-
Notifications
You must be signed in to change notification settings - Fork 73
Implement Memory1 (RULE-8-7-1)
#967
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
jeongsoolee09
wants to merge
39
commits into
main
Choose a base branch
from
jeongsoolee09/MISRA-C++-2023-Memory
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+2,560
−9
Open
Changes from all commits
Commits
Show all changes
39 commits
Select commit
Hold shift + click to select a range
b2231c9
Number `Memory` packages
jeongsoolee09 9b5d8b2
Add rule description files
jeongsoolee09 a5d4127
Add Memory1 package files
jeongsoolee09 1a2cde8
Expose malloc, calloc and realloc
jeongsoolee09 c21e862
Minor comments
jeongsoolee09 c0b1e55
Checkpoint
jeongsoolee09 9d3bab0
Split out source and sinks into their cases
jeongsoolee09 a8a6db7
Checkpoint
jeongsoolee09 4464702
Merge branch 'main' into jeongsoolee09/MISRA-C++-2023-Memory
jeongsoolee09 e2c5870
Checkpoint: Add `DynamicAllocation` case
jeongsoolee09 fe2a3c4
First working draft
jeongsoolee09 5ea652b
Refine into path-problem
jeongsoolee09 7b860d9
Change `TaintTracking` to `DataFlow`
jeongsoolee09 08b8bf7
Finalize first working draft for stack / heap arrays
jeongsoolee09 062c62f
Document code copy and clean up imports
jeongsoolee09 e264dfd
Add multidimensional arrays alloc'ed on stack
jeongsoolee09 4d2bc8b
Add test.cpp and expected test results
jeongsoolee09 21500b8
Add exclusion for Memory1.qll
jeongsoolee09 e9f39a2
Adjust precision of existing rule and add a supplementary rule
jeongsoolee09 a62e2e1
Add supplementary query files
jeongsoolee09 ca62995
Fix @kind from problem to path-problem
jeongsoolee09 8abf097
Copy OutOfBounds.qll to cpp/common/src/codingstandards/cpp/
jeongsoolee09 f5454de
Remove unused import codingstandards.cpp.Variable in OutOfBounds.qll
jeongsoolee09 d82ed6e
Add PointerArgumentToCstringFunctionIsInvalid.ql and create testref f…
jeongsoolee09 356bbf2
Copy test.c from ARR38-C and add strncpy
jeongsoolee09 4c4cf49
Add headers, Add defininitions to headers, remove cases without null …
jeongsoolee09 9ced913
Remove testref and add qlref and expected
jeongsoolee09 1c5dc84
Address case of `strncat`
jeongsoolee09 2f80208
Remove unused predicate and update .expected
jeongsoolee09 0b7f024
Fix formatting error on the name property of the package
jeongsoolee09 8585568
Fix formatting of test.cpp
jeongsoolee09 610af04
Merge branch 'main' into jeongsoolee09/MISRA-C++-2023-Memory
jeongsoolee09 fe1bb85
Fix name formatting
jeongsoolee09 4989ff2
Merge branch 'jeongsoolee09/MISRA-C++-2023-Memory' of github.com:gith…
jeongsoolee09 ccd7993
Commit these later
jeongsoolee09 4780155
Remove alerts for negative offsets and fix @name property
jeongsoolee09 fd2713f
Fix precision in description file
jeongsoolee09 8ecc213
Fix test case formatting
jeongsoolee09 77fa2b7
Add QLDocs and comments
jeongsoolee09 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
1,358 changes: 1,358 additions & 0 deletions
1,358
cpp/common/src/codingstandards/cpp/OutOfBounds.qll
Large diffs are not rendered by default.
Oops, something went wrong.
44 changes: 44 additions & 0 deletions
44
cpp/common/src/codingstandards/cpp/exclusions/cpp/Memory1.qll
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| //** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ | ||
| import cpp | ||
| import RuleMetadata | ||
| import codingstandards.cpp.exclusions.RuleMetadata | ||
|
|
||
| newtype Memory1Query = | ||
| TPointerArithmeticFormsAnInvalidPointerQuery() or | ||
| TPointerArgumentToCstringFunctionIsInvalidQuery() | ||
|
|
||
| predicate isMemory1QueryMetadata(Query query, string queryId, string ruleId, string category) { | ||
| query = | ||
| // `Query` instance for the `pointerArithmeticFormsAnInvalidPointer` query | ||
| Memory1Package::pointerArithmeticFormsAnInvalidPointerQuery() and | ||
| queryId = | ||
| // `@id` for the `pointerArithmeticFormsAnInvalidPointer` query | ||
| "cpp/misra/pointer-arithmetic-forms-an-invalid-pointer" and | ||
| ruleId = "RULE-8-7-1" and | ||
| category = "required" | ||
| or | ||
| query = | ||
| // `Query` instance for the `pointerArgumentToCstringFunctionIsInvalid` query | ||
| Memory1Package::pointerArgumentToCstringFunctionIsInvalidQuery() and | ||
| queryId = | ||
| // `@id` for the `pointerArgumentToCstringFunctionIsInvalid` query | ||
| "cpp/misra/pointer-argument-to-cstring-function-is-invalid" and | ||
| ruleId = "RULE-8-7-1" and | ||
| category = "required" | ||
| } | ||
|
|
||
| module Memory1Package { | ||
| Query pointerArithmeticFormsAnInvalidPointerQuery() { | ||
| //autogenerate `Query` type | ||
| result = | ||
| // `Query` type for `pointerArithmeticFormsAnInvalidPointer` query | ||
| TQueryCPP(TMemory1PackageQuery(TPointerArithmeticFormsAnInvalidPointerQuery())) | ||
| } | ||
|
|
||
| Query pointerArgumentToCstringFunctionIsInvalidQuery() { | ||
| //autogenerate `Query` type | ||
| result = | ||
| // `Query` type for `pointerArgumentToCstringFunctionIsInvalid` query | ||
| TQueryCPP(TMemory1PackageQuery(TPointerArgumentToCstringFunctionIsInvalidQuery())) | ||
| } | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
cpp/misra/src/rules/RULE-8-7-1/PointerArgumentToCstringFunctionIsInvalid.ql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| /** | ||
| * @id cpp/misra/pointer-argument-to-cstring-function-is-invalid | ||
| * @name RULE-8-7-1: Pointer and index arguments passed to functions in <cstring> shall not be invalid | ||
| * @description Pointer and index arguments passed to functions in <cstring> should result in valid | ||
| * reads and/or writes. | ||
| * @kind problem | ||
| * @precision high | ||
| * @problem.severity error | ||
| * @tags external/misra/id/rule-8-7-1 | ||
| * scope/system | ||
| * external/misra/enforcement/undecidable | ||
| * external/misra/obligation/required | ||
| */ | ||
|
|
||
| import cpp | ||
| import codingstandards.cpp.OutOfBounds // for OOB::problems | ||
| import codingstandards.cpp.Exclusions // for isExcluded(Element, Query) | ||
| import codingstandards.cpp.exclusions.c.RuleMetadata | ||
|
|
||
| from | ||
| OOB::BufferAccessLibraryFunctionCall fc, string message, Expr bufferArg, string bufferArgStr, | ||
| Expr sizeOrOtherBufferArg, string otherStr | ||
| where | ||
| not isExcluded(fc, OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery()) and | ||
| OOB::problems(fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr) | ||
| select fc, message, bufferArg, bufferArgStr, sizeOrOtherBufferArg, otherStr | ||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This query imports from
codingstandards.cpp.exclusions.c.RuleMetadatabut the OutOfBoundsPackage::libraryFunctionArgumentOutOfBoundsQuery is defined for C, not C++. This is a MISRA C++ rule (RULE-8-7-1), so it should either use the C++ exclusions system or verify that using the C exclusions is intentional. This could cause issues with the exclusion system not properly recognizing this as a C++ query.