Merge branch 'main' into modernize-packs

Author: jketema

.github/workflows/code-scanning-pack-gen.yml

@@ -33,135 +33,6 @@ jobs:
             jq --compact-output '.supported_environment | {include: .}' supported_codeql_configs.json
           )"
 
-  create-code-scanning-pack-anon:
-    name: Create anonymous Code Scanning pack
-    needs: prepare-code-scanning-pack-matrix
-    runs-on: ubuntu-20.04-xl
-    strategy:
-      fail-fast: false
-      matrix: ${{ fromJSON(needs.prepare-code-scanning-pack-matrix.outputs.matrix) }}
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Cache CodeQL
-        id: cache-codeql
-        uses: actions/cache@v2.1.3
-        with:
-          path: ${{ github.workspace }}/codeql_home
-          key: codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }}
-
-      - name: Install CodeQL
-        if: steps.cache-codeql.outputs.cache-hit != 'true'
-        uses: ./.github/actions/install-codeql
-        with:
-          codeql-cli-version: ${{ matrix.codeql_cli }}
-          codeql-stdlib-version: ${{ matrix.codeql_standard_library }}
-          codeql-home: ${{ github.workspace }}/codeql_home
-          add-to-path: false
-
-      - name: Install CodeQL packs
-        uses: ./.github/actions/install-codeql-packs
-        with:
-          cli_path: ${{ github.workspace }}/codeql_home/codeql
-
-      - name: Install Python
-        uses: actions/setup-python@v4
-        with:
-          python-version: "3.9"
-
-      - name: Anonymising and pre-compiling queries
-        env:
-          CODEQL_HOME: ${{ github.workspace }}/codeql_home
-        run: |
-          PATH=$PATH:$CODEQL_HOME/codeql
-          pip install -r scripts/requirements.txt
-          find rule_packages/cpp -name '*.json' -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python scripts/generate_rules/generate_package_files.py -a cpp
-          find rule_packages/c -name '*.json' -exec basename {} .json \; | xargs --max-procs "$XARGS_MAX_PROCS" --max-args 1 python scripts/generate_rules/generate_package_files.py --skip-shared-test-generation -a c
-
-          echo "Remove help files that cannot be freely distributed"
-          find cpp/autosar/src/rules -name "*.md" -delete
-          find c/misra/src/rules -name "*.md" -delete
-
-          codeql query compile --threads 0 cpp
-          codeql query compile --threads 0 c
-          cd ..
-          zip -r codeql-coding-standards/code-scanning-cpp-query-pack-anon.zip codeql-coding-standards/c/ codeql-coding-standards/cpp/ codeql-coding-standards/.codeqlmanifest.json codeql-coding-standards/supported_codeql_configs.json codeql-coding-standards/scripts/deviations codeql-coding-standards/scripts/reports
-
-      - name: Upload GHAS Query Pack
-        uses: actions/upload-artifact@v2
-        with:
-          name: code-scanning-cpp-query-pack-anon.zip
-          path: code-scanning-cpp-query-pack-anon.zip
-
-      - name: Create LGTM query pack
-        env:
-          CODEQL_HOME: ${{ github.workspace }}/codeql_home
-        run: |
-          PATH=$PATH:$CODEQL_HOME/codeql
-          mkdir -p lgtm-cpp-query-pack
-          function copy_queries_for_pack {
-            for q in $(codeql resolve queries $2/$1/src/codeql-suites/$1-default.qls)
-            do
-              copy_from_root_name="${q%.*}"
-              copy_to_root_name=$(realpath --relative-to "./$2/$1/src/" "$copy_from_root_name")
-              query_dir=$(dirname "lgtm-cpp-query-pack/$copy_to_root_name")
-              mkdir -p "$query_dir"
-              # Copy each selected ql file
-              cp "$copy_from_root_name.ql" "lgtm-cpp-query-pack/$copy_to_root_name.ql"
-            done
-          }
-
-          echo "Copying autosar-default queries (CPP)"
-          copy_queries_for_pack "autosar" "cpp"
-          echo "Copying cert-default queries (CPP)"
-          copy_queries_for_pack "cert" "cpp"
-
-          echo "Copying misra-default queries (C)"
-          copy_queries_for_pack "misra" "c"
-          echo "Copying cert-default queries (C)"
-          copy_queries_for_pack "cert" "c"
-
-
-          # Now copy all the .qll files
-          lgtm_pack_dir=$(realpath lgtm-cpp-query-pack)
-          for query_pack in autosar cert common
-          do
-            echo "Copying $query_pack qll files"
-            pushd cpp/$query_pack/src
-            for query_library in $(find . -name \*.qll)
-            do
-              qll_dir=$(dirname "$lgtm_pack_dir/$query_library")
-              echo "Making $qll_dir"
-              mkdir -p "$qll_dir"
-              cp "$query_library" "$lgtm_pack_dir/$query_library"
-            done
-            popd
-          done
-
-
-          for query_pack in misra cert common
-          do
-            echo "Copying $query_pack qll files"
-            pushd c/$query_pack/src
-            for query_library in $(find . -name \*.qll)
-            do
-              qll_dir=$(dirname "$lgtm_pack_dir/$query_library")
-              echo "Making $qll_dir"
-              mkdir -p "$qll_dir"
-              cp "$query_library" "$lgtm_pack_dir/$query_library"
-            done
-            popd
-          done
-
-          cd lgtm-cpp-query-pack
-          zip -9 -r ../lgtm-cpp-query-pack-anon.zip *
-
-      - name: Upload LGTM query pack
-        uses: actions/upload-artifact@v2
-        with:
-          name: lgtm-cpp-query-pack-anon.zip
-          path: lgtm-cpp-query-pack-anon.zip
-
   create-code-scanning-pack:
     name: Create Code Scanning pack
     needs: prepare-code-scanning-pack-matrix
@@ -194,6 +65,8 @@ jobs:
           cli_path: ${{ github.workspace }}/codeql_home/codeql
 
       - name: Checkout external help files
+        continue-on-error: true
+        id: checkout-external-help-files
         uses: actions/checkout@v2
         with:
           ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }}
@@ -202,6 +75,7 @@ jobs:
           path: external-help-files
 
       - name: Include external help files
+        if: ${{ steps.checkout-external-help-files.outcome == 'success' }}
         run: |
           pushd external-help-files
           find . -name '*.md' -exec rsync -av --relative {} "$GITHUB_WORKSPACE" \;
@@ -224,68 +98,3 @@ jobs:
         with:
           name: code-scanning-cpp-query-pack.zip
           path: code-scanning-cpp-query-pack.zip
-
-      - name: Create LGTM query pack
-        env:
-          CODEQL_HOME: ${{ github.workspace }}/codeql_home
-        run: |
-          PATH=$PATH:$CODEQL_HOME/codeql
-          mkdir -p lgtm-cpp-query-pack
-          function copy_queries_for_pack {
-            for rule_dir in $(codeql resolve queries $2/$1/src/codeql-suites/$1-default.qls | xargs -L1 dirname | uniq)
-            do
-              copy_to_root="lgtm-cpp-query-pack/$(realpath --relative-to "./$2/$1/src/" "$rule_dir")"
-              mkdir -p "$copy_to_root"
-              # Copy each selected ql file, plus the related files
-              find "$rule_dir" -name '*.ql' -o -name '*.c' -name '*.cpp' -o -name '*.png' -exec cp -n {} "$copy_to_root" \;
-            done
-          }
-          echo "Copying autosar-default queries (CPP)"
-          copy_queries_for_pack "autosar" "cpp"
-          echo "Copying cert-default queries (CPP)"
-          copy_queries_for_pack "cert" "cpp"
-
-          echo "Copying misra-default queries (C)"
-          copy_queries_for_pack "misra" "c"
-          echo "Copying cert-default queries (C)"
-          copy_queries_for_pack "cert" "c"
-
-
-          # Now copy all the .qll files
-          lgtm_pack_dir=$(realpath lgtm-cpp-query-pack)
-          for query_pack in autosar cert common
-          do
-            echo "Copying $query_pack qll files"
-            pushd cpp/$query_pack/src
-            for query_library in $(find . -name \*.qll)
-            do
-              qll_dir=$(dirname "$lgtm_pack_dir/$query_library")
-              echo "Making $qll_dir"
-              mkdir -p "$qll_dir"
-              cp "$query_library" "$lgtm_pack_dir/$query_library"
-            done
-            popd
-          done
-
-          for query_pack in misra cert common
-          do
-            echo "Copying $query_pack qll files"
-            pushd c/$query_pack/src
-            for query_library in $(find . -name \*.qll)
-            do
-              qll_dir=$(dirname "$lgtm_pack_dir/$query_library")
-              echo "Making $qll_dir"
-              mkdir -p "$qll_dir"
-              cp "$query_library" "$lgtm_pack_dir/$query_library"
-            done
-            popd
-          done
-
-          cd lgtm-cpp-query-pack
-          zip -9 -r ../lgtm-cpp-query-pack.zip *
-
-      - name: Upload LGTM query pack
-        uses: actions/upload-artifact@v2
-        with:
-          name: lgtm-cpp-query-pack.zip
-          path: lgtm-cpp-query-pack.zip

.vscode/tasks.json

@@ -221,9 +221,11 @@
                 "Pointers",
                 "Preprocessor1",
                 "Preprocessor2",
+                "Preprocessor3",
+                "Preprocessor4",
                 "IntegerConversion",
                 "Expressions",
-                "DeadCode"
+                "DeadCode",
                 "VirtualFunctions"
             ]
         },

c/common/src/codingstandards/c/Keywords.qll

@@ -0,0 +1,95 @@
+import cpp
+
+/** Module to reason about keywords in standards C90, C99 and C11. */
+module Keywords {
+  /** Holds if `s` is a keyword. */
+  predicate isKeyword(string s) {
+    s = "auto"
+    or
+    s = "break"
+    or
+    s = "case"
+    or
+    s = "char"
+    or
+    s = "const"
+    or
+    s = "continue"
+    or
+    s = "default"
+    or
+    s = "do"
+    or
+    s = "double"
+    or
+    s = "else"
+    or
+    s = "enum"
+    or
+    s = "extern"
+    or
+    s = "float"
+    or
+    s = "for"
+    or
+    s = "goto"
+    or
+    s = "if"
+    or
+    s = "inline"
+    or
+    s = "int"
+    or
+    s = "long"
+    or
+    s = "register"
+    or
+    s = "restrict"
+    or
+    s = "return"
+    or
+    s = "short"
+    or
+    s = "signed"
+    or
+    s = "sizeof"
+    or
+    s = "static"
+    or
+    s = "struct"
+    or
+    s = "switch"
+    or
+    s = "typedef"
+    or
+    s = "union"
+    or
+    s = "unsigned"
+    or
+    s = "void"
+    or
+    s = "volatile"
+    or
+    s = "while"
+    or
+    s = "_Alignas"
+    or
+    s = "_Alignof"
+    or
+    s = "_Atomic"
+    or
+    s = "_Bool"
+    or
+    s = "_Complex"
+    or
+    s = "_Generic"
+    or
+    s = "_Imaginary"
+    or
+    s = "_Noreturn"
+    or
+    s = "_Static_assert"
+    or
+    s = "_Thread_local"
+  }
+}

c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.expected

@@ -0,0 +1,3 @@
+| test.c:5:3:11:3 | MACROFUNCTION(X) | Invocation of macro MACROFUNCTION includes a token "#else" that could be confused for an argument preprocessor directive. |
+| test.c:5:3:11:3 | MACROFUNCTION(X) | Invocation of macro MACROFUNCTION includes a token "#endif" that could be confused for an argument preprocessor directive. |
+| test.c:5:3:11:3 | MACROFUNCTION(X) | Invocation of macro MACROFUNCTION includes a token "#if NOTDEFINEDMACRO" that could be confused for an argument preprocessor directive. |

c/common/test/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.ql

@@ -0,0 +1,2 @@
+// GENERATED FILE - DO NOT MODIFY
+import codingstandards.cpp.rules.preprocessingdirectivewithinmacroargument.PreprocessingDirectiveWithinMacroArgument

c/common/test/rules/preprocessingdirectivewithinmacroargument/test.c

@@ -0,0 +1,14 @@
+#include <string.h>
+#define MACROFUNCTION(X) strlen(X)
+
+void f() {
+  MACROFUNCTION(
+#if NOTDEFINEDMACRO // NON_COMPLIANT
+      "longstringtest!test!"
+#else  // NON_COMPLIANT
+      "shortstring"
+#endif // NON_COMPLIANT
+  );
+
+  MACROFUNCTION("alright"); // COMPLIANT
+}

c/misra/src/rules/RULE-20-4/MacroDefinedWithTheSameNameAsKeyword.ql

@@ -0,0 +1,26 @@
+/**
+ * @id c/misra/macro-defined-with-the-same-name-as-keyword
+ * @name RULE-20-4: A macro shall not be defined with the same name as a keyword
+ * @description Redefinition of keywords is confusing and in the case where the standard library is
+ *              included where that keyword is defined, the redefinition will result in undefined
+ *              behaviour.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity warning
+ * @tags external/misra/id/rule-20-4
+ *       correctness
+ *       readability
+ *       maintainability
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.c.Keywords
+
+from Macro m, string name
+where
+  not isExcluded(m, Preprocessor4Package::macroDefinedWithTheSameNameAsKeywordQuery()) and
+  m.hasName(name) and
+  Keywords::isKeyword(name)
+select m, "Redefinition of keyword '" + name + "'."