Merge remote-tracking branch 'origin/main' into michaelrfairhurst/implement-types2-package

Author: MichaelRFairhurst

.github/workflows/validate-package-files.yml

@@ -56,4 +56,10 @@ jobs:
           find rule_packages/$LANGUAGE -name \*.json -exec basename {} .json \; | xargs python scripts/generate_rules/generate_package_files.py $LANGUAGE
           git diff
           git diff --compact-summary
-          git diff --quiet
+          git diff --quiet
+
+      - name: Validate Amendments
+        env:
+          LANGUAGE: ${{ matrix.language }}
+        run: |
+          python scripts/validate-amendments-csv.py $LANGUAGE

amendments.csv

@@ -0,0 +1,49 @@
+language,standard,amendment,rule_id,supportable,implementation_category,implemented,difficulty
+c,MISRA-C-2012,Amendment3,DIR-4-6,Yes,Expand,No,Easy
+c,MISRA-C-2012,Amendment3,DIR-4-9,Yes,Refine,No,Easy
+c,MISRA-C-2012,Amendment3,DIR-4-11,Yes,Refine,No,Import
+c,MISRA-C-2012,Amendment3,RULE-1-4,Yes,Replace,No,Easy
+c,MISRA-C-2012,Amendment3,RULE-10-1,Yes,Replace,No,Easy
+c,MISRA-C-2012,Amendment3,RULE-10-3,Yes,Refine,No,Easy
+c,MISRA-C-2012,Amendment3,RULE-10-4,Yes,Refine,No,Import
+c,MISRA-C-2012,Amendment3,RULE-10-5,Yes,Expand,No,Easy
+c,MISRA-C-2012,Amendment3,RULE-10-7,Yes,Refine,No,Import
+c,MISRA-C-2012,Amendment3,RULE-10-8,Yes,Refine,No,Import
+c,MISRA-C-2012,Amendment3,RULE-21-11,Yes,Clarification,No,Import
+c,MISRA-C-2012,Amendment3,RULE-21-12,Yes,Replace,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard
+c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium
+c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-8-6,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-8-9,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-9-4,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-10-1,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-18-3,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-1-4,Yes,Replace,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-9-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-9-2,Yes,Refine,No,Import
+c,MISRA-C-2012,Corrigendum2,DIR-4-10,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-7-4,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-8-2,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-8-3,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-8-7,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-10-2,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-10-3,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-11-3,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-11-6,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-13-2,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-13-6,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-14-3,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-15-7,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-17-4,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-17-5,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-18-1,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-20-14,No,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-21-19,Yes,Clarification,No,Import
+c,MISRA-C-2012,Corrigendum2,RULE-21-20,Yes,Refine,No,Easy
+c,MISRA-C-2012,Corrigendum2,RULE-22-9,Yes,Clarification,No,Import

c/cert/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards
-version: 2.35.0-dev
+version: 2.36.0-dev
 description: CERT C 2016
 suites: codeql-suites
 license: MIT

c/cert/test/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards-tests
-version: 2.35.0-dev
+version: 2.36.0-dev
 extractor: cpp
 license: MIT
 dependencies:

c/common/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards
-version: 2.35.0-dev
+version: 2.36.0-dev
 license: MIT
 dependencies:
   codeql/common-cpp-coding-standards: '*'

c/common/test/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards-tests
-version: 2.35.0-dev
+version: 2.36.0-dev
 extractor: cpp
 license: MIT
 dependencies:

c/misra/src/qlpack.yml

@@ -1,5 +1,5 @@
 name: codeql/misra-c-coding-standards
-version: 2.35.0-dev
+version: 2.36.0-dev
 description: MISRA C 2012
 suites: codeql-suites
 license: MIT

c/misra/src/rules/RULE-11-4/ConversionBetweenPointerToObjectAndIntegerType.ql

@@ -13,14 +13,73 @@
 
 import cpp
 import codingstandards.c.misra
+import codingstandards.cpp.Macro
 import codingstandards.cpp.Pointers
 
-from CStyleCast cast, Type typeFrom, Type typeTo
+MacroInvocation getAMacroInvocation(CStyleCast cast) { result.getAnExpandedElement() = cast }
+
+Macro getPrimaryMacro(CStyleCast cast) {
+  exists(MacroInvocation mi |
+    mi = getAMacroInvocation(cast) and
+    not exists(MacroInvocation otherMi |
+      otherMi = getAMacroInvocation(cast) and otherMi.getParentInvocation() = mi
+    ) and
+    result = mi.getMacro()
+  )
+}
+
+Macro getNonFunctionPrimaryMacro(CStyleCast cast) {
+  result = getPrimaryMacro(cast) and
+  not result instanceof FunctionLikeMacro
+}
+
+from
+  Locatable primaryLocation, CStyleCast cast, Type typeFrom, Type typeTo, string message,
+  string extraMessage, Locatable optionalPlaceholderLocation, string optionalPlaceholderMessage
 where
   not isExcluded(cast, Pointers1Package::conversionBetweenPointerToObjectAndIntegerTypeQuery()) and
   typeFrom = cast.getExpr().getUnderlyingType() and
   typeTo = cast.getUnderlyingType() and
-  [typeFrom, typeTo] instanceof IntegralType and
-  [typeFrom, typeTo] instanceof PointerToObjectType and
-  not isNullPointerConstant(cast.getExpr())
-select cast, "Cast performed between a pointer to object type and a pointer to an integer type."
+  (
+    typeFrom instanceof PointerToObjectType and
+    typeTo instanceof IntegralType and
+    message =
+      "Cast from pointer to object type '" + typeFrom + "' to integer type '" + typeTo + "'" +
+        extraMessage + "."
+    or
+    typeFrom instanceof IntegralType and
+    typeTo instanceof PointerToObjectType and
+    message =
+      "Cast from integer type '" + typeFrom + "' to pointer to object type '" + typeTo + "'" +
+        extraMessage + "."
+  ) and
+  not isNullPointerConstant(cast.getExpr()) and
+  // If this alert is arising through a non-function-like macro expansion, flag the macro instead, to
+  // help make the alerts more manageable. We only do this for non-function-like macros because they
+  // cannot be context specific.
+  if exists(getNonFunctionPrimaryMacro(cast))
+  then
+    primaryLocation = getNonFunctionPrimaryMacro(cast) and
+    extraMessage = "" and
+    optionalPlaceholderLocation = primaryLocation and
+    optionalPlaceholderMessage = ""
+  else (
+    primaryLocation = cast and
+    // If the cast is in a macro expansion which is context specific, we still report the original
+    // location, but also add a link to the most specific macro that contains the cast, to aid
+    // validation.
+    if exists(getPrimaryMacro(cast))
+    then
+      extraMessage = " from expansion of macro $@" and
+      exists(Macro m |
+        m = getPrimaryMacro(cast) and
+        optionalPlaceholderLocation = m and
+        optionalPlaceholderMessage = m.getName()
+      )
+    else (
+      extraMessage = "" and
+      optionalPlaceholderLocation = cast and
+      optionalPlaceholderMessage = ""
+    )
+  )
+select primaryLocation, message, optionalPlaceholderLocation, optionalPlaceholderMessage

c/misra/src/rules/RULE-11-6/CastBetweenPointerToVoidAndArithmeticType.ql

@@ -22,5 +22,5 @@ where
   typeTo = cast.getUnderlyingType() and
   [typeFrom, typeTo] instanceof ArithmeticType and
   [typeFrom, typeTo] instanceof VoidPointerType and
-  not isNullPointerConstant(cast.getExpr())
+  not cast.getExpr() instanceof Zero
 select cast, "Cast performed between a pointer to void type and an arithmetic type."

c/misra/src/rules/RULE-11-9/MacroNullNotUsedAsIntegerNullPointerConstant.ql

@@ -18,15 +18,25 @@ import codingstandards.cpp.Type
 from Zero zero, Expr e, string type
 where
   not isExcluded(zero, Pointers1Package::macroNullNotUsedAsIntegerNullPointerConstantQuery()) and
-  // exclude the base-case (NULL macros and void pointer casts)
-  not isNullPointerConstant(zero) and
+  // Exclude the base-case (NULL macros and void pointer casts)
+  // Note: we cannot use the isNullPointerConstant predicate here because it permits
+  //       the use of `0` without casting, which is prohibited here.
+  not (
+    zero.findRootCause() instanceof NullMacro
+    or
+    // integer constant `0` explicitly cast to void pointer
+    exists(Conversion c | c = zero.getConversion() |
+      not c.isImplicit() and
+      c.getUnderlyingType() instanceof VoidPointerType
+    )
+  ) and
   (
     // ?: operator
     exists(ConditionalExpr parent |
       (
-        parent.getThen().getAChild*() = zero and parent.getElse().getType() instanceof PointerType
+        parent.getThen() = zero and parent.getElse().getType() instanceof PointerType
         or
-        parent.getElse().getAChild*() = zero and parent.getThen().getType() instanceof PointerType
+        parent.getElse() = zero and parent.getThen().getType() instanceof PointerType
       ) and
       // exclude a common conditional pattern used in macros such as 'assert'
       not parent.isInMacroExpansion() and