Release v2.1.0

Author: rvermeulen

.github/actions/install-codeql/action.yml

@@ -90,7 +90,7 @@ runs:
 
         if [ "$CODEQL_STDLIB_VERSION" != "latest" ]
         then
-          push codeql-stdlib
+          pushd codeql-stdlib
           echo "::debug::Switching to revision $CODEQL_STDLIB_VERSION"
           git checkout $CODEQL_STDLIB_VERSION
           popd

.github/workflows/code-scanning-pack-gen.yml

@@ -5,11 +5,13 @@ on:
     branches:
       - main
       - "rc/**"
+      - "c-coding-standards"
 
   push:
     branches:
       - main
       - "rc/**"
+      - "c-coding-standards"
 
 env:
   XARGS_MAX_PROCS: 4

.vscode/tasks.json

@@ -12,6 +12,18 @@
             },
             "problemMatcher": []
         },
+
+        {
+            "label": "🔃 Standards Automation: Switch To Test or Implementation",
+            "type": "shell",
+            "command": "pwsh .${pathSeparator}scripts${pathSeparator}vscode${pathSeparator}Get-TestOrQueryDirectoryForCurrentFile.ps1 -CurrentFile ${file}",
+            "presentation": {
+                "reveal": "never",
+                "panel": "dedicated"
+            },
+            "problemMatcher": []
+        },
+
         {
             "label": "Standards Automation: Install Deps",
             "type": "shell",
@@ -157,6 +169,7 @@
                 "BannedTypes",
                 "BannedFunctions",
                 "Classes",
+                "Comments",
                 "Concurrency",
                 "Const",
                 "Declarations",
@@ -171,14 +184,13 @@
                 "Macros",
                 "Naming",
                 "Scope",
-                "Side-effects1",
-                "Side-effects2",
                 "Classes",
                 "SmartPointers1",
                 "SmartPointers2",
                 "SideEffects1",
                 "SideEffects2",
                 "Strings",
+                "Syntax",
                 "Templates",
                 "Classes",
                 "Freed",

c/cert/src/qlpack.yml

@@ -1,4 +1,4 @@
 name: cert-c-coding-standards
-version: 2.0.0
+version: 2.1.0
 suites: codeql-suites
 libraryPathDependencies: common-c-coding-standards

c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp

@@ -0,0 +1,8 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+  <fragment>
+    <p>None</p>
+  </fragment>
+</qhelp>

c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp

@@ -0,0 +1,33 @@
+<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
+<qhelp>
+  <section title="Classification">
+    <ul>
+      <li>required</li>
+      <li>implementation</li>
+      <li>automated</li>
+    </ul>
+  </section>
+
+  <section title="Rationale">
+    <p>
+           ...
+    </p>
+
+  </section>
+
+  <section title="Exception">
+    <p>
+      ...
+    </p>
+  </section>
+
+  <example>
+    <sample src="standard-example.c"></sample>
+  </example>
+
+  <section title="See more">
+    <ul>
+      <li>...</li>
+    </ul>
+  </section>
+</qhelp>

c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp

@@ -0,0 +1,21 @@
+<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
+<qhelp>
+  <!-- THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. -->
+  <overview>
+    <p>This query implements the CERT-C rule EXP30-C:</p>
+    <blockquote>
+      <p>Do not depend on the order of evaluation for side effects</p>
+    </blockquote>
+  </overview>
+  <include src="DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp" />
+  <section title="Implementation notes">
+    <include src="DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp" />
+  </section>
+  <references>
+    <li>
+      CERT-C:
+      <a href="https://wiki.sei.cmu.edu/confluence/display/c">EXP30-C: Do not depend on the order of evaluation for side effects</a>
+      .
+    </li>
+  </references>
+</qhelp>

c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql

@@ -0,0 +1,129 @@
+/**
+ * @id c/cert/dependence-on-order-of-function-arguments-for-side-effects
+ * @name EXP30-C: Do not depend on the order of evaluation of function call arguments for side effects
+ * @description Depending on the order of evaluation for side effects in function call arguments can
+ *              result in unexpected program behavior.
+ * @kind problem
+ * @precision high
+ * @problem.severity warning
+ * @tags external/cert/id/exp30-c
+ *       correctness
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.SideEffect
+import semmle.code.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.TaintTracking
+import semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl
+
+/** Holds if the function's return value is derived from the `AliasParamter` p. */
+predicate returnValueDependsOnAliasParameter(AliasParameter p) {
+  exists(ReturnStmt ret | ret = p.getFunction().getBlock().getAStmt() |
+    TaintTracking::localTaint(DataFlow::parameterNode(p), DataFlow::exprNode(ret.getExpr()))
+    or
+    exists(FieldAccess fa, VariableAccess va | fa.getQualifier() = va and va.getTarget() = p |
+      TaintTracking::localTaint(DataFlow::exprNode(fa), DataFlow::exprNode(ret.getExpr()))
+    )
+    or
+    exists(FunctionCall call, VariableAccess va | call.getQualifier() = va and va.getTarget() = p |
+      TaintTracking::localTaint(DataFlow::exprNode(call), DataFlow::exprNode(ret.getExpr()))
+    )
+    or
+    exists(VariableAccess va | va.getTarget() = p | ret.getAChild+() = va)
+  )
+  or
+  exists(FunctionCall call, ReturnStmt ret, int i, AliasParameter q |
+    ret = p.getFunction().getBlock().getAStmt() and call.getEnclosingFunction() = p.getFunction()
+  |
+    DataFlow::localFlow(DataFlow::parameterNode(p), DataFlow::exprNode(call.getArgument(i))) and
+    q = call.getTarget().getParameter(i) and
+    returnValueDependsOnAliasParameter(q) and
+    TaintTracking::localTaint(DataFlow::exprNode(call), DataFlow::exprNode(ret.getExpr()))
+  )
+}
+
+/** Holds if the function `f`'s return value is derived from the global variable `v`. */
+predicate returnValueDependsOnGlobalVariable(Function f, GlobalVariable v) {
+  exists(ReturnStmt ret, VariableAccess va |
+    ret = f.getBlock().getAStmt() and va.getTarget() = v and va.getEnclosingFunction() = f
+  |
+    TaintTracking::localTaint(DataFlow::exprNode(va), DataFlow::exprNode(ret.getExpr()))
+  )
+  or
+  exists(ReturnStmt ret, FunctionCall call |
+    ret = f.getBlock().getAStmt() and
+    call.getEnclosingFunction() = f and
+    returnValueDependsOnGlobalVariable(call.getTarget(), v) and
+    TaintTracking::localTaint(DataFlow::exprNode(call), DataFlow::exprNode(ret.getExpr()))
+  )
+}
+
+/** Holds if the member function `f`'s return value is derived from the member variable `v`. */
+predicate returnValueDependsOnMemberVariable(MemberFunction f, MemberVariable v) {
+  exists(ReturnStmt ret, VariableAccess va |
+    ret = f.getBlock().getAStmt() and
+    va.getTarget() = v and
+    va.getEnclosingFunction() = f and
+    v.getDeclaringType() = f.getDeclaringType()
+  |
+    TaintTracking::localTaint(DataFlow::exprNode(va), DataFlow::exprNode(ret.getExpr()))
+  )
+}
+
+from
+  FunctionCall call, Function f1, Function f2, int i, int j, FunctionCall arg1, FunctionCall arg2,
+  Variable v1, Variable v2
+where
+  not isExcluded(call,
+    SideEffects1Package::dependenceOnOrderOfFunctionArgumentsForSideEffectsQuery()) and
+  arg1 = call.getArgument(i) and
+  arg2 = call.getArgument(j) and
+  i < j and
+  arg1.getTarget() = f1 and
+  arg2.getTarget() = f2 and
+  (
+    // Considering the shared states:
+    // - pointer or reference arguments being used in both functions
+    exists(AliasParameter p1, AliasParameter p2 |
+      v1 = p1 and
+      v2 = p2 and
+      f1.getAParameter() = p1 and
+      f2.getAParameter() = p2 and
+      p1.isModified() and
+      p2.isModified() and
+      globalValueNumber(arg1.getArgument(p1.getIndex())) =
+        globalValueNumber(arg2.getArgument(p2.getIndex())) and
+      returnValueDependsOnAliasParameter(p1) and
+      returnValueDependsOnAliasParameter(p2)
+    )
+    or
+    // - global variables being used in both functions
+    exists(GlobalVariable v, VariableEffect ve1, VariableEffect ve2 |
+      v1 = v and
+      v2 = v and
+      returnValueDependsOnGlobalVariable(f1, v) and
+      returnValueDependsOnGlobalVariable(f2, v) and
+      ve1.getTarget() = v and
+      ve2.getTarget() = v
+    )
+    or
+    // - member variables that can be modified in both functions
+    exists(MemberVariable v |
+      v1 = v and
+      v2 = v and
+      returnValueDependsOnMemberVariable(f1, v) and
+      returnValueDependsOnMemberVariable(f2, v) and
+      v = getAMemberVariableEffect(f1).getTarget() and
+      v = getAMemberVariableEffect(f2).getTarget() and
+      (
+        globalValueNumber(arg1.getQualifier()) = globalValueNumber(arg2.getQualifier())
+        or
+        v.isStatic() and arg1.getQualifier().getType() = arg2.getQualifier().getType()
+      )
+    )
+  )
+select call,
+  "Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior.",
+  arg1, arg1.toString(), arg2, arg2.toString()

c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp

@@ -0,0 +1,8 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+  <fragment>
+    <p>None</p>
+  </fragment>
+</qhelp>

c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp

@@ -0,0 +1,33 @@
+<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
+<qhelp>
+  <section title="Classification">
+    <ul>
+      <li>required</li>
+      <li>implementation</li>
+      <li>automated</li>
+    </ul>
+  </section>
+
+  <section title="Rationale">
+    <p>
+           ...
+    </p>
+
+  </section>
+
+  <section title="Exception">
+    <p>
+      ...
+    </p>
+  </section>
+
+  <example>
+    <sample src="standard-example.c"></sample>
+  </example>
+
+  <section title="See more">
+    <ul>
+      <li>...</li>
+    </ul>
+  </section>
+</qhelp>

c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp

@@ -0,0 +1,21 @@
+<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
+<qhelp>
+  <!-- THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. -->
+  <overview>
+    <p>This query implements the CERT-C rule EXP30-C:</p>
+    <blockquote>
+      <p>Do not depend on the order of evaluation for side effects</p>
+    </blockquote>
+  </overview>
+  <include src="DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp" />
+  <section title="Implementation notes">
+    <include src="DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp" />
+  </section>
+  <references>
+    <li>
+      CERT-C:
+      <a href="https://wiki.sei.cmu.edu/confluence/display/c">EXP30-C: Do not depend on the order of evaluation for side effects</a>
+      .
+    </li>
+  </references>
+</qhelp>

c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.ql

@@ -0,0 +1,30 @@
+/**
+ * @id c/cert/dependence-on-order-of-scalar-evaluation-for-side-effects
+ * @name EXP30-C: Do not depend on the order of scalar object evaluation for side effects
+ * @description Depending on the order of evaluation for side effects for evaluation of scalar
+ *              objects that are unsequenced results in undefined behavior.
+ * @kind problem
+ * @precision high
+ * @problem.severity warning
+ * @tags external/cert/id/exp30-c
+ *       correctness
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.SideEffect
+import codingstandards.c.Ordering
+import codingstandards.c.orderofevaluation.VariableAccessOrdering
+
+from
+  VariableAccessInFullExpressionOrdering config, FullExpr e, ScalarVariable v, VariableEffect ve,
+  VariableAccess va1, VariableAccess va2
+where
+  not isExcluded(e, SideEffects1Package::dependenceOnOrderOfScalarEvaluationForSideEffectsQuery()) and
+  e = va1.(ConstituentExpr).getFullExpr() and
+  va1 = ve.getAnAccess() and
+  config.isUnsequenced(va1, va2) and
+  v = va1.getTarget()
+select e, "Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@.",
+  v, v.getName(), ve, "side-effect", va2, "side-effect or value computation"

cpp/autosar/test/rules/A2-7-2/config.h renamed to c/cert/src/rules/EXP30-C/standard-example.c

@@ -0,0 +1,8 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+  <fragment>
+    <p>None</p>
+  </fragment>
+</qhelp>