Merge branch 'main' into knewbury01/Declarations3

Author: mbaluda

c/common/src/codingstandards/c/Errno.qll

@@ -0,0 +1,100 @@
+/** Provides a library for errno-setting functions. */
+
+import cpp
+
+/*
+ * An errno-setting function
+ */
+
+abstract class ErrnoSettingFunction extends Function { }
+
+/*
+ * An errno-setting function that return out-of-band errors indicators
+ */
+
+class OutOfBandErrnoSettingFunction extends ErrnoSettingFunction {
+  OutOfBandErrnoSettingFunction() {
+    this.hasGlobalName(["ftell", "fgetpos", "fsetpos", "mbrtowc", "wcrtomb", "wcsrtombs"])
+  }
+}
+
+/*
+ * An errno-setting function that return in-band errors indicators
+ */
+
+class InBandErrnoSettingFunction extends ErrnoSettingFunction {
+  InBandErrnoSettingFunction() {
+    this.hasGlobalName([
+        "fgetwc", "fputwc", "strtol", "wcstol", "strtoll", "wcstoll", "strtoul", "wcstoul",
+        "strtoull", "wcstoull", "strtoumax", "wcstoumax", "strtod", "wcstod", "strtof", "wcstof",
+        "strtold", "wcstold", "strtoimax", "wcstoimax"
+      ])
+  }
+}
+
+/*
+ * A assignment expression setting `errno` to 0
+ */
+
+class ErrnoZeroed extends AssignExpr {
+  ErrnoZeroed() {
+    this.getLValue() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() and
+    this.getRValue().getValue() = "0"
+  }
+}
+
+/*
+ * A guard controlled by a errno comparison
+ */
+
+abstract class ErrnoGuard extends StmtParent {
+  abstract ControlFlowNode getZeroedSuccessor();
+
+  abstract ControlFlowNode getNonZeroedSuccessor();
+}
+
+class ErrnoIfGuard extends EqualityOperation, ErrnoGuard {
+  ControlStructure i;
+
+  ErrnoIfGuard() {
+    this.getAnOperand() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() and
+    this.getAnOperand().getValue() = "0" and
+    i.getControllingExpr() = this
+  }
+
+  Stmt getThenSuccessor() {
+    i.getControllingExpr() = this and
+    (result = i.(IfStmt).getThen() or result = i.(Loop).getStmt())
+  }
+
+  Stmt getElseSuccessor() {
+    i.getControllingExpr() = this and
+    (
+      i.(IfStmt).hasElse() and result = i.(IfStmt).getElse()
+      or
+      result = i.getFollowingStmt()
+    )
+  }
+
+  override ControlFlowNode getZeroedSuccessor() {
+    if this instanceof EQExpr then result = this.getThenSuccessor() else result = getElseSuccessor()
+  }
+
+  override ControlFlowNode getNonZeroedSuccessor() {
+    if this instanceof NEExpr then result = this.getThenSuccessor() else result = getElseSuccessor()
+  }
+}
+
+class ErrnoSwitchGuard extends SwitchCase, ErrnoGuard {
+  ErrnoSwitchGuard() {
+    this.getSwitchStmt().getExpr() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr()
+  }
+
+  override ControlFlowNode getZeroedSuccessor() {
+    result = this.getAStmt() and this.getExpr().getValue() = "0"
+  }
+
+  override ControlFlowNode getNonZeroedSuccessor() {
+    result = this.getAStmt() and this.getExpr().getValue() != "0"
+  }
+}

c/misra/src/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql

@@ -0,0 +1,64 @@
+/**
+ * @id c/misra/only-test-errno-right-after-errno-setting-function
+ * @name RULE-22-10: The value of errno shall only be tested when the last called function is errno-setting
+ * @description The value of errno shall only be tested when the last function to be called was an
+ *              errno-setting-function. Testing the value in these conditions does not guarantee the
+ *              absence of an errors.
+ * @kind problem
+ * @precision high
+ * @problem.severity warning
+ * @tags external/misra/id/rule-22-10
+ *       correctness
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.c.Errno
+
+/*
+ * A call to an `ErrnoSettingFunction`
+ */
+
+class ErrnoSettingFunctionCall extends FunctionCall {
+  ErrnoSettingFunctionCall() { this.getTarget() instanceof ErrnoSettingFunction }
+}
+
+/*
+ * A function call that is not part of the `errno` macro expansion
+ */
+
+class MaySetErrnoCall extends FunctionCall {
+  MaySetErrnoCall() {
+    not inmacroexpansion(this, any(MacroInvocation ma | ma.getMacroName() = "errno"))
+  }
+}
+
+/*
+ * CFG nodes preceding a `errno` test where `errno` is not set
+ */
+
+ControlFlowNode notSetPriorToErrnoTest(EqualityOperation eg) {
+  result = eg
+  or
+  exists(ControlFlowNode mid |
+    result = mid.getAPredecessor() and
+    mid = notSetPriorToErrnoTest(eg) and
+    // stop recursion on an errno-setting function call
+    not result = any(ErrnoSettingFunctionCall c)
+  )
+}
+
+from EqualityOperation eq, ControlFlowNode cause
+where
+  not isExcluded(eq, Contracts3Package::onlyTestErrnoRightAfterErrnoSettingFunctionQuery()) and
+  cause = notSetPriorToErrnoTest(eq) and
+  eq.getAnOperand() = any(MacroInvocation ma | ma.getMacroName() = "errno").getExpr() and
+  (
+    // `errno` is not set anywhere in the function
+    cause = eq.getEnclosingFunction().getBlock()
+    or
+    // `errno` is not set after a non-errno-setting function call
+    cause = any(MaySetErrnoCall c)
+  )
+select eq, "Value of `errno` is tested but not after an errno-setting function call."

c/misra/src/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql

@@ -0,0 +1,60 @@
+/**
+ * @id c/misra/errno-set-to-zero-prior-to-call
+ * @name RULE-22-8: The value of errno shall be set to zero prior to a call to an errno-setting-function
+ * @description The value of errno shall be set to zero prior to a call to an
+ *              errno-setting-function. Not setting the value leads to incorrectly identifying
+ *              errors.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-22-8
+ *       correctness
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.c.Errno
+
+/*
+ * A call to an `ErrnoSettingFunction`
+ */
+
+class ErrnoSettingFunctionCall extends FunctionCall {
+  ErrnoSettingFunctionCall() { this.getTarget() instanceof ErrnoSettingFunction }
+}
+
+/*
+ * CFG nodes preceding a `ErrnoSettingFunctionCall`
+ */
+
+ControlFlowNode notZeroedPriorToErrnoSet(ErrnoSettingFunctionCall fc) {
+  result = fc
+  or
+  exists(ControlFlowNode mid |
+    result = mid.getAPredecessor() and
+    mid = notZeroedPriorToErrnoSet(fc) and
+    // stop recursion when `errno` is set to zero
+    not result instanceof ErrnoZeroed and
+    not result = any(ErrnoGuard g).getZeroedSuccessor()
+  )
+}
+
+from ErrnoSettingFunctionCall fc, ControlFlowNode cause
+where
+  not isExcluded(fc, Contracts3Package::errnoSetToZeroAfterCallQuery()) and
+  cause = notZeroedPriorToErrnoSet(fc) and
+  (
+    // `errno` is not reset anywhere in the function
+    cause = fc.getEnclosingFunction().getBlock()
+    or
+    // `errno` is not reset after a call to an errno-setting function
+    cause = any(ErrnoSettingFunctionCall ec | ec != fc)
+    or
+    // `errno` is not reset after a call to a function
+    cause = any(FunctionCall fc2 | fc2 != fc)
+    or
+    // `errno` value is known to be != 0
+    cause = any(ErrnoGuard g).getNonZeroedSuccessor()
+  )
+select fc, "The value of `errno` may be different than `0` when this function is called."

c/misra/src/rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql

@@ -0,0 +1,52 @@
+/**
+ * @id c/misra/errno-set-to-zero-after-call
+ * @name RULE-22-9: The value of errno shall be tested against zero after calling an errno-setting-function
+ * @description The value of errno shall be tested against zero after calling an
+ *              errno-setting-function. Not testing the value leads to unidentified errors.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-22-9
+ *       correctness
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+import codingstandards.c.Errno
+
+/*
+ * A call to an `ErrnoSettingFunction`
+ */
+
+class InBandErrnoSettingFunctionCall extends FunctionCall {
+  InBandErrnoSettingFunctionCall() { this.getTarget() instanceof InBandErrnoSettingFunction }
+}
+
+/*
+ * CFG nodes following a `ErrnoSettingFunctionCall`
+ */
+
+ControlFlowNode notTestedAfterErrnoSet(InBandErrnoSettingFunctionCall fc) {
+  result = fc
+  or
+  exists(ControlFlowNode mid |
+    result = mid.getASuccessor() and
+    mid = notTestedAfterErrnoSet(fc) and
+    // stop recursion when `errno` is checked
+    not result = any(ControlStructure i | i.getControllingExpr() instanceof ErrnoGuard)
+  )
+}
+
+from InBandErrnoSettingFunctionCall fc, ControlFlowNode cause
+where
+  not isExcluded(fc, Contracts3Package::errnoSetToZeroAfterCallQuery()) and
+  cause = notTestedAfterErrnoSet(fc) and
+  (
+    // `errno` is not checked anywhere in the function
+    cause = fc.getEnclosingFunction()
+    or
+    // `errno` is not checked before a call to a function
+    cause = any(FunctionCall fc2 | fc2 != fc)
+  )
+select fc, "The value of `errno` is not tested against `0` after the call."

c/misra/test/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.expected

@@ -0,0 +1,3 @@
+| test.c:7:7:7:16 | ... == ... | Value of `errno` is tested but not after an errno-setting function call. |
+| test.c:16:7:16:21 | ... == ... | Value of `errno` is tested but not after an errno-setting function call. |
+| test.c:17:10:17:23 | ... == ... | Value of `errno` is tested but not after an errno-setting function call. |

c/misra/test/rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.qlref

@@ -0,0 +1 @@
+rules/RULE-22-10/OnlyTestErrnoRightAfterErrnoSettingFunction.ql

c/misra/test/rules/RULE-22-10/test.c

@@ -0,0 +1,26 @@
+#include <errno.h>
+#include <stdlib.h>
+
+void f1(void) {
+  errno = 0;
+  int i = atoi("0"); // non errno-setting function
+  if (0 == errno) {  // NON_COMPLIANT
+  }
+  errno = 0;
+  strtod("0", NULL); // errno-setting function
+  if (0 == errno) {  // COMPLIANT
+  }
+}
+
+void f2(void) {
+  if (EAGAIN == errno      // NON_COMPLIANT
+      || errno == EINTR) { // NON_COMPLIANT
+  }
+}
+
+void f3(void) {
+  errno = 0;
+  strtod("0", NULL);
+  if (errno == EAGAIN || errno == EINTR) { // COMPLIANT
+  }
+}

c/misra/test/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.expected

@@ -0,0 +1,5 @@
+| test.c:5:3:5:8 | call to strtod | The value of `errno` may be different than `0` when this function is called. |
+| test.c:20:5:20:10 | call to strtod | The value of `errno` may be different than `0` when this function is called. |
+| test.c:24:5:24:10 | call to strtof | The value of `errno` may be different than `0` when this function is called. |
+| test.c:32:3:32:8 | call to strtod | The value of `errno` may be different than `0` when this function is called. |
+| test.c:41:5:41:10 | call to strtod | The value of `errno` may be different than `0` when this function is called. |

c/misra/test/rules/RULE-22-8/ErrnoSetToZeroPriorToCall.qlref

@@ -0,0 +1 @@
+rules/RULE-22-8/ErrnoSetToZeroPriorToCall.ql

c/misra/test/rules/RULE-22-8/test.c

@@ -0,0 +1,43 @@
+#include <errno.h>
+#include <stdlib.h>
+
+void f1(void) {
+  strtod("0", NULL); // NON_COMPLIANT
+  if (0 == errno) {
+    strtod("0", NULL); // COMPLIANT
+    if (0 == errno) {
+    }
+  } else {
+    errno = 0;
+    strtod("0", NULL); // COMPLIANT
+    if (0 == errno) {
+    }
+  }
+}
+
+void f2(void) {
+  if (0 != errno) {
+    strtod("0", NULL); // NON_COMPLIANT
+  } else {
+    errno = 0;
+    strtod("0", NULL); // COMPLIANT
+    strtof("0", NULL); // NON_COMPLIANT
+  }
+}
+
+void f3_helper() {}
+void f3(void) {
+  errno = 0;
+  f3_helper();
+  strtod("0", NULL); // NON_COMPLIANT
+}
+
+void f4(void) {
+  errno = 0;
+  switch (errno) {
+  case 0:
+    strtod("0", NULL); // COMPLIANT
+  case 1:
+    strtod("0", NULL); // NON_COMPLIANT
+  }
+}

c/misra/test/rules/RULE-22-9/ErrnoSetToZeroAfterCall.expected

@@ -0,0 +1,2 @@
+| test.c:9:3:9:8 | call to strtod | The value of `errno` is not tested against `0` after the call. |
+| test.c:19:3:19:8 | call to strtod | The value of `errno` is not tested against `0` after the call. |

c/misra/test/rules/RULE-22-9/ErrnoSetToZeroAfterCall.qlref

@@ -0,0 +1 @@
+rules/RULE-22-9/ErrnoSetToZeroAfterCall.ql