Limit scope of Pointers2 to ARR39-C and update rule file

Author: Nikita Kraiouchkine

c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.md

@@ -5,7 +5,6 @@ This query implements the CERT-C rule ARR39-C:
 > Do not add or subtract a scaled integer to a pointer
 
 
-
 ## Description
 
 Pointer arithmetic is appropriate only when the pointer argument refers to an array (see [ARR37-C. Do not add or subtract an integer to a pointer to a non-array object](https://wiki.sei.cmu.edu/confluence/display/c/ARR37-C.+Do+not+add+or+subtract+an+integer+to+a+pointer+to+a+non-array+object)), including an array of bytes. When performing pointer arithmetic, the size of the value to add to or subtract from a pointer is automatically scaled to the size of the type of the referenced array object. Adding or subtracting a scaled integer value to or from a pointer is invalid because it may yield a pointer that does not point to an element within or one past the end of the array. (See [ARR30-C. Do not form or use out-of-bounds pointers or array subscripts](https://wiki.sei.cmu.edu/confluence/display/c/ARR30-C.+Do+not+form+or+use+out-of-bounds+pointers+or+array+subscripts).)

cpp/common/src/codingstandards/cpp/exclusions/c/Pointers2.qll

@@ -3,12 +3,7 @@ import cpp
 import RuleMetadata
 import codingstandards.cpp.exclusions.RuleMetadata
 
-newtype Pointers2Query =
-  TDoNotAddOrSubtractAScaledIntegerToAPointerQuery() or
-  TDoNotAccessVolatileObjectWithNonvolatileReferenceQuery() or
-  TDoNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() or
-  TDoNotAccessVariableWithPointerOfIncompatibleTypeQuery() or
-  TUndefinedBehaviorWithRestrictQualifiedPointerQuery()
+newtype Pointers2Query = TDoNotAddOrSubtractAScaledIntegerToAPointerQuery()
 
 predicate isPointers2QueryMetadata(Query query, string queryId, string ruleId) {
   query =
@@ -18,38 +13,6 @@ predicate isPointers2QueryMetadata(Query query, string queryId, string ruleId) {
     // `@id` for the `doNotAddOrSubtractAScaledIntegerToAPointer` query
     "c/cert/do-not-add-or-subtract-a-scaled-integer-to-a-pointer" and
   ruleId = "ARR39-C"
-  or
-  query =
-    // `Query` instance for the `doNotAccessVolatileObjectWithNonvolatileReference` query
-    Pointers2Package::doNotAccessVolatileObjectWithNonvolatileReferenceQuery() and
-  queryId =
-    // `@id` for the `doNotAccessVolatileObjectWithNonvolatileReference` query
-    "c/cert/do-not-access-volatile-object-with-nonvolatile-reference" and
-  ruleId = "EXP32-C"
-  or
-  query =
-    // `Query` instance for the `doNotCastPointerToMoreStrictlyAlignedPointerType` query
-    Pointers2Package::doNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() and
-  queryId =
-    // `@id` for the `doNotCastPointerToMoreStrictlyAlignedPointerType` query
-    "c/cert/do-not-cast-pointer-to-more-strictly-aligned-pointer-type" and
-  ruleId = "EXP36-C"
-  or
-  query =
-    // `Query` instance for the `doNotAccessVariableWithPointerOfIncompatibleType` query
-    Pointers2Package::doNotAccessVariableWithPointerOfIncompatibleTypeQuery() and
-  queryId =
-    // `@id` for the `doNotAccessVariableWithPointerOfIncompatibleType` query
-    "c/cert/do-not-access-variable-with-pointer-of-incompatible-type" and
-  ruleId = "EXP39-C"
-  or
-  query =
-    // `Query` instance for the `undefinedBehaviorWithRestrictQualifiedPointer` query
-    Pointers2Package::undefinedBehaviorWithRestrictQualifiedPointerQuery() and
-  queryId =
-    // `@id` for the `undefinedBehaviorWithRestrictQualifiedPointer` query
-    "c/cert/undefined-behavior-with-restrict-qualified-pointer" and
-  ruleId = "EXP43-C"
 }
 
 module Pointers2Package {
@@ -59,32 +22,4 @@ module Pointers2Package {
       // `Query` type for `doNotAddOrSubtractAScaledIntegerToAPointer` query
       TQueryC(TPointers2PackageQuery(TDoNotAddOrSubtractAScaledIntegerToAPointerQuery()))
   }
-
-  Query doNotAccessVolatileObjectWithNonvolatileReferenceQuery() {
-    //autogenerate `Query` type
-    result =
-      // `Query` type for `doNotAccessVolatileObjectWithNonvolatileReference` query
-      TQueryC(TPointers2PackageQuery(TDoNotAccessVolatileObjectWithNonvolatileReferenceQuery()))
-  }
-
-  Query doNotCastPointerToMoreStrictlyAlignedPointerTypeQuery() {
-    //autogenerate `Query` type
-    result =
-      // `Query` type for `doNotCastPointerToMoreStrictlyAlignedPointerType` query
-      TQueryC(TPointers2PackageQuery(TDoNotCastPointerToMoreStrictlyAlignedPointerTypeQuery()))
-  }
-
-  Query doNotAccessVariableWithPointerOfIncompatibleTypeQuery() {
-    //autogenerate `Query` type
-    result =
-      // `Query` type for `doNotAccessVariableWithPointerOfIncompatibleType` query
-      TQueryC(TPointers2PackageQuery(TDoNotAccessVariableWithPointerOfIncompatibleTypeQuery()))
-  }
-
-  Query undefinedBehaviorWithRestrictQualifiedPointerQuery() {
-    //autogenerate `Query` type
-    result =
-      // `Query` type for `undefinedBehaviorWithRestrictQualifiedPointer` query
-      TQueryC(TPointers2PackageQuery(TUndefinedBehaviorWithRestrictQualifiedPointerQuery()))
-  }
 }

rule_packages/c/Pointers2.json

@@ -12,88 +12,12 @@
           "precision": "high",
           "severity": "error",
           "short_name": "DoNotAddOrSubtractAScaledIntegerToAPointer",
-          "tags": [
+          "tags":[
             "correctness"
           ]
         }
       ],
       "title": "Do not add or subtract a scaled integer to a pointer"
-    },
-    "EXP32-C": {
-      "properties": {
-        "obligation": "rule"
-      },
-      "queries": [
-        {
-          "description": "",
-          "kind": "problem",
-          "name": "Do not access a volatile object through a nonvolatile reference",
-          "precision": "very-high",
-          "severity": "error",
-          "short_name": "DoNotAccessVolatileObjectWithNonvolatileReference",
-          "tags": [
-            "correctness"
-          ]
-        }
-      ],
-      "title": "Do not access a volatile object through a nonvolatile reference"
-    },
-    "EXP36-C": {
-      "properties": {
-        "obligation": "rule"
-      },
-      "queries": [
-        {
-          "description": "Converting a pointer value to a pointer type which is more strictly aligned results in undefined behaviour.",
-          "kind": "problem",
-          "name": "Do not cast pointers into more strictly aligned pointer types",
-          "precision": "very-high",
-          "severity": "error",
-          "short_name": "DoNotCastPointerToMoreStrictlyAlignedPointerType",
-          "tags": [
-            "correctness"
-          ]
-        }
-      ],
-      "title": "Do not cast pointers into more strictly aligned pointer types"
-    },
-    "EXP39-C": {
-      "properties": {
-        "obligation": "rule"
-      },
-      "queries": [
-        {
-          "description": "Accessing an object's stored value by means of anything other than an lvalue of an allowable type results in undefined behavior.",
-          "kind": "problem",
-          "name": "Do not access a variable through a pointer of an incompatible type",
-          "precision": "very-high",
-          "severity": "error",
-          "short_name": "DoNotAccessVariableWithPointerOfIncompatibleType",
-          "tags": [
-            "correctness"
-          ]
-        }
-      ],
-      "title": "Do not access a variable through a pointer of an incompatible type"
-    },
-    "EXP43-C": {
-      "properties": {
-        "obligation": "rule"
-      },
-      "queries": [
-        {
-          "description": "",
-          "kind": "problem",
-          "name": "Avoid undefined behavior when using restrict-qualified pointers",
-          "precision": "very-high",
-          "severity": "error",
-          "short_name": "UndefinedBehaviorWithRestrictQualifiedPointer",
-          "tags": [
-            "correctness"
-          ]
-        }
-      ],
-      "title": "Avoid undefined behavior when using restrict-qualified pointers"
     }
   }
 }

rules.csv

@@ -516,16 +516,16 @@ c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contra
 c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts,Hard,
 c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,,
 c,CERT-C,EXP30-C,Yes,Rule,,,Do not depend on the order of evaluation for side effects,EXP50-CPP,SideEffects1,Easy,
-c,CERT-C,EXP32-C,Yes,Rule,,,Do not access a volatile object through a nonvolatile reference,,Pointers2,Easy,
+c,CERT-C,EXP32-C,Yes,Rule,,,Do not access a volatile object through a nonvolatile reference,,Pointers3,Easy,
 c,CERT-C,EXP33-C,Yes,Rule,,,Do not read uninitialized memory,EXP53-CPP,InvalidMemory,Easy,
 c,CERT-C,EXP34-C,Yes,Rule,,,Do not dereference null pointers,A5-3-2,InvalidMemory,Medium,
 c,CERT-C,EXP35-C,Yes,Rule,,,Do not modify objects with temporary lifetime,,InvalidMemory,Hard,
-c,CERT-C,EXP36-C,Yes,Rule,,,Do not cast pointers into more strictly aligned pointer types,,Pointers2,Medium,
+c,CERT-C,EXP36-C,Yes,Rule,,,Do not cast pointers into more strictly aligned pointer types,,Pointers3,Medium,
 c,CERT-C,EXP37-C,Yes,Rule,,,Call functions with the correct number and type of arguments,,Expressions,Easy,
-c,CERT-C,EXP39-C,Yes,Rule,,,Do not access a variable through a pointer of an incompatible type,,Pointers2,Medium,
+c,CERT-C,EXP39-C,Yes,Rule,,,Do not access a variable through a pointer of an incompatible type,,Pointers3,Medium,
 c,CERT-C,EXP40-C,Yes,Rule,,,Do not modify constant objects,,Contracts,Medium,
 c,CERT-C,EXP42-C,Yes,Rule,,,Do not compare padding data,,Memory,Medium,
-c,CERT-C,EXP43-C,Yes,Rule,,,Avoid undefined behavior when using restrict-qualified pointers,,Pointers2,Medium,
+c,CERT-C,EXP43-C,Yes,Rule,,,Avoid undefined behavior when using restrict-qualified pointers,,Pointers3,Medium,
 c,CERT-C,EXP44-C,Yes,Rule,,,"Do not rely on side effects in operands to sizeof, _Alignof, or _Generic",M5-3-4,SideEffects1,Medium,
 c,CERT-C,EXP45-C,Yes,Rule,,,Do not perform assignments in selection statements,M6-2-1,SideEffects1,Medium,
 c,CERT-C,EXP46-C,Yes,Rule,,,Do not use a bitwise operator with a Boolean-like operand,,Expressions,Easy,