml
  - test
    - codeql-pack.lock.yml
    - qlpack.yml
- common
  - src
    - codeql-pack.lock.yml
    - codingstandards/cpp
      - AlertReporting.qll
      - Clvalues.qll
      - Concurrency.qll
      - Emergent.qll
      - Exclusions.qll
      - StdFunctionOrMacro.qll
      - Type.qll
      - alertreporting
        DeduplicateMacroResults.qll
      - deadcode
        UnusedObjects.qll
        UnusedVariables.qll
      - deviations
        CodeIdentifierDeviation.qll
        Deviations.qll
        DeviationsSuppression.qhelp
        DeviationsSuppression.ql
        InvalidDeviationCodeIdentifier.md
        InvalidDeviationCodeIdentifier.ql
      - exclusions
        cpp
        Const.qll
        c
        Banned.qll
        Concurrency6.qll
        Concurrency7.qll
        Concurrency8.qll
        Contracts6.qll
        DeadCode2.qll
        Declarations9.qll
        RuleMetadata.qll
        SideEffects1.qll
      - lifetimes
        CLifetimes.qll
        lifetimeprofile
        LifetimeProfile.qll
      - resources
        ResourceLeakAnalysis.qll
        ResourceManagement.qll
      - rules
        accessofundefinedmemberthroughnullpointer
        AccessOfUndefinedMemberThroughNullPointer.qll
        exceptionsafetyvalidstate
        ExceptionSafetyValidState.qll
        iofstreammissingpositioning
        IOFstreamMissingPositioning.qll
        joinordetachthreadonlyonce
        JoinOrDetachThreadOnlyOnce.qll
        returnreferenceorpointertoautomaticlocalvariable
        ReturnReferenceOrPointerToAutomaticLocalVariable.qll
    - qlpack.yml
  - test
    - codeql-pack.lock.yml
    - deviations
      - deviation_permits_basic_test
        UnusedReturnValue.ql
      - deviations_basic_test
        ListDeviationRecords.expected
        TypeLongDoubleUsed.expected
        UnusedReturnValue.expected
        UnusedReturnValue.ql
        attribute_syntax.cpp
        main.cpp
      - deviations_report_deviated
        DeviationsSuppression.expected
        DeviationsSuppression.qlref
        UnusedReturnValue.ql
      - invalid_deviations
        InvalidDeviationCodeIdentifier.expected
        InvalidDeviationCodeIdentifier.qlref
        InvalidDeviationPermits.expected
        InvalidDeviationRecords.expected
        coding-standards.xml
        coding-standards.yml
        dummy.cpp
        invalidcodeidentifiers.cpp
    - guideline_recategorizations
    - library/codingstandards/cpp/alertreporting
    - qlpack.yml
    - rules
      - exceptionsafetyvalidstate
        ExceptionSafetyValidState.expected
      - returnreferenceorpointertoautomaticlocalvariable
        test.cpp
- misra
  - src
    - codeql-pack.lock.yml
    - qlpack.yml
  - test
    - codeql-pack.lock.yml
    - qlpack.yml
- report/src
  - codeql-pack.lock.yml
  - qlpack.yml
c
- cert
  - src
    - codeql-pack.lock.yml
    - qlpack.yml
    - rules
      - CON30-C
        CleanUpThreadSpecificStorage.ql
      - CON34-C
        AppropriateThreadObjectStorageDurations.ql
        ThreadObjectStorageDurationsNotInitialized.ql
      - CON39-C
        ThreadWasPreviouslyJoinedOrDetached.ql
      - DCL30-C
        AppropriateStorageDurationsFunctionReturn.ql
      - ERR30-C
        ErrnoReadBeforeReturn.ql
        FunctionCallBeforeErrnoCheck.ql
        SetlocaleMightSetErrno.ql
      - ERR32-C
        DoNotRelyOnIndeterminateValuesOfErrno.ql
      - EXP30-C
        DependenceOnOrderOfFunctionArgumentsForSideEffects.ql
      - EXP35-C
        DoNotModifyObjectsWithTemporaryLifetime.ql
      - FIO37-C
        SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql
      - MEM33-C
        AllocStructsWithAFlexibleArrayMemberDynamically.ql
      - PRE31-C
        SideEffectsInArgumentsToUnsafeMacros.ql
  - test
- common
  - src
    - codeql-pack.lock.yml
    - codingstandards/c
    - qlpack.yml
  - test
    - codeql-pack.lock.yml
    - includes/standard-library
      - stdatomic.h
    - library
      - identifierlinkage
        IdentifierLinkage.expected
        IdentifierLinkage.ql
        identifierlinkage.c
      - objects
        ObjectIdentity.expected
        ObjectIdentity.ql
        objectidentity.c
    - qlpack.yml
    - rules/joinordetachthreadonlyonce
- misra
  - src
    - codeql-pack.lock.yml
    - codeql-suites
    - codingstandards/c/misra
      - EssentialTypes.qll
    - qlpack.yml
    - rules
      - DIR-4-6
        PlainNumericalTypeUsedOverExplicitTypedef.ql
      - DIR-5-2
        NotNoDeadlocksBetweenThreads.ql
      - DIR-5-3
        BannedDynamicThreadCreation.ql
        ThreadCreatedByThread.ql
      - RULE-10-1
        OperandsOfAnInappropriateEssentialType.ql
      - RULE-10-3
        AssignmentOfIncompatibleEssentialType.ql
      - RULE-10-4
        OperandsWithMismatchedEssentialTypeCategory.ql
      - RULE-10-5
        InappropriateEssentialTypeCast.ql
      - RULE-10-7
        ImplicitConversionOfCompositeExpression.ql
      - RULE-10-8
        InappropriateCastOfCompositeExpression.ql
      - RULE-11-10
        AtomicQualifierAppliedToVoid.ql
      - RULE-12-6
        AtomicAggregateObjectDirectlyAccessed.ql
      - RULE-13-6
        SizeofOperandWithSideEffect.ql
      - RULE-14-1
        LoopOverEssentiallyFloatType.ql
      - RULE-17-5
        ArrayFunctionArgumentNumberOfElements.ql
      - RULE-17-7
        ValueReturnedByAFunctionNotUsed.ql
      - RULE-18-9
        ArrayToPointerConversionOfTemporaryObject.ql
        ModifiableLValueSubscriptedWithTemporaryLifetime.ql
      - RULE-19-1
        ObjectCopiedToAnOverlappingObject.ql
      - RULE-2-8
        UnusedObjectDefinition.ql
        UnusedObjectDefinitionStrict.ql
      - RULE-21-11
        StandardHeaderFileTgmathhUsed.ql
      - RULE-21-25
        InvalidMemoryOrderArgument.ql
      - RULE-21-26
        TimedlockOnInappropriateMutexType.ql
      - RULE-22-11
        ThreadPreviouslyJoinedOrDetached.ql
      - RULE-22-12
        NonstandardUseOfThreadingObject.ql
      - RULE-22-13
        ThreadingObjectWithInvalidStorageDuration.ql
      - RULE-22-14
        MutexInitWithInvalidMutexType.ql
        MutexInitializedInsideThread.ql
        MutexNotInitializedBeforeUse.ql
      - RULE-22-16
        MutexObjectsNotAlwaysUnlocked.ql
      - RULE-8-7
        ShouldNotBeDefinedWithExternalLinkage.ql
      - RULE-9-7
        UninitializedAtomicObject.ql
  - test
docs
rule_packages
- cpp
  - Classes.json
  - Const.json
- c
rules.csv
schemas
- rule-package.schema.json
scripts
- generate_modules/queries
  - codeql-pack.lock.yml
  - qlpack.yml
- reports/test-data
  - deviations/invalid
    - coding-standards.yml
  - guideline-recategorizations
    - guideline_recategorizations_report.md.expected
    - invalid
      - coding-standards.yml
supported_codeql_configs.json

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

306 files changed

+7961

-1887

lines changed

`‎.github/workflows/upgrade_codeql_dependencies.yml‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ jobs:`
`53`	`53`	`find c $ -name '.ql' -or -name '.qll' $ -print0 \| xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place`
`54`	`54`
`55`	`55`	`-name:Create Pull Request`
`56`		`-uses:peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f# v7.0.5`
	`56`	`+uses:peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e# v7.0.8`
`57`	`57`	`with:`
`58`	`58`	title:"Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}"
`59`	`59`	`body:\|`

`‎amendments.csv‎`

Lines changed: 34 additions & 33 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,49 +1,50 @@`
`1`	`1`	`language,standard,amendment,rule_id,supportable,implementation_category,implemented,difficulty`
`2`		`-c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,No,Easy`
	`2`	`+c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,Yes,Easy`
`3`	`3`	`c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy`
`4`	`4`	`c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import`
`5`	`5`	`c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy`
`6`		`-c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,No,Easy`
`7`		`-c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,No,Easy`
`8`		`-c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import`
`9`		`-c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy`
`10`		`-c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import`
`11`		`-c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import`
`12`		`-c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import`
	`6`	`+c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,Yes,Easy`
	`7`	`+c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,Yes,Easy`
	`8`	`+c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,Yes,Import`
	`9`	`+c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,Yes,Easy`
	`10`	`+c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,Yes,Import`
	`11`	`+c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,Yes,Import`
	`12`	`+c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,Yes,Import`
`13`	`13`	`c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy`
`14`	`14`	`c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy`
`15`	`15`	`c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy`
`16`	`16`	`c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard`
`17`	`17`	`c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium`
`18`	`18`	`c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy`
`19`		`-c,MISRA-C-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import`
`20`		`-c,MISRA-C-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import`
`21`		`-c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy`
`22`		`-c,MISRA-C-2012,Corrigendum2,RULE-8-6,Yes,Clarification,No,Import`
`23`		`-c,MISRA-C-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import`
`24`		`-c,MISRA-C-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import`
`25`		`-c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import`
`26`		`-c,MISRA-C-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import`
`27`		`-c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy`
`28`		`-c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy`
`29`		`-c,MISRA-C-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import`
`30`		`-c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import`
	`19`	`+c,MISRA-C-2012,Amendment4,RULE-2-2,Yes,Clarification,Yes,Import`
	`20`	`+c,MISRA-C-2012,Amendment4,RULE-2-7,Yes,Clarification,Yes,Import`
	`21`	`+c,MISRA-C-2012,Amendment4,RULE-3-1,Yes,Refine,No,Easy`
	`22`	`+c,MISRA-C-2012,Amendment4,RULE-8-6,Yes,Clarification,Yes,Import`
	`23`	`+c,MISRA-C-2012,Amendment4,RULE-8-9,Yes,Clarification,Yes,Import`
	`24`	`+c,MISRA-C-2012,Amendment4,RULE-9-4,Yes,Clarification,Yes,Import`
	`25`	`+c,MISRA-C-2012,Amendment4,RULE-10-1,Yes,Clarification,Yes,Import`
	`26`	`+c,MISRA-C-2012,Amendment4,RULE-18-3,Yes,Clarification,Yes,Import`
	`27`	`+c,MISRA-C-2012,Amendment4,RULE-1-4,Yes,Replace,No,Easy`
	`28`	`+c,MISRA-C-2012,Amendment4,RULE-9-1,Yes,Refine,No,Easy`
	`29`	`+c,MISRA-C-2012,Amendment4,RULE-9-2,Yes,Refine,No,Import`
	`30`	`+c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,Yes,Import`
`31`	`31`	`c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,Yes,Easy`
`32`		`-c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,No,Import`
	`32`	`+c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,Yes,Import`
`33`	`33`	`c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,Yes,Easy`
`34`		`-c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,No,Import`
	`34`	`+c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,Yes,Import`
	`35`	`+c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,Yes,Import`
`35`	`36`	`c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,Yes,Easy`
`36`		`-c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,No,Import`
`37`		`-c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,No,Import`
`38`		`-c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,No,Import`
`39`		`-c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,No,Import`
`40`		`-c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,No,Import`
	`37`	`+c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,Yes,Import`
	`38`	`+c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,Yes,Import`
	`39`	`+c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,Yes,Import`
	`40`	`+c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,Yes,Import`
	`41`	`+c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,Yes,Import`
`41`	`42`	`c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,Yes,Easy`
`42`		`-c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,No,Import`
`43`		`-c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,No,Import`
`44`		`-c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,No,Import`
	`43`	`+c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,Yes,Import`
	`44`	`+c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,Yes,Import`
	`45`	`+c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,Yes,Import`
`45`	`46`	`c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,Yes,Easy`
`46`		`-c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,No,Import`
`47`		`-c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,No,Import`
	`47`	`+c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,Yes,Import`
	`48`	`+c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,Yes,Import`
`48`	`49`	`c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,Yes,Easy`
`49`		`-c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,No,Import`
	`50`	`+c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,Yes,Import`

`‎c/cert/src/codeql-pack.lock.yml‎`

Lines changed: 10 additions & 10 deletions

Original file line number	Diff line number	Diff line change
`@@ -2,23 +2,23 @@`
`2`	`2`	`lockVersion:1.0.0`
`3`	`3`	`dependencies:`
`4`	`4`	`codeql/cpp-all:`
`5`		`-version:1.4.2`
	`5`	`+version:2.1.1`
`6`	`6`	`codeql/dataflow:`
`7`		`-version:1.1.1`
	`7`	`+version:1.1.6`
`8`	`8`	`codeql/mad:`
`9`		`-version:1.0.7`
	`9`	`+version:1.0.12`
`10`	`10`	`codeql/rangeanalysis:`
`11`		`-version:1.0.7`
	`11`	`+version:1.0.12`
`12`	`12`	`codeql/ssa:`
`13`		`-version:1.0.7`
	`13`	`+version:1.0.12`
`14`	`14`	`codeql/tutorial:`
`15`		`-version:1.0.7`
	`15`	`+version:1.0.12`
`16`	`16`	`codeql/typeflow:`
`17`		`-version:1.0.7`
	`17`	`+version:1.0.12`
`18`	`18`	`codeql/typetracking:`
`19`		`-version:1.0.7`
	`19`	`+version:1.0.12`
`20`	`20`	`codeql/util:`
`21`		`-version:1.0.7`
	`21`	`+version:1.0.12`
`22`	`22`	`codeql/xml:`
`23`		`-version:1.0.7`
	`23`	`+version:1.0.12`
`24`	`24`	`compiled:false`

`‎c/cert/src/qlpack.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,8 @@`
`1`	`1`	`name:codeql/cert-c-coding-standards`
`2`		`-version:2.41.0-dev`
	`2`	`+version:2.43.0-dev`
`3`	`3`	`description:CERT C 2016`
`4`	`4`	`suites:codeql-suites`
`5`	`5`	`license:MIT`
`6`	`6`	`dependencies:`
`7`	`7`	`codeql/common-c-coding-standards:'*'`
`8`		`-codeql/cpp-all:1.4.2`
	`8`	`+codeql/cpp-all:2.1.1`

`‎c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql‎`

Lines changed: 0 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,6 @@`
`15`	`15`	`import cpp`
`16`	`16`	`import codingstandards.c.cert`
`17`	`17`	`import codingstandards.cpp.Concurrency`
`18`		`-import semmle.code.cpp.dataflow.TaintTracking`
`19`	`18`	`import semmle.code.cpp.dataflow.DataFlow`
`20`	`19`
`21`	`20`	`module TssCreateToTssDeleteConfigimplements DataFlow::ConfigSig{`

`‎c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql‎`

Lines changed: 31 additions & 18 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,30 +14,43 @@`
`14`	`14`
`15`	`15`	`import cpp`
`16`	`16`	`import codingstandards.c.cert`
	`17`	`+import codingstandards.c.Objects`
`17`	`18`	`import codingstandards.cpp.Concurrency`
`18`		`-import semmle.code.cpp.dataflow.TaintTracking`
`19`	`19`	`import semmle.code.cpp.dataflow.DataFlow`
`20`	`20`	`import semmle.code.cpp.commons.Alloc`
`21`	`21`
`22`		`-fromC11ThreadCreateCalltcc,StackVariablesv,Exprarg,Expracc`
	`22`	`+fromC11ThreadCreateCalltcc,Exprarg`
`23`	`23`	`where`
`24`	`24`	`notisExcluded(tcc, Concurrency4Package::appropriateThreadObjectStorageDurationsQuery())and`
`25`	`25`	`tcc.getArgument(2)=argand`
`26`		`-sv.getAnAccess()=accand`
`27`		`-// a stack variable that is given as an argument to a thread`
`28`		`- TaintTracking::localTaint(DataFlow::exprNode(acc), DataFlow::exprNode(arg))and`
`29`		`-// or isn't one of the allowed usage patterns`
`30`		`-notexists(Exprmfc\|`
`31`		`-isAllocationExpr(mfc)and`
`32`		`-sv.getAnAssignedValue()=mfcand`
`33`		`-acc.getAPredecessor*()=mfc`
`34`		`-)and`
`35`		`-notexists(TSSGetFunctionCalltsg,TSSSetFunctionCalltss, DataFlow::Nodesrc\|`
`36`		`-sv.getAnAssignedValue()=tsgand`
`37`		`-acc.getAPredecessor*()=tsgand`
`38`		`-// there should be dataflow from somewhere (the same somewhere)`
`39`		`-// into each of the first arguments`
`40`		`- DataFlow::localFlow(src, DataFlow::exprNode(tsg.getArgument(0)))and`
`41`		`- DataFlow::localFlow(src, DataFlow::exprNode(tss.getArgument(0)))`
	`26`	`+(`
	`27`	`+exists(ObjectIdentityobj,Expracc\|`
	`28`	`+obj.getASubobjectAccess()=accand`
	`29`	`+obj.getStorageDuration().isAutomatic()and`
	`30`	`+exists(DataFlow::NodeaddrNode\|`
	`31`	`+(`
	`32`	`+addrNode= DataFlow::exprNode(any(AddressOfExpre\|e.getOperand()=acc))`
	`33`	`+or`
	`34`	`+addrNode= DataFlow::exprNode(acc)and`
	`35`	`+exists(ArrayToPointerConversionc\|c.getExpr()=acc)`
	`36`	`+)and`
	`37`	`+ TaintTracking::localTaint(addrNode, DataFlow::exprNode(arg))`
	`38`	`+)`
	`39`	`+)`
	`40`	`+or`
	`41`	`+// TODO: This case is handling threadlocals in a useful way that's not intended to be covered`
	`42`	`+// by the rule. See issue #801. The actual rule should expect no tss_t objects is used, and`
	`43`	`+// this check that this is initialized doesn't seem to belong here. However, it is a useful`
	`44`	`+// check in and of itself, so we should figure out if this is part of an optional rule we`
	`45`	`+// haven't yet implemented and move this behavior there.`
	`46`	`+exists(TSSGetFunctionCalltsg\|`
	`47`	`+ TaintTracking::localTaint(DataFlow::exprNode(tsg), DataFlow::exprNode(arg))and`
	`48`	`+notexists(TSSSetFunctionCalltss, DataFlow::Nodesrc\|`
	`49`	`+// there should be dataflow from somewhere (the same somewhere)`
	`50`	`+// into each of the first arguments`
	`51`	`+ DataFlow::localFlow(src, DataFlow::exprNode(tsg.getArgument(0)))and`
	`52`	`+ DataFlow::localFlow(src, DataFlow::exprNode(tss.getArgument(0)))`
	`53`	`+)`
	`54`	`+)`
`42`	`55`	`)`
`43`	`56`	`selecttcc,"$@ not declared with appropriate storage duration",arg,"Shared object"`

`‎c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql‎`

Lines changed: 0 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,6 @@`
`16`	`16`	`import cpp`
`17`	`17`	`import codingstandards.c.cert`
`18`	`18`	`import codingstandards.cpp.Concurrency`
`19`		`-import semmle.code.cpp.dataflow.TaintTracking`
`20`	`19`	`import semmle.code.cpp.dataflow.DataFlow`
`21`	`20`
`22`	`21`	`fromTSSGetFunctionCalltsg,ThreadedFunctiontf`

`‎c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql‎`

Lines changed: 6 additions & 33 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,37 +14,10 @@`
`14`	`14`
`15`	`15`	`import cpp`
`16`	`16`	`import codingstandards.c.cert`
`17`		`-import codingstandards.cpp.Concurrency`
	`17`	`+import codingstandards.cpp.rules.joinordetachthreadonlyonce.JoinOrDetachThreadOnlyOnce`
`18`	`18`
`19`		`-// OK`
`20`		`-// 1) Thread calls detach parent DOES NOT call join`
`21`		`-// 2) Parent calls join, thread does NOT call detach()`
`22`		`-// NOT OK`
`23`		`-// 1) Thread calls detach, parent calls join`
`24`		`-// 2) Thread calls detach twice, parent does not call join`
`25`		`-// 3) Parent calls join twice, thread does not call detach`
`26`		`-fromC11ThreadCreateCalltcc`
`27`		`-where`
`28`		`-notisExcluded(tcc, Concurrency5Package::threadWasPreviouslyJoinedOrDetachedQuery())and`
`29`		`-// Note: These cases can be simplified but they are presented like this for clarity`
`30`		-// case 1 - calls to `thrd_join` and `thrd_detach` within the parent or
`31`		`-// within the parent / child CFG.`
`32`		`-exists(C11ThreadWaittw,C11ThreadDetachdt\|`
`33`		`-tw=getAThreadContextAwareSuccessor(tcc)and`
`34`		`-dt=getAThreadContextAwareSuccessor(tcc)`
`35`		`-)`
`36`		`-or`
`37`		-// case 2 - multiple calls to `thrd_detach` within the threaded CFG.
`38`		`-exists(C11ThreadDetachdt1,C11ThreadDetachdt2\|`
`39`		`-dt1=getAThreadContextAwareSuccessor(tcc)and`
`40`		`-dt2=getAThreadContextAwareSuccessor(tcc)and`
`41`		`-notdt1=dt2`
`42`		`-)`
`43`		`-or`
`44`		-// case 3 - multiple calls to `thrd_join` within the threaded CFG.
`45`		`-exists(C11ThreadWaittw1,C11ThreadWaittw2\|`
`46`		`-tw1=getAThreadContextAwareSuccessor(tcc)and`
`47`		`-tw2=getAThreadContextAwareSuccessor(tcc)and`
`48`		`-nottw1=tw2`
`49`		`-)`
`50`		`-selecttcc,"Thread may call join or detach after the thread is joined or detached."`
	`19`	`+classThreadWasPreviouslyJoinedOrDetachedQueryextendsJoinOrDetachThreadOnlyOnceSharedQuery{`
	`20`	`+ThreadWasPreviouslyJoinedOrDetachedQuery(){`
	`21`	`+this= Concurrency5Package::threadWasPreviouslyJoinedOrDetachedQuery()`
	`22`	`+}`
	`23`	`+}`

`‎c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql‎`

Lines changed: 9 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -13,10 +13,16 @@`
`13`	`13`
`14`	`14`	`import cpp`
`15`	`15`	`import codingstandards.c.cert`
	`16`	`+import codingstandards.c.Objects`
`16`	`17`	`import semmle.code.cpp.dataflow.DataFlow`
`17`	`18`
`18`		`-classSourceextendsStackVariable{`
`19`		`-Source(){notthisinstanceofParameter}`
	`19`	`+classSourceextendsExpr{`
	`20`	`+ObjectIdentityrootObject;`
	`21`	`+`
	`22`	`+Source(){`
	`23`	`+rootObject.getStorageDuration().isAutomatic()and`
	`24`	`+this=rootObject.getASubobjectAddressExpr()`
	`25`	`+}`
`20`	`26`	`}`
`21`	`27`
`22`	`28`	`classSinkextends DataFlow::Node{`
`@@ -40,7 +46,7 @@ from DataFlow::Node src, DataFlow::Node sink`
`40`	`46`	`where`
`41`	`47`	`notisExcluded(sink.asExpr(),`
`42`	`48`	`Declarations8Package::appropriateStorageDurationsFunctionReturnQuery())and`
`43`		`-exists(Sources\|src.asExpr()=s.getAnAccess())and`
	`49`	`+exists(Sources\|src.asExpr()=s)and`
`44`	`50`	`sinkinstanceofSinkand`
`45`	`51`	`DataFlow::localFlow(src,sink)`
`46`	`52`	`selectsink,"$@ with automatic storage may be accessible outside of its lifetime.",src,`

`‎c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@`
`14`	`14`	`import cpp`
`15`	`15`	`import codingstandards.c.cert`
`16`	`16`	`import codingstandards.c.Errno`
	`17`	`+import semmle.code.cpp.dataflow.DataFlow`
`17`	`18`
`18`	`19`	`/**`
`19`	`20`	* A call to an `OutOfBandErrnoSettingFunction`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commite7455c0

File tree

306 files changed

Some content is hidden

306 files changed

`‎.github/workflows/upgrade_codeql_dependencies.yml‎`

`‎amendments.csv‎`

`‎c/cert/src/codeql-pack.lock.yml‎`

`‎c/cert/src/qlpack.yml‎`

`‎c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql‎`

`‎c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql‎`

`‎c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql‎`

`‎c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql‎`

`‎c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql‎`

`‎c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql‎`

0 commit comments