diff --git a/.codeqlmanifest.json b/.codeqlmanifest.json index e6aec98053..b7d2d5604c 100644 --- a/.codeqlmanifest.json +++ b/.codeqlmanifest.json @@ -1 +1,9 @@ -{ "provide": [ "cpp/*/src/qlpack.yml", "cpp/*/test/qlpack.yml", "c/*/src/qlpack.yml", "c/*/test/qlpack.yml", "scripts/generate_modules/queries/qlpack.yml" ] } +{ + "provide": [ + "cpp/*/src/qlpack.yml", + "cpp/*/test/qlpack.yml", + "c/*/src/qlpack.yml", + "c/*/test/qlpack.yml", + "scripts/generate_modules/queries/qlpack.yml" + ] +} \ No newline at end of file diff --git a/c/cert/src/codeql-pack.lock.yml b/c/cert/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/c/cert/src/codeql-pack.lock.yml +++ b/c/cert/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/cert/src/codeql-suites/cert-default.qls b/c/cert/src/codeql-suites/cert-default.qls index 7ad2fc1a99..1e11a0afca 100644 --- a/c/cert/src/codeql-suites/cert-default.qls +++ b/c/cert/src/codeql-suites/cert-default.qls @@ -6,4 +6,4 @@ - path-problem - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index c4ac43a686..3428462642 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 diff --git a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql index 2d16b2ffea..88cc11ef80 100644 --- a/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql +++ b/c/cert/src/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.ql @@ -15,8 +15,9 @@ import cpp import codingstandards.c.cert import semmle.code.cpp.security.FunctionWithWrappers import semmle.code.cpp.security.Security -import semmle.code.cpp.security.TaintTracking -import TaintedWithPath +import semmle.code.cpp.ir.IR +import semmle.code.cpp.ir.dataflow.TaintTracking +import DataFlow::PathGraph // Query TaintedPath.ql from the CodeQL standard library /** @@ -45,20 +46,93 @@ class FileFunction extends FunctionWithWrappers { override predicate interestingArg(int arg) { arg = 0 } } -class TaintedPathConfiguration extends TaintTrackingConfiguration { - override predicate isSink(Element tainted) { - exists(FileFunction fileFunction | fileFunction.outermostWrapperFunctionCall(tainted, _)) +Expr asSourceExpr(DataFlow::Node node) { + result = node.asConvertedExpr() + or + result = node.asDefiningArgument() +} + +Expr asSinkExpr(DataFlow::Node node) { + result = + node.asOperand() + .(SideEffectOperand) + .getUse() + .(ReadSideEffectInstruction) + .getArgumentDef() + .getUnconvertedResultExpression() +} + +/** + * Holds for a variable that has any kind of upper-bound check anywhere in the program. + * This is biased towards being inclusive and being a coarse overapproximation because + * there are a lot of valid ways of doing an upper bounds checks if we don't consider + * where it occurs, for example: + * ```cpp + * if (x < 10) { sink(x); } + * + * if (10 > y) { sink(y); } + * + * if (z > 10) { z = 10; } + * sink(z); + * ``` + */ +predicate hasUpperBoundsCheck(Variable var) { + exists(RelationalOperation oper, VariableAccess access | + oper.getAnOperand() = access and + access.getTarget() = var and + // Comparing to 0 is not an upper bound check + not oper.getAnOperand().getValue() = "0" + ) +} + +class TaintedPathConfiguration extends TaintTracking::Configuration { + TaintedPathConfiguration() { this = "TaintedPathConfiguration" } + + override predicate isSource(DataFlow::Node node) { isUserInput(asSourceExpr(node), _) } + + override predicate isSink(DataFlow::Node node) { + exists(FileFunction fileFunction | + fileFunction.outermostWrapperFunctionCall(asSinkExpr(node), _) + ) + } + + override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) } + + override predicate isSanitizer(DataFlow::Node node) { + node.asExpr().(Call).getTarget().getUnspecifiedType() instanceof ArithmeticType + or + exists(LoadInstruction load, Variable checkedVar | + load = node.asInstruction() and + checkedVar = load.getSourceAddress().(VariableAddressInstruction).getAstVariable() and + hasUpperBoundsCheck(checkedVar) + ) + } + + predicate hasFilteredFlowPath(DataFlow::PathNode source, DataFlow::PathNode sink) { + this.hasFlowPath(source, sink) and + // The use of `isUserInput` in `isSink` in combination with `asSourceExpr` causes + // duplicate results. Filter these duplicates. The proper solution is to switch to + // using `LocalFlowSource` and `RemoteFlowSource`, but this currently only supports + // a subset of the cases supported by `isUserInput`. + not exists(DataFlow::PathNode source2 | + this.hasFlowPath(source2, sink) and + asSourceExpr(source.getNode()) = asSourceExpr(source2.getNode()) + | + not exists(source.getNode().asConvertedExpr()) and exists(source2.getNode().asConvertedExpr()) + ) } } from - FileFunction fileFunction, Expr taintedArg, Expr taintSource, PathNode sourceNode, - PathNode sinkNode, string taintCause, string callChain + FileFunction fileFunction, Expr taintedArg, Expr taintSource, TaintedPathConfiguration cfg, + DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode, string taintCause, string callChain where not isExcluded(taintedArg, IO3Package::doNotPerformFileOperationsOnDevicesQuery()) and + taintedArg = asSinkExpr(sinkNode.getNode()) and fileFunction.outermostWrapperFunctionCall(taintedArg, callChain) and - taintedWithPath(taintSource, taintedArg, sourceNode, sinkNode) and + cfg.hasFilteredFlowPath(sourceNode, sinkNode) and + taintSource = asSourceExpr(sourceNode.getNode()) and isUserInput(taintSource, taintCause) select taintedArg, sourceNode, sinkNode, - "This argument to a file access function is derived from $@ and then passed to " + callChain, + "This argument to a file access function is derived from $@ and then passed to " + callChain + ".", taintSource, "user input (" + taintCause + ")" diff --git a/c/cert/test/codeql-pack.lock.yml b/c/cert/test/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/c/cert/test/codeql-pack.lock.yml +++ b/c/cert/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected index c9252151d5..b4f07d6ca8 100644 --- a/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected +++ b/c/cert/test/rules/FIO32-C/DoNotPerformFileOperationsOnDevices.expected @@ -1,40 +1,16 @@ edges -| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | (const char *)... | -| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name | -| test.c:20:15:20:23 | array to pointer conversion | test.c:21:8:21:16 | file_name indirection | -| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | (const char *)... | -| test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | -| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | (const char *)... | -| test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name | | test.c:20:15:20:23 | scanf output argument | test.c:21:8:21:16 | file_name indirection | -| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | (LPCTSTR)... | -| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name | -| test.c:45:15:45:23 | array to pointer conversion | test.c:46:29:46:37 | file_name indirection | -| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | (LPCTSTR)... | -| test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | -| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | (LPCTSTR)... | -| test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name | | test.c:45:15:45:23 | scanf output argument | test.c:46:29:46:37 | file_name indirection | -subpaths nodes -| test.c:20:15:20:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:20:15:20:23 | file_name | semmle.label | file_name | | test.c:20:15:20:23 | scanf output argument | semmle.label | scanf output argument | -| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | -| test.c:21:8:21:16 | (const char *)... | semmle.label | (const char *)... | -| test.c:21:8:21:16 | file_name | semmle.label | file_name | -| test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | | test.c:21:8:21:16 | file_name indirection | semmle.label | file_name indirection | -| test.c:45:15:45:23 | array to pointer conversion | semmle.label | array to pointer conversion | | test.c:45:15:45:23 | file_name | semmle.label | file_name | | test.c:45:15:45:23 | scanf output argument | semmle.label | scanf output argument | -| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | -| test.c:46:29:46:37 | (LPCTSTR)... | semmle.label | (LPCTSTR)... | -| test.c:46:29:46:37 | file_name | semmle.label | file_name | -| test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | | test.c:46:29:46:37 | file_name indirection | semmle.label | file_name indirection | +subpaths #select -| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)) | test.c:20:15:20:23 | file_name | user input (scanf) | -| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName) | test.c:45:15:45:23 | file_name | user input (scanf) | +| test.c:21:8:21:16 | file_name | test.c:20:15:20:23 | file_name | test.c:21:8:21:16 | file_name indirection | This argument to a file access function is derived from $@ and then passed to func(file_name), which calls fopen((unnamed parameter 0)). | test.c:20:15:20:23 | file_name | user input (scanf) | +| test.c:46:29:46:37 | file_name | test.c:45:15:45:23 | file_name | test.c:46:29:46:37 | file_name indirection | This argument to a file access function is derived from $@ and then passed to CreateFile(lpFileName). | test.c:45:15:45:23 | file_name | user input (scanf) | diff --git a/c/common/src/codeql-pack.lock.yml b/c/common/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/c/common/src/codeql-pack.lock.yml +++ b/c/common/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/common/src/codingstandards/c/Pointers.qll b/c/common/src/codingstandards/c/Pointers.qll index 458c2271eb..034080363e 100644 --- a/c/common/src/codingstandards/c/Pointers.qll +++ b/c/common/src/codingstandards/c/Pointers.qll @@ -60,7 +60,7 @@ class ArrayPointerArithmeticExpr extends PointerArithmeticExpr, ArrayExpr { * A null pointer constant, which is either in the form `NULL` or `(void *)0`. */ predicate isNullPointerConstant(Expr e) { - e.findRootCause() instanceof NULLMacro + e.findRootCause() instanceof NullMacro or exists(CStyleCast c | not c.isImplicit() and diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index 51d3b1d4d0..b423bfa795 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -3,4 +3,4 @@ version: 2.19.0-dev license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 diff --git a/c/common/test/codeql-pack.lock.yml b/c/common/test/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/c/common/test/codeql-pack.lock.yml +++ b/c/common/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-pack.lock.yml b/c/misra/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/c/misra/src/codeql-pack.lock.yml +++ b/c/misra/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/c/misra/src/codeql-suites/misra-default.qls b/c/misra/src/codeql-suites/misra-default.qls index 473232e741..343379a2b3 100644 --- a/c/misra/src/codeql-suites/misra-default.qls +++ b/c/misra/src/codeql-suites/misra-default.qls @@ -7,4 +7,4 @@ - exclude: tags contain: - external/misra/audit - - external/misra/default-disabled \ No newline at end of file + - external/misra/default-disabled diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index e1f72b6927..78913f0b57 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-c-coding-standards: '*' - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 diff --git a/c/misra/test/codeql-pack.lock.yml b/c/misra/test/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/c/misra/test/codeql-pack.lock.yml +++ b/c/misra/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/change_notes/2022-12-06-remove-use-of-default-taint-tracking.md b/change_notes/2022-12-06-remove-use-of-default-taint-tracking.md new file mode 100644 index 0000000000..2f0c6706fc --- /dev/null +++ b/change_notes/2022-12-06-remove-use-of-default-taint-tracking.md @@ -0,0 +1,2 @@ + - `FIO32-C` - `DoNotPerformFileOperationsOnDevices.ql`: + - The query was rewritten to no longer depend of the `DefaultTaintTracking` library, which will be deprecated. diff --git a/change_notes/2023-07-30-update-to-2.11.6.md b/change_notes/2023-07-30-update-to-2.11.6.md new file mode 100644 index 0000000000..57664a7ac0 --- /dev/null +++ b/change_notes/2023-07-30-update-to-2.11.6.md @@ -0,0 +1 @@ + - Updated the supported CodeQL version to `2.11.6`. \ No newline at end of file diff --git a/cpp/autosar/src/codeql-pack.lock.yml b/cpp/autosar/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/autosar/src/codeql-pack.lock.yml +++ b/cpp/autosar/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/autosar/src/codeql-suites/autosar-advisory.qls b/cpp/autosar/src/codeql-suites/autosar-advisory.qls index ff5a0e3358..0de273308e 100644 --- a/cpp/autosar/src/codeql-suites/autosar-advisory.qls +++ b/cpp/autosar/src/codeql-suites/autosar-advisory.qls @@ -8,4 +8,4 @@ - external/autosar/obligation/advisory - exclude: tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-audit.qls b/cpp/autosar/src/codeql-suites/autosar-audit.qls index dec5f4f160..7ee6d12207 100644 --- a/cpp/autosar/src/codeql-suites/autosar-audit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-audit.qls @@ -5,4 +5,4 @@ - problem - path-problem tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-default.qls b/cpp/autosar/src/codeql-suites/autosar-default.qls index 5d45fa2774..7cd2054bbf 100644 --- a/cpp/autosar/src/codeql-suites/autosar-default.qls +++ b/cpp/autosar/src/codeql-suites/autosar-default.qls @@ -7,4 +7,4 @@ - exclude: tags contain: - external/autosar/audit - - external/autosar/default-disabled \ No newline at end of file + - external/autosar/default-disabled diff --git a/cpp/autosar/src/codeql-suites/autosar-required.qls b/cpp/autosar/src/codeql-suites/autosar-required.qls index 7c92e36dee..b7a6a8b872 100644 --- a/cpp/autosar/src/codeql-suites/autosar-required.qls +++ b/cpp/autosar/src/codeql-suites/autosar-required.qls @@ -8,4 +8,4 @@ - external/autosar/obligation/required - exclude: tags contain: - - external/autosar/audit \ No newline at end of file + - external/autosar/audit diff --git a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls index cf5434c2d8..2ba8424b27 100644 --- a/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls +++ b/cpp/autosar/src/codeql-suites/autosar-single-translation-unit.qls @@ -9,4 +9,4 @@ - exclude: tags contain: - external/autosar/audit - - external/autosar/default-disabled \ No newline at end of file + - external/autosar/default-disabled diff --git a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll index 673d7045ed..d92a28e477 100644 --- a/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll +++ b/cpp/autosar/src/codingstandards/cpp/HardwareOrProtocolInterface.qll @@ -39,7 +39,7 @@ class DefinedSizeType extends Type { class DefinedSizeClass extends Class { DefinedSizeClass() { - this.isPOD() and + this.isPod() and forall(Field f | f = this.getAField() | f.getType() instanceof DefinedSizeType) } } diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index f26045503a..23cec947cc 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 diff --git a/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql b/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql index 7867af2fdc..41611c5536 100644 --- a/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql +++ b/cpp/autosar/src/rules/A11-0-1/NonPodTypeShouldBeDefinedAsClass.ql @@ -22,5 +22,5 @@ import codingstandards.cpp.Typehelpers from Struct s where not isExcluded(s, ClassesPackage::nonPodTypeShouldBeDefinedAsClassQuery()) and - not s.isPOD() + not s.isPod() select s, "Non-POD type defined as struct instead of class." diff --git a/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql b/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql index 865c7189ad..4248b223b0 100644 --- a/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql +++ b/cpp/autosar/src/rules/A12-0-2/OperationsAssumingMemoryLayoutPerformedOnObjects.ql @@ -19,7 +19,7 @@ import cpp import codingstandards.cpp.autosar class Object extends Class { - Object() { not this.(Struct).isPOD() } + Object() { not this.(Struct).isPod() } } predicate isPointerToObject(Expr e) { diff --git a/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql b/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql index 1d89b275f6..0fd09210f7 100644 --- a/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql +++ b/cpp/autosar/src/rules/A9-6-1/DataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayout.ql @@ -23,6 +23,6 @@ from HardwareOrProtocolInterfaceClass c where not isExcluded(c, ClassesPackage::dataTypesUsedForInterfacingWithHardwareOrProtocolsMustBeTrivialAndStandardLayoutQuery()) and - not c.isPOD() + not c.isPod() select c, "Data type used for hardware interface or communication protocol is not standard layout and trivial." diff --git a/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql b/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql index b60594b8a9..a9902a72e0 100644 --- a/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql +++ b/cpp/autosar/src/rules/M11-0-1/MemberDataInNonPodClassTypesNotPrivate.ql @@ -17,7 +17,7 @@ import cpp import codingstandards.cpp.autosar class NonPODType extends Class { - NonPODType() { not this.isPOD() } + NonPODType() { not this.isPod() } } from NonPODType p, Field f diff --git a/cpp/autosar/test/codeql-pack.lock.yml b/cpp/autosar/test/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/autosar/test/codeql-pack.lock.yml +++ b/cpp/autosar/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-pack.lock.yml b/cpp/cert/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/cert/src/codeql-pack.lock.yml +++ b/cpp/cert/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/cert/src/codeql-suites/cert-default.qls b/cpp/cert/src/codeql-suites/cert-default.qls index a003e05ed2..e9211246b1 100644 --- a/cpp/cert/src/codeql-suites/cert-default.qls +++ b/cpp/cert/src/codeql-suites/cert-default.qls @@ -6,4 +6,4 @@ - path-problem - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls index 0d3f99cbf0..2f09815e0d 100644 --- a/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls +++ b/cpp/cert/src/codeql-suites/cert-single-translation-unit.qls @@ -8,4 +8,4 @@ - scope/single-translation-unit - exclude: tags contain: - - external/cert/default-disabled \ No newline at end of file + - external/cert/default-disabled diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index da27e1a2c3..8d92d36591 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -4,5 +4,5 @@ description: CERT C++ 2016 suites: codeql-suites license: MIT dependencies: - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 codeql/common-cpp-coding-standards: '*' diff --git a/cpp/cert/test/codeql-pack.lock.yml b/cpp/cert/test/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/cert/test/codeql-pack.lock.yml +++ b/cpp/cert/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/common/src/codeql-pack.lock.yml b/cpp/common/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/common/src/codeql-pack.lock.yml +++ b/cpp/common/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/common/src/codingstandards/cpp/Concurrency.qll b/cpp/common/src/codingstandards/cpp/Concurrency.qll index 5162255de9..7c92d93752 100644 --- a/cpp/common/src/codingstandards/cpp/Concurrency.qll +++ b/cpp/common/src/codingstandards/cpp/Concurrency.qll @@ -857,7 +857,7 @@ class TSSCreateFunctionCall extends ThreadSpecificStorageFunctionCall { TSSCreateFunctionCall() { getTarget().getName() = "tss_create" } predicate hasDeallocator() { - not exists(MacroInvocation mi, NULLMacro nm | + not exists(MacroInvocation mi, NullMacro nm | getArgument(1) = mi.getExpr() and mi = nm.getAnInvocation() ) diff --git a/cpp/common/src/codingstandards/cpp/TrivialType.qll b/cpp/common/src/codingstandards/cpp/TrivialType.qll index 96f09ccf81..c6c072cf7f 100644 --- a/cpp/common/src/codingstandards/cpp/TrivialType.qll +++ b/cpp/common/src/codingstandards/cpp/TrivialType.qll @@ -284,7 +284,7 @@ predicate isTrivialType(Type t) { /** A POD type as defined by [basic.types]/9. */ class PODType extends Type { PODType() { - this.(Class).isPOD() + this.(Class).isPod() or isScalarType(this) or diff --git a/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll b/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll index ba132f5892..be79397929 100644 --- a/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll +++ b/cpp/common/src/codingstandards/cpp/enhancements/MacroEnhacements.qll @@ -29,7 +29,7 @@ module MacroEnhancements { /** A use of the NULL macro. */ class NULL extends StandardLibrary::Literal { NULL() { - exists(StandardLibrary::NULLMacro nm | this = nm.getAnInvocation().getAnExpandedElement()) + exists(StandardLibrary::NullMacro nm | this = nm.getAnInvocation().getAnExpandedElement()) } } } diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index 05d80dbaf6..07fe320f1b 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/common-cpp-coding-standards version: 2.19.0-dev license: MIT dependencies: - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 \ No newline at end of file diff --git a/cpp/common/test/codeql-pack.lock.yml b/cpp/common/test/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/common/test/codeql-pack.lock.yml +++ b/cpp/common/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/misra/src/codeql-pack.lock.yml b/cpp/misra/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/misra/src/codeql-pack.lock.yml +++ b/cpp/misra/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index e2e75ed72c..8b8a78edb5 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -5,4 +5,4 @@ suites: codeql-suites license: MIT dependencies: codeql/common-cpp-coding-standards: '*' - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 diff --git a/cpp/misra/test/codeql-pack.lock.yml b/cpp/misra/test/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/misra/test/codeql-pack.lock.yml +++ b/cpp/misra/test/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/report/src/codeql-pack.lock.yml b/cpp/report/src/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/cpp/report/src/codeql-pack.lock.yml +++ b/cpp/report/src/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index de00a4778a..878d34f50c 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/report-cpp-coding-standards version: 2.19.0-dev license: MIT dependencies: - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 diff --git a/docs/development_handbook.md b/docs/development_handbook.md index b53719c493..897ab59d3b 100644 --- a/docs/development_handbook.md +++ b/docs/development_handbook.md @@ -4,36 +4,36 @@ **Document ID:** codeql-coding-standards/developer-handbook -| Version | Date | Author | Changes | -| ------- | ---------- | --------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| 0.1.0 | 2021-02-02 | Luke Cartey | Initial version. | -| 0.2.0 | 2021-02-19 | Luke Cartey | Add section on Python environment preparation. | -| 0.3.0 | 2021-04-13 | Michael Hohn | Add cookbook section documenting common procedures. | -| 0.4.0 | 2021-04-13 | Mario Campos | Add submodule out of date tip to the cookbook section. | -| 0.5.0 | 2021-04-30 | Luke Cartey | Add query style guide. | -| 0.6.0 | 2021-05-05 | John Singleton | Add task automation files. | -| 0.7.0 | 2021-05-10 | Luke Cartey | Explain non-constant alert messages. | -| 0.8.0 | 2021-05-27 | Luke Cartey | Clarify the `short_name` property. | -| 0.9.0 | 2021-09-06 | Luke Cartey | | -| 0.10.0 | 2021-09-08 | Luke Cartey | Update tool qualification section. | -| 0.11.0 | 2021-09-10 | Luke Cartey | Add reporting and deviations to scope of work. | -| 0.12.0 | 2021-09-18 | Luke Cartey | | -| 0.13.0 | 2021-09-22 | Remco Vermeulen | Document rule package schema. | -| 0.14.0 | 2021-10-11 | Luke Cartey | Document how to update dependencies. | -| 0.15.0 | 2021-10-26 | John Singleton | Document false positive triage process. | -| 0.16.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | -| 0.17.0 | 2021-11-29 | Remco Vermeulen | | -| 0.18.0 | 2022-02-16 | Remco Vermeulen | Address mistake in point 2 in section *Splitting a rule into multiple queries*. | -| 0.19.0 | 2022-06-15 | Remco Vermeulen | Replace references and steps related to Markdown help files. | -| 0.20.0 | 2022-07-05 | Remco Vermeulen | Expand scope of work to include CERT-C and MISRA C. | -| 0.21.0 | 2022-07-05 | Remco Vermeulen | Update architecture section to include the supported languages C90, C99, and C11. | -| 0.22.0 | 2022-07-05 | Remco Vermeulen | Update section `Generation of query templates from rule specifications` to include external help files. | -| 0.23.0 | 2022-07-05 | Remco Vermeulen | Update text to consider both the C++ and the C standards. | -| 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | -| 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | -| 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. -| 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. -| 0.28.0 | 2023-01-27 | David Bartolomeo | Add section on installing QL dependencies and update CLI commands to account for the migration to CodeQL packs. +| Version | Date | Author | Changes | +| ------- | ---------- | ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 0.1.0 | 2021-02-02 | Luke Cartey | Initial version. | +| 0.2.0 | 2021-02-19 | Luke Cartey | Add section on Python environment preparation. | +| 0.3.0 | 2021-04-13 | Michael Hohn | Add cookbook section documenting common procedures. | +| 0.4.0 | 2021-04-13 | Mario Campos | Add submodule out of date tip to the cookbook section. | +| 0.5.0 | 2021-04-30 | Luke Cartey | Add query style guide. | +| 0.6.0 | 2021-05-05 | John Singleton | Add task automation files. | +| 0.7.0 | 2021-05-10 | Luke Cartey | Explain non-constant alert messages. | +| 0.8.0 | 2021-05-27 | Luke Cartey | Clarify the `short_name` property. | +| 0.9.0 | 2021-09-06 | Luke Cartey | | +| 0.10.0 | 2021-09-08 | Luke Cartey | Update tool qualification section. | +| 0.11.0 | 2021-09-10 | Luke Cartey | Add reporting and deviations to scope of work. | +| 0.12.0 | 2021-09-18 | Luke Cartey | | +| 0.13.0 | 2021-09-22 | Remco Vermeulen | Document rule package schema. | +| 0.14.0 | 2021-10-11 | Luke Cartey | Document how to update dependencies. | +| 0.15.0 | 2021-10-26 | John Singleton | Document false positive triage process. | +| 0.16.0 | 2021-11-29 | Remco Vermeulen | Add document management section. | +| 0.17.0 | 2021-11-29 | Remco Vermeulen | | +| 0.18.0 | 2022-02-16 | Remco Vermeulen | Address mistake in point 2 in section *Splitting a rule into multiple queries*. | +| 0.19.0 | 2022-06-15 | Remco Vermeulen | Replace references and steps related to Markdown help files. | +| 0.20.0 | 2022-07-05 | Remco Vermeulen | Expand scope of work to include CERT-C and MISRA C. | +| 0.21.0 | 2022-07-05 | Remco Vermeulen | Update architecture section to include the supported languages C90, C99, and C11. | +| 0.22.0 | 2022-07-05 | Remco Vermeulen | Update section `Generation of query templates from rule specifications` to include external help files. | +| 0.23.0 | 2022-07-05 | Remco Vermeulen | Update text to consider both the C++ and the C standards. | +| 0.24.0 | 2022-07-05 | Remco Vermeulen | Update release process to include steps for external help files. | +| 0.25.0 | 2022-07-14 | David Bartolomeo | Add section on installing QL dependencies and update CLI commands to account for the migration to CodeQL packs. | +| 0.25.0 | 2022-07-22 | Jeroen Ketema | Document the existence and purpose of the `next` branch. | +| 0.26.0 | 2022-08-10 | Remco Vermeulen | Address incorrect package file generation command. This was missing the required language argument. | +| 0.27.0 | 2022-11-08 | Luke Cartey | Update the versions of C we intend to support to exclude C90, which reflects the intended scope at the outset of the project. | ## Scope of work diff --git a/scripts/generate_modules/queries/codeql-pack.lock.yml b/scripts/generate_modules/queries/codeql-pack.lock.yml index 1da7b6075b..a7035a9f24 100644 --- a/scripts/generate_modules/queries/codeql-pack.lock.yml +++ b/scripts/generate_modules/queries/codeql-pack.lock.yml @@ -1,6 +1,8 @@ --- +lockVersion: 1.0.0 dependencies: codeql/cpp-all: - version: 0.3.5 + version: 0.4.6 + codeql/ssa: + version: 0.0.7 compiled: false -lockVersion: 1.0.0 diff --git a/scripts/generate_modules/queries/qlpack.yml b/scripts/generate_modules/queries/qlpack.yml index 76ee66f817..e3e1783997 100644 --- a/scripts/generate_modules/queries/qlpack.yml +++ b/scripts/generate_modules/queries/qlpack.yml @@ -2,4 +2,4 @@ name: codeql/standard-library-extraction-cpp-coding-standards version: 0.0.0 license: MIT dependencies: - codeql/cpp-all: 0.3.5 + codeql/cpp-all: 0.4.6 diff --git a/scripts/install-packs.py b/scripts/install-packs.py index a0286e2228..ab45c32818 100644 --- a/scripts/install-packs.py +++ b/scripts/install-packs.py @@ -18,6 +18,6 @@ for pack in packs: pack_path = os.path.join(root, pack) # Run `codeql pack install` to install dependencies. - command = [args.codeql, 'pack', 'install', '--mode', args.mode, pack_path] + command = [args.codeql, 'pack', 'install', '--allow-prerelease', '--mode', args.mode, pack_path] print(f'Running `{" ".join(command)}`') subprocess.check_call(command) diff --git a/supported_codeql_configs.json b/supported_codeql_configs.json index c6c35979d9..ff7551a34f 100644 --- a/supported_codeql_configs.json +++ b/supported_codeql_configs.json @@ -1,17 +1,17 @@ { "supported_environment": [ { - "codeql_cli": "2.10.5", - "codeql_standard_library": "codeql-cli/v2.10.5", - "codeql_cli_bundle": "codeql-bundle-20220908" + "codeql_cli": "2.11.6", + "codeql_standard_library": "codeql-cli/v2.11.6", + "codeql_cli_bundle": "codeql-bundle-20221211" } - ], - "supported_language" : [ + ], + "supported_language": [ { - "language" : "cpp" + "language": "cpp" }, { - "language" : "c" + "language": "c" } ] -} +} \ No newline at end of file