Package Contracts4

* Rule ERR30-C

Author: mbaluda

c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.md

@@ -0,0 +1,50 @@
+/**
+ * @id c/cert/errno-not-set-to-zero
+ * @name ERR30-C: Errno is not set to zero prior to an errno-setting call
+ * @description Set errno to zero prior to each call to an errno-setting function. Failing to do so
+ *              might end in spurious errno values.
+ * @kind problem
+ * @precision high
+ * @problem.severity error
+ * @tags external/cert/id/err30-c
+ *       correctness
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.c.Errno
+
+/**
+ * CFG nodes preceding a `ErrnoSettingFunctionCall`
+ */
+ControlFlowNode notZeroedPriorToErrnoSet(InBandErrnoSettingFunctionCall fc) {
+  result = fc
+  or
+  exists(ControlFlowNode mid |
+    result = mid.getAPredecessor() and
+    mid = notZeroedPriorToErrnoSet(fc) and
+    // stop recursion when `errno` is set to zero
+    not result instanceof ErrnoZeroed and
+    not result = any(ErrnoGuard g).getZeroedSuccessor()
+  )
+}
+
+from InBandErrnoSettingFunctionCall fc, ControlFlowNode cause
+where
+  not isExcluded(cause, Contracts4Package::errnoNotSetToZeroQuery()) and
+  cause = notZeroedPriorToErrnoSet(fc) and
+  (
+    // `errno` is not reset anywhere in the function
+    cause = fc.getEnclosingFunction().getBlock()
+    or
+    // `errno` is not reset after a call to an errno-setting function
+    cause = any(InBandErrnoSettingFunctionCall ec | ec != fc)
+    or
+    // `errno` is not reset after a call to a function
+    cause = any(FunctionCall fc2 | fc2 != fc)
+    or
+    // `errno` value is known to be != 0
+    cause = any(ErrnoGuard g).getNonZeroedSuccessor()
+  )
+select fc, "The value of `errno` may be different than `0` when this function is called."

c/cert/src/rules/ERR30-C/ErrnoNotSetToZero.ql

@@ -0,0 +1,52 @@
+/**
+ * @id c/cert/errno-read-before-return
+ * @name ERR30-C: Do not check errno before the function return value
+ * @description Do not check errno before the function return value. Failing to do so might
+ *              invalidate the error detection.
+ * @kind problem
+ * @precision high
+ * @problem.severity error
+ * @tags external/cert/id/err30-c
+ *       correctness
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.c.Errno
+
+/**
+ * A call to an `OutOfBandErrnoSettingFunction`
+ */
+class OutOfBandErrnoSettingFunctionCertCall extends FunctionCall {
+  OutOfBandErrnoSettingFunctionCertCall() {
+    this.getTarget() instanceof OutOfBandErrnoSettingFunctionCert
+  }
+}
+
+/**
+ * A successor of an ErrnoSettingFunctionCertCall appearing
+ * before a check of the return value
+ */
+ControlFlowNode returnNotCheckedAfter(OutOfBandErrnoSettingFunctionCertCall errnoSet) {
+  result = errnoSet
+  or
+  exists(ControlFlowNode mid |
+    result = mid.getASuccessor() and
+    mid = returnNotCheckedAfter(errnoSet) and
+    // stop recursion on a return value check
+    not (
+      any(ControlStructure cs).getControllingExpr() = result and
+      DataFlow::localExprFlow(errnoSet, result.(Operation).getAnOperand*())
+    ) and
+    // stop recursion on a following errno setting function call
+    not result instanceof OutOfBandErrnoSettingFunctionCertCall
+  )
+}
+
+from OutOfBandErrnoSettingFunctionCertCall errnoSet, ErrnoRead check
+where
+  not isExcluded(check, Contracts4Package::errnoReadBeforeReturnQuery()) and
+  check = returnNotCheckedAfter(errnoSet)
+select check, "Do not read `errno` before checking the return value of function $@.", errnoSet,
+  errnoSet.toString()

c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.md

@@ -0,0 +1,55 @@
+/**
+ * @id c/cert/function-call-before-errno-check
+ * @name ERR30-C: Do not call a function before checking errno
+ * @description After calling an errno-setting function, check errno before calling any other
+ *              function. Failing to do so might end in errno being overwritten.
+ * @kind problem
+ * @precision high
+ * @problem.severity error
+ * @tags external/cert/id/err30-c
+ *       correctness
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.c.Errno
+import semmle.code.cpp.dataflow.DataFlow
+
+/**
+ * A call to an `OutOfBandErrnoSettingFunction`
+ */
+class ErrnoSettingFunctionCall extends FunctionCall {
+  ErrnoSettingFunctionCall() { this.getTarget() instanceof InBandErrnoSettingFunction }
+}
+
+class ErrnoCheck extends Expr {
+  ErrnoCheck() {
+    this = any(MacroInvocation ma | ma.getMacroName() = "errno").getAnExpandedElement()
+    or
+    this.(FunctionCall).getTarget().hasName(["perror", "strerror"])
+  }
+}
+
+/**
+ * A successor of an ErrnoSettingFunctionCall appearing
+ * before a check of errno
+ */
+ControlFlowNode errnoNotCheckedAfter(ErrnoSettingFunctionCall errnoSet) {
+  result = errnoSet
+  or
+  exists(ControlFlowNode mid |
+    result = mid.getASuccessor() and
+    mid = errnoNotCheckedAfter(errnoSet) and
+    // stop recursion on an error check
+    not result instanceof ErrnoCheck
+  )
+}
+
+from ErrnoSettingFunctionCall errnoSet, FunctionCall fc
+where
+  not isExcluded(fc, Contracts4Package::functionCallBeforeErrnoCheckQuery()) and
+  fc != errnoSet and
+  fc = errnoNotCheckedAfter(errnoSet)
+select errnoSet,
+  "The value of `errno` is not checked after this call to `" + errnoSet.getTarget().getName() + "`."