Merge branch 'main' into dependabot/pip/scripts/upgrade-codeql-depend…

…encies/urllib3-2.0.6

c/cert/src/codeql-pack.lock.yml

@@ -2,9 +2,11 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/cpp-all:
-    version: 0.6.1
+    version: 0.7.4
   codeql/ssa:
-    version: 0.0.14
+    version: 0.0.19
   codeql/tutorial:
-    version: 0.0.7
+    version: 0.0.12
+  codeql/util:
+    version: 0.0.12
 compiled: false

c/cert/src/qlpack.yml

@@ -5,4 +5,4 @@ suites: codeql-suites
 license: MIT
 dependencies:
   codeql/common-c-coding-standards: '*'
-  codeql/cpp-all: 0.6.1
+  codeql/cpp-all: 0.7.4

c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql

@@ -12,41 +12,42 @@
  *       external/cert/obligation/rule
  */
 
- import cpp
- import codingstandards.c.cert
- import codingstandards.c.OutOfBounds
-
- from
-   OOB::BufferAccess ba, Expr bufferArg, Expr sizeArg, OOB::PointerToObjectSource bufferSource,
-   string message
- where
-   not isExcluded(ba, OutOfBoundsPackage::doNotFormOutOfBoundsPointersOrArraySubscriptsQuery()) and
-   // exclude loops
-   not exists(Loop loop | loop.getStmt().getChildStmt*() = ba.getEnclosingStmt()) and
-   // exclude size arguments that are of type ssize_t
-   not sizeArg.getAChild*().(VariableAccess).getTarget().getType() instanceof Ssize_t and
-   // exclude size arguments that are assigned the result of a function call e.g. ftell
-   not sizeArg.getAChild*().(VariableAccess).getTarget().getAnAssignedValue() instanceof FunctionCall and
-   // exclude field or array accesses for the size arguments
-   not sizeArg.getAChild*() instanceof FieldAccess and
-   not sizeArg.getAChild*() instanceof ArrayExpr and
-   (
-     exists(int sizeArgValue, int bufferArgSize |
-      OOB::isSizeArgGreaterThanBufferSize(bufferArg, sizeArg, bufferSource, bufferArgSize, sizeArgValue, ba) and
-       message =
-         "Buffer accesses offset " + sizeArgValue + 
-         " which is greater than the fixed size " + bufferArgSize + " of the $@."
-     )
-     or
-     exists(int sizeArgUpperBound, int sizeMult, int bufferArgSize |
-       OOB::isSizeArgNotCheckedLessThanFixedBufferSize(bufferArg, sizeArg, bufferSource,
-         bufferArgSize, ba, sizeArgUpperBound, sizeMult) and
-       message =
-         "Buffer may access up to offset " + sizeArgUpperBound + "*" + sizeMult +
-           " which is greater than the fixed size " + bufferArgSize + " of the $@."
-     )
-     or
-     OOB::isSizeArgNotCheckedGreaterThanZero(bufferArg, sizeArg, bufferSource, ba) and
-     message = "Buffer access may be to a negative index in the buffer."
-   )
- select ba, message, bufferSource, "buffer"
+import cpp
+import codingstandards.c.cert
+import codingstandards.c.OutOfBounds
+
+from
+  OOB::BufferAccess ba, Expr bufferArg, Expr sizeArg, OOB::PointerToObjectSource bufferSource,
+  string message
+where
+  not isExcluded(ba, OutOfBoundsPackage::doNotFormOutOfBoundsPointersOrArraySubscriptsQuery()) and
+  // exclude loops
+  not exists(Loop loop | loop.getStmt().getChildStmt*() = ba.getEnclosingStmt()) and
+  // exclude size arguments that are of type ssize_t
+  not sizeArg.getAChild*().(VariableAccess).getTarget().getType() instanceof Ssize_t and
+  // exclude size arguments that are assigned the result of a function call e.g. ftell
+  not sizeArg.getAChild*().(VariableAccess).getTarget().getAnAssignedValue() instanceof FunctionCall and
+  // exclude field or array accesses for the size arguments
+  not sizeArg.getAChild*() instanceof FieldAccess and
+  not sizeArg.getAChild*() instanceof ArrayExpr and
+  (
+    exists(int sizeArgValue, int bufferArgSize |
+      OOB::isSizeArgGreaterThanBufferSize(bufferArg, sizeArg, bufferSource, bufferArgSize,
+        sizeArgValue, ba) and
+      message =
+        "Buffer accesses offset " + sizeArgValue + " which is greater than the fixed size " +
+          bufferArgSize + " of the $@."
+    )
+    or
+    exists(int sizeArgUpperBound, int sizeMult, int bufferArgSize |
+      OOB::isSizeArgNotCheckedLessThanFixedBufferSize(bufferArg, sizeArg, bufferSource,
+        bufferArgSize, ba, sizeArgUpperBound, sizeMult) and
+      message =
+        "Buffer may access up to offset " + sizeArgUpperBound + "*" + sizeMult +
+          " which is greater than the fixed size " + bufferArgSize + " of the $@."
+    )
+    or
+    OOB::isSizeArgNotCheckedGreaterThanZero(bufferArg, sizeArg, bufferSource, ba) and
+    message = "Buffer access may be to a negative index in the buffer."
+  )
+select ba, message, bufferSource, "buffer"

c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql

@@ -15,7 +15,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.donotuserelationaloperatorswithdifferingarrays.DoNotUseRelationalOperatorsWithDifferingArrays
 
-class DoNotRelatePointersThatDoNotReferToTheSameArrayQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery {
+class DoNotRelatePointersThatDoNotReferToTheSameArrayQuery extends DoNotUseRelationalOperatorsWithDifferingArraysSharedQuery
+{
   DoNotRelatePointersThatDoNotReferToTheSameArrayQuery() {
     this = Memory2Package::doNotRelatePointersThatDoNotReferToTheSameArrayQuery()
   }

c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql

@@ -15,7 +15,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.donotsubtractpointersaddressingdifferentarrays.DoNotSubtractPointersAddressingDifferentArrays
 
-class DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery {
+class DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery extends DoNotSubtractPointersAddressingDifferentArraysSharedQuery
+{
   DoNotSubtractPointersThatDoNotReferToTheSameArrayQuery() {
     this = Memory2Package::doNotSubtractPointersThatDoNotReferToTheSameArrayQuery()
   }

c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql

@@ -22,4 +22,4 @@ from
 where
   not isExcluded(fc, OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery()) and
   OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr)
-select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr
+select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr

c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql

@@ -16,7 +16,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.donotallowamutextogooutofscopewhilelocked.DoNotAllowAMutexToGoOutOfScopeWhileLocked
 
-class DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery {
+class DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery extends DoNotAllowAMutexToGoOutOfScopeWhileLockedSharedQuery
+{
   DoNotAllowAMutexToGoOutOfScopeWhileLockedQuery() {
     this = Concurrency3Package::doNotAllowAMutexToGoOutOfScopeWhileLockedQuery()
   }

c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql

@@ -24,5 +24,5 @@ where
       "setlocale", "atomic_init", "ATOMIC_VAR_INIT", "tmpnam", "mbrtoc16", "c16rtomb", "mbrtoc32",
       "c32rtomb"
     ]
-select node,
-  "Concurrent call to non-reeantrant function $@.", node.(FunctionCall).getTarget(), node.(FunctionCall).getTarget().getName()
+select node, "Concurrent call to non-reeantrant function $@.", node.(FunctionCall).getTarget(),
+  node.(FunctionCall).getTarget().getName()

c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql

@@ -16,7 +16,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.preventdeadlockbylockinginpredefinedorder.PreventDeadlockByLockingInPredefinedOrder
 
-class DeadlockByLockingInPredefinedOrderQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery {
+class DeadlockByLockingInPredefinedOrderQuery extends PreventDeadlockByLockingInPredefinedOrderSharedQuery
+{
   DeadlockByLockingInPredefinedOrderQuery() {
     this = Concurrency2Package::deadlockByLockingInPredefinedOrderQuery()
   }

c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql

@@ -24,5 +24,4 @@ where
   not isExcluded(fc, Concurrency1Package::doNotCallSignalInMultithreadedProgramQuery()) and
   fc.getTarget().getName() = "signal" and
   exists(ThreadedFunction f)
-select fc,
-  "Call to `signal()` in multithreaded programs."
+select fc, "Call to `signal()` in multithreaded programs."

c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql

@@ -16,7 +16,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.preservesafetywhenusingconditionvariables.PreserveSafetyWhenUsingConditionVariables
 
-class PreserveSafetyWhenUsingConditionVariablesQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery {
+class PreserveSafetyWhenUsingConditionVariablesQuery extends PreserveSafetyWhenUsingConditionVariablesSharedQuery
+{
   PreserveSafetyWhenUsingConditionVariablesQuery() {
     this = Concurrency3Package::preserveSafetyWhenUsingConditionVariablesQuery()
   }

c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql

@@ -12,18 +12,16 @@
  *       external/cert/obligation/rule
  */
 
- import cpp
- import codingstandards.c.cert
- import codingstandards.cpp.Concurrency
-
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.Concurrency
 
- from AtomicCompareExchange ace
- where
-   not isExcluded(ace, Concurrency3Package::wrapFunctionsThatCanFailSpuriouslyInLoopQuery()) and
-   (
-    forex(StmtParent sp | sp = ace.getStmt() | not sp.(Stmt).getParentStmt*() instanceof Loop) or
-    forex(Expr e | e = ace.getExpr() | not e.getEnclosingStmt().getParentStmt*()
-    instanceof Loop)
-   )
- select ace, "Function that can spuriously fail not wrapped in a loop."
-
+from AtomicCompareExchange ace
+where
+  not isExcluded(ace, Concurrency3Package::wrapFunctionsThatCanFailSpuriouslyInLoopQuery()) and
+  (
+    forex(StmtParent sp | sp = ace.getStmt() | not sp.(Stmt).getParentStmt*() instanceof Loop)
+    or
+    forex(Expr e | e = ace.getExpr() | not e.getEnclosingStmt().getParentStmt*() instanceof Loop)
+  )
+select ace, "Function that can spuriously fail not wrapped in a loop."

c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql

@@ -15,7 +15,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.donotcopyaddressofautostorageobjecttootherobject.DoNotCopyAddressOfAutoStorageObjectToOtherObject
 
-class AppropriateStorageDurationsStackAdressEscapeQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery {
+class AppropriateStorageDurationsStackAdressEscapeQuery extends DoNotCopyAddressOfAutoStorageObjectToOtherObjectSharedQuery
+{
   AppropriateStorageDurationsStackAdressEscapeQuery() {
     this = Declarations8Package::appropriateStorageDurationsStackAdressEscapeQuery()
   }

c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql

@@ -15,7 +15,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.informationleakageacrossboundaries.InformationLeakageAcrossBoundaries
 
-class InformationLeakageAcrossTrustBoundariesCQuery extends InformationLeakageAcrossBoundariesSharedQuery {
+class InformationLeakageAcrossTrustBoundariesCQuery extends InformationLeakageAcrossBoundariesSharedQuery
+{
   InformationLeakageAcrossTrustBoundariesCQuery() {
     this = Declarations7Package::informationLeakageAcrossTrustBoundariesCQuery()
   }

c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql

@@ -16,7 +16,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.invalidatedenvstringpointerswarn.InvalidatedEnvStringPointersWarn
 
-class DoNotStorePointersReturnedByEnvironmentFunWarnQuery extends InvalidatedEnvStringPointersWarnSharedQuery {
+class DoNotStorePointersReturnedByEnvironmentFunWarnQuery extends InvalidatedEnvStringPointersWarnSharedQuery
+{
   DoNotStorePointersReturnedByEnvironmentFunWarnQuery() {
     this = Contracts2Package::doNotStorePointersReturnedByEnvironmentFunWarnQuery()
   }

c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql

@@ -16,7 +16,6 @@ import codingstandards.c.Errno
 import codingstandards.c.Signal
 import semmle.code.cpp.controlflow.Guards
 
-
 /**
  * A check on `signal` call return value
  * `if (signal(SIGINT, handler) == SIG_ERR)`

c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql

@@ -118,7 +118,8 @@ class DefaultAlignedPointerExpr extends UnconvertedCastFromNonVoidPointerExpr, E
  * to exclude an `DefaultAlignedPointerAccessExpr` as a source if a preceding source
  * defined by this configuration provides more accurate alignment information.
  */
-class AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig extends DataFlow2::Configuration {
+class AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig extends DataFlow2::Configuration
+{
   AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig() {
     this = "AllocationOrAddressOfExprToUnconvertedCastFromNonVoidPointerExprConfig"
   }

c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql

@@ -163,8 +163,8 @@ Type compatibleTypes(Type type) {
     (
       type.stripType() instanceof Struct and
       type.getUnspecifiedType() = result.getUnspecifiedType() and
-      not type.getName() = "struct <unnamed>" and
-      not result.getName() = "struct <unnamed>"
+      not type.(Struct).isAnonymous() and
+      not result.(Struct).isAnonymous()
       or
       not type.stripType() instanceof Struct and
       (

c/cert/src/rules/EXP42-C/DoNotComparePaddingData.ql

@@ -15,7 +15,5 @@ import codingstandards.c.cert
 import codingstandards.cpp.rules.memcmpusedtocomparepaddingdata.MemcmpUsedToComparePaddingData
 
 class DoNotComparePaddingDataQuery extends MemcmpUsedToComparePaddingDataSharedQuery {
-  DoNotComparePaddingDataQuery() {
-    this = Memory2Package::doNotComparePaddingDataQuery()
-  }
+  DoNotComparePaddingDataQuery() { this = Memory2Package::doNotComparePaddingDataQuery() }
 }

c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql

@@ -89,7 +89,7 @@ module TaintedPathConfiguration implements DataFlow::ConfigSig {
   }
 }
 
-module TaintedPath = TaintTracking::Make<TaintedPathConfiguration>;
+module TaintedPath = TaintTracking::Global<TaintedPathConfiguration>;
 
 from
   FileFunction fileFunction, Expr taintedArg, FlowSource taintSource,
@@ -98,7 +98,7 @@ where
   not isExcluded(taintedArg, IO3Package::doNotPerformFileOperationsOnDevicesQuery()) and
   taintedArg = sinkNode.getNode().asIndirectArgument() and
   fileFunction.outermostWrapperFunctionCall(taintedArg, callChain) and
-  TaintedPath::hasFlowPath(sourceNode, sinkNode) and
+  TaintedPath::flowPath(sourceNode, sinkNode) and
   taintSource = sourceNode.getNode()
 select taintedArg, sourceNode, sinkNode,
   "This argument to a file access function is derived from $@ and then passed to " + callChain + ".",

c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql

@@ -15,7 +15,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.iofstreammissingpositioning.IOFstreamMissingPositioning
 
-class DoNotAlternatelyIOFromAStreamWithoutPositioningQuery extends IOFstreamMissingPositioningSharedQuery {
+class DoNotAlternatelyIOFromAStreamWithoutPositioningQuery extends IOFstreamMissingPositioningSharedQuery
+{
   DoNotAlternatelyIOFromAStreamWithoutPositioningQuery() {
     this = IO1Package::doNotAlternatelyIOFromAStreamWithoutPositioningQuery()
   }

c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql

@@ -16,7 +16,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.closefilehandlewhennolongerneededshared.CloseFileHandleWhenNoLongerNeededShared
 
-class CloseFilesWhenTheyAreNoLongerNeededQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery {
+class CloseFilesWhenTheyAreNoLongerNeededQuery extends CloseFileHandleWhenNoLongerNeededSharedSharedQuery
+{
   CloseFilesWhenTheyAreNoLongerNeededQuery() {
     this = IO1Package::closeFilesWhenTheyAreNoLongerNeededQuery()
   }

c/cert/src/rules/MEM34-C/OnlyFreeMemoryAllocatedDynamicallyCert.ql

@@ -16,7 +16,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.onlyfreememoryallocateddynamicallyshared.OnlyFreeMemoryAllocatedDynamicallyShared
 
-class OnlyFreeMemoryAllocatedDynamicallyCertQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery {
+class OnlyFreeMemoryAllocatedDynamicallyCertQuery extends OnlyFreeMemoryAllocatedDynamicallySharedSharedQuery
+{
   OnlyFreeMemoryAllocatedDynamicallyCertQuery() {
     this = Memory2Package::onlyFreeMemoryAllocatedDynamicallyCertQuery()
   }

c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql

@@ -14,7 +14,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers
 
-class RandUsedForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery {
+class RandUsedForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery
+{
   RandUsedForGeneratingPseudorandomNumbersQuery() {
     this = MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery()
   }

c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql

@@ -15,30 +15,22 @@ import codingstandards.c.cert
 
 /** Defines a class that models function calls to srandom() */
 class SRandomCall extends FunctionCall {
-  SRandomCall(){
-    getTarget().hasGlobalOrStdName("srandom")
-  }
+  SRandomCall() { getTarget().hasGlobalOrStdName("srandom") }
 
   /** Holds if the call is not obviously trivial. */
-  predicate isTrivial(){
-    getArgument(0) instanceof Literal
-  }
+  predicate isTrivial() { getArgument(0) instanceof Literal }
 }
 
 from FunctionCall fc
 where
   not isExcluded(fc, MiscPackage::properlySeedPseudorandomNumberGeneratorsQuery()) and
-
-  // find all calls to random() 
-  fc.getTarget().hasGlobalOrStdName("random") and 
-
+  // find all calls to random()
+  fc.getTarget().hasGlobalOrStdName("random") and
   // where there isn't a call to srandom that comes before it that is
   // non-trivial
   not exists(SRandomCall sr |
-    // normally we would want to do this in reverse --- but srandom() is 
-    // not pure and the order does not matter. 
+    // normally we would want to do this in reverse --- but srandom() is
+    // not pure and the order does not matter.
     sr.getASuccessor*() = fc and not sr.isTrivial()
   )
-
-
 select fc, "Call to `random()` without a valid call to `srandom()`."

c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql

@@ -15,7 +15,8 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn
 
-class ControlFlowReachesTheEndOfANonVoidFunctionQuery extends NonVoidFunctionDoesNotReturnSharedQuery {
+class ControlFlowReachesTheEndOfANonVoidFunctionQuery extends NonVoidFunctionDoesNotReturnSharedQuery
+{
   ControlFlowReachesTheEndOfANonVoidFunctionQuery() {
     this = MiscPackage::controlFlowReachesTheEndOfANonVoidFunctionQuery()
   }

c/cert/test/codeql-pack.lock.yml

@@ -2,9 +2,11 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/cpp-all:
-    version: 0.6.1
+    version: 0.7.4
   codeql/ssa:
-    version: 0.0.14
+    version: 0.0.19
   codeql/tutorial:
-    version: 0.0.7
+    version: 0.0.12
+  codeql/util:
+    version: 0.0.12
 compiled: false