Preprocessor5: add Rule PRE32-C

Author: knewbury01

c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.md

@@ -0,0 +1,17 @@
+# PRE32-C: Do not use preprocessor directives in invocations of function-like macros
+
+This query implements the CERT-C rule PRE32-C:
+
+> Do not use preprocessor directives in invocations of function-like macros
+
+## CERT
+
+** REPLACE THIS BY RUNNING THE SCRIPT `scripts/help/cert-help-extraction.py` **
+
+## Implementation notes
+
+None
+
+## References
+
+* CERT-C: [PRE32-C: Do not use preprocessor directives in invocations of function-like macros](https://wiki.sei.cmu.edu/confluence/display/c)

c/cert/src/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql

@@ -0,0 +1,58 @@
+/**
+ * @id c/cert/macro-or-function-args-contain-hash-token
+ * @name PRE32-C: Do not use preprocessor directives in invocations of function-like macros
+ * @description Arguments to a function-like macros shall not contain tokens that look like
+ *              pre-processing directives or else behaviour after macro expansion is unpredictable.
+ *              This rule applies to functions as well in case they are implemented using macros.
+ * @kind problem
+ * @precision high
+ * @problem.severity warning
+ * @tags external/cert/id/pre32-c
+ *       readability
+ *       correctness
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.PreprocessorDirective
+
+pragma[noinline]
+predicate isFunctionInvocationLocation(FunctionCall call, File f, int startline, int endline) {
+  call.getLocation().hasLocationInfo(f.getAbsolutePath(), startline, _, _, _) and
+  //for all function calls the closest location heurisitc we have for end line is the next node in cfg
+  call.getASuccessor().getLocation().hasLocationInfo(f.getAbsolutePath(), endline, _, _, _)
+}
+
+PreprocessorDirective isLocatedInAFunctionInvocation(FunctionCall c) {
+  exists(PreprocessorDirective p, File f, int startCall, int endCall |
+    isFunctionInvocationLocation(c, f, startCall, endCall) and
+    exists(int startLine, int endLine | isPreprocDirectiveLine(p, f, startLine, endLine) |
+      startCall < startLine and
+      startCall < endLine and
+      endLine <= endCall and
+      endLine <= endCall
+    ) and
+    result = p
+  )
+}
+
+from PreprocessorDirective p, string msg
+where
+  not isExcluded(p, Preprocessor5Package::macroOrFunctionArgsContainHashTokenQuery()) and
+  exists(FunctionCall c |
+    p = isLocatedInAFunctionInvocation(c) and
+    //if this is actually a function in a macro ignore it because it will still be seen in the macro condition
+    not c.isInMacroExpansion() and
+    msg =
+      "Invocation of function " + c.getTarget().getName() + " includes a token \"" + p +
+        "\" that could be confused for an argument preprocessor directive."
+  )
+  or
+  exists(MacroInvocation m |
+    p = isLocatedInAMacroInvocation(m) and
+    msg =
+      "Invocation of macro " + m.getMacroName() + " includes a token \"" + p +
+        "\" that could be confused for an argument preprocessor directive."
+  )
+select p, msg

c/cert/test/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.expected

@@ -0,0 +1,8 @@
+| test.c:9:1:9:19 | #if NOTDEFINEDMACRO | Invocation of macro MACROFUNCTION includes a token "#if NOTDEFINEDMACRO" that could be confused for an argument preprocessor directive. |
+| test.c:11:1:11:5 | #else | Invocation of macro MACROFUNCTION includes a token "#else" that could be confused for an argument preprocessor directive. |
+| test.c:13:1:13:6 | #endif | Invocation of macro MACROFUNCTION includes a token "#endif" that could be confused for an argument preprocessor directive. |
+| test.c:20:1:20:16 | #ifdef SOMEMACRO | Invocation of function memcpy includes a token "#ifdef SOMEMACRO" that could be confused for an argument preprocessor directive. |
+| test.c:22:1:22:5 | #else | Invocation of function memcpy includes a token "#else" that could be confused for an argument preprocessor directive. |
+| test.c:24:1:24:6 | #endif | Invocation of function memcpy includes a token "#endif" that could be confused for an argument preprocessor directive. |
+| test.c:27:1:27:8 | #if TEST | Invocation of function memcpy includes a token "#if TEST" that could be confused for an argument preprocessor directive. |
+| test.c:28:1:28:6 | #endif | Invocation of function memcpy includes a token "#endif" that could be confused for an argument preprocessor directive. |

c/cert/test/rules/PRE32-C/MacroOrFunctionArgsContainHashToken.qlref

@@ -0,0 +1 @@
+rules/PRE32-C/MacroOrFunctionArgsContainHashToken.ql

c/cert/test/rules/PRE32-C/test.c

@@ -0,0 +1,29 @@
+
+#include <string.h>
+#define MACROFUNCTION(X) strlen(X)
+
+void func(const char *src) {
+  char *dest;
+
+  MACROFUNCTION(
+#if NOTDEFINEDMACRO // NON_COMPLIANT
+      "longstringtest!test!"
+#else  // NON_COMPLIANT
+      "shortstring"
+#endif // NON_COMPLIANT
+  );
+
+  MACROFUNCTION("alright"); // COMPLIANT
+  memcpy(dest, src, 12);    // COMPLIANT
+
+  memcpy(dest, src,
+#ifdef SOMEMACRO // NON_COMPLIANT
+         12
+#else  // NON_COMPLIANT
+         24
+#endif // NON_COMPLIANT
+  );
+
+#if TEST // COMPLIANT[FALSE_POSITIVE]
+#endif   // COMPLIANT[FALSE_POSITIVE]
+}

cpp/common/src/codingstandards/cpp/Macro.qll

@@ -63,3 +63,9 @@ class StringizingOperator extends TStringizingOperator {
 
   string toString() { result = getMacro().toString() }
 }
+
+
+pragma[noinline]
+predicate isMacroInvocationLocation(MacroInvocation mi, File f, int startChar, int endChar) {
+  mi.getActualLocation().charLoc(f, startChar, endChar)
+}

cpp/common/src/codingstandards/cpp/PreprocessorDirective.qll

@@ -0,0 +1,32 @@
+import cpp
+import codingstandards.cpp.Macro
+
+pragma[noinline]
+predicate isPreprocDirectiveLocation(PreprocessorDirective pd, File f, int startChar) {
+  pd.getLocation().charLoc(f, startChar, _)
+}
+
+pragma[noinline]
+predicate isPreprocDirectiveLine(PreprocessorDirective pd, File f, int startline, int endline) {
+  pd.getLocation().hasLocationInfo(f.getAbsolutePath(), startline, _, endline, _)
+}
+
+PreprocessorDirective isLocatedInAMacroInvocation(MacroInvocation m) {
+  exists(PreprocessorDirective p |
+    // There is not sufficient information in the database for nested macro invocations, because
+    // the location of nested macros and preprocessor directives are all set to the location of the
+    // outermost macro invocation
+    not exists(m.getParentInvocation()) and
+    exists(File f, int startChar, int endChar |
+      isMacroInvocationLocation(m, f, startChar, endChar) and
+      exists(int lStart | isPreprocDirectiveLocation(p, f, lStart) |
+        // If the start location of the preprocessor directive is after the start of the macro
+        // invocation, and before the end, it must be within the macro invocation
+        // Note: it's critical to use startChar < lStart, not startChar <= lStart, because the
+        // latter will include preprocessor directives which occur in nested macro invocations
+        startChar < lStart and lStart < endChar
+      )
+    ) and
+    result = p
+  )
+}

cpp/common/src/codingstandards/cpp/exclusions/c/Preprocessor5.qll

@@ -3,9 +3,19 @@ import cpp
 import RuleMetadata
 import codingstandards.cpp.exclusions.RuleMetadata
 
-newtype Preprocessor5Query = TMacroParameterNotEnclosedInParenthesesCQueryQuery()
+newtype Preprocessor5Query =
+  TMacroOrFunctionArgsContainHashTokenQuery() or
+  TMacroParameterNotEnclosedInParenthesesCQueryQuery()
 
 predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleId) {
+  query =
+    // `Query` instance for the `macroOrFunctionArgsContainHashToken` query
+    Preprocessor5Package::macroOrFunctionArgsContainHashTokenQuery() and
+  queryId =
+    // `@id` for the `macroOrFunctionArgsContainHashToken` query
+    "c/cert/macro-or-function-args-contain-hash-token" and
+  ruleId = "PRE32-C"
+  or
   query =
     // `Query` instance for the `macroParameterNotEnclosedInParenthesesCQuery` query
     Preprocessor5Package::macroParameterNotEnclosedInParenthesesCQueryQuery() and
@@ -16,6 +26,13 @@ predicate isPreprocessor5QueryMetadata(Query query, string queryId, string ruleI
 }
 
 module Preprocessor5Package {
+  Query macroOrFunctionArgsContainHashTokenQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `macroOrFunctionArgsContainHashToken` query
+      TQueryC(TPreprocessor5PackageQuery(TMacroOrFunctionArgsContainHashTokenQuery()))
+  }
+
   Query macroParameterNotEnclosedInParenthesesCQueryQuery() {
     //autogenerate `Query` type
     result =

cpp/common/src/codingstandards/cpp/rules/preprocessingdirectivewithinmacroargument/PreprocessingDirectiveWithinMacroArgument.qll

@@ -5,38 +5,16 @@
 import cpp
 import codingstandards.cpp.Customizations
 import codingstandards.cpp.Exclusions
+import codingstandards.cpp.PreprocessorDirective
 
 abstract class PreprocessingDirectiveWithinMacroArgumentSharedQuery extends Query { }
 
 Query getQuery() { result instanceof PreprocessingDirectiveWithinMacroArgumentSharedQuery }
 
-pragma[noinline]
-predicate isMacroInvocationLocation(MacroInvocation mi, File f, int startChar, int endChar) {
-  mi.getActualLocation().charLoc(f, startChar, endChar)
-}
-
-pragma[noinline]
-predicate isPreprocDirectiveLocation(PreprocessorDirective pd, File f, int startChar) {
-  pd.getLocation().charLoc(f, startChar, _)
-}
-
 query predicate problems(MacroInvocation m, string message) {
   not isExcluded(m, getQuery()) and
   exists(PreprocessorDirective p |
-    // There is not sufficient information in the database for nested macro invocations, because
-    // the location of nested macros and preprocessor directives are all set to the location of the
-    // outermost macro invocation
-    not exists(m.getParentInvocation()) and
-    exists(File f, int startChar, int endChar |
-      isMacroInvocationLocation(m, f, startChar, endChar) and
-      exists(int lStart | isPreprocDirectiveLocation(p, f, lStart) |
-        // If the start location of the preprocessor directive is after the start of the macro
-        // invocation, and before the end, it must be within the macro invocation
-        // Note: it's critical to use startChar < lStart, not startChar <= lStart, because the
-        // latter will include preprocessor directives which occur in nested macro invocations
-        startChar < lStart and lStart < endChar
-      )
-    ) and
+    p = isLocatedInAMacroInvocation(m) and
     message =
       "Invocation of macro " + m.getMacroName() + " includes a token \"" + p +
         "\" that could be confused for an argument preprocessor directive."

rule_packages/c/Preprocessor5.json

@@ -1,4 +1,26 @@
 {
+  "CERT-C": {
+    "PRE32-C": {
+      "properties": {
+        "obligation": "rule"
+      },
+      "queries": [
+        {
+          "description": "Arguments to a function-like macros shall not contain tokens that look like pre-processing directives or else behaviour after macro expansion is unpredictable. This rule applies to functions as well in case they are implemented using macros.",
+          "kind": "problem",
+          "name": "Do not use preprocessor directives in invocations of function-like macros",
+          "precision": "high",
+          "severity": "warning",
+          "short_name": "MacroOrFunctionArgsContainHashToken",
+          "tags": [
+            "readability",
+            "correctness"
+          ]
+        }
+      ],
+      "title": "Do not use preprocessor directives in invocations of function-like macros"
+    }
+  },
   "MISRA-C-2012": {
     "RULE-20-7": {
       "properties": {

rules.csv

@@ -587,7 +587,7 @@ c,CERT-C,POS53-C,OutOfScope,Rule,,,Do not use more than one mutex for concurrent
 c,CERT-C,POS54-C,OutOfScope,Rule,,,Detect and handle POSIX library errors,,,,
 c,CERT-C,PRE30-C,No,Rule,,,Do not create a universal character name through concatenation,,,Medium,
 c,CERT-C,PRE31-C,Yes,Rule,,,Avoid side effects in arguments to unsafe macros,RULE-13-2,SideEffects,Medium,
-c,CERT-C,PRE32-C,Yes,Rule,,,Do not use preprocessor directives in invocations of function-like macros,,Preprocessor,Hard,
+c,CERT-C,PRE32-C,Yes,Rule,,,Do not use preprocessor directives in invocations of function-like macros,,Preprocessor5,Hard,
 c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal handlers,,Contracts,Medium,
 c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,Contracts,Medium,
 c,CERT-C,SIG34-C,Yes,Rule,,,Do not call signal() from within interruptible signal handlers,,Contracts,Medium,