Rule 21.10.2 - NoCsetjmpHeader.ql

lcartey · lcartey · commit e26f32afacc8 · 2025-06-06T20:41:10.000+01:00
New query to detect banned uses of the csetjmp header. [a]
diff --git a/cpp/misra/src/rules/RULE-21-10-2/NoCsetjmpHeader.ql b/cpp/misra/src/rules/RULE-21-10-2/NoCsetjmpHeader.ql
@@ -0,0 +1,53 @@
+/**
+ * @id cpp/misra/no-csetjmp-header
+ * @name RULE-21-10-2: The standard header file <csetjmp> shall not be used
+ * @description Using facilities from the <csetjmp> header causes undefined behavior by bypassing
+ *              normal function return mechanisms and may result in non-trivial object destruction
+ *              being omitted.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-21-10-2
+ *       scope/single-translation-unit
+ *       external/misra/enforcement/decidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+import codingstandards.cpp.BannedFunctions
+
+class CSetJmpHeader extends Include {
+  CSetJmpHeader() { this.getIncludeText().regexpMatch("[<\\\"](csetjmp|setjmp.h)[>\\\"]") }
+}
+
+class JmpBufVariable extends Variable {
+  JmpBufVariable() { this.getType().(UserType).hasGlobalOrStdName("jmp_buf") }
+}
+
+class LongjmpFunction extends Function {
+  LongjmpFunction() { this.hasGlobalOrStdName("longjmp") }
+}
+
+class SetjmpMacroInvocation extends MacroInvocation {
+  SetjmpMacroInvocation() { this.getMacroName() = "setjmp" }
+}
+
+from Element element, string message
+where
+  not isExcluded(element, BannedAPIsPackage::noCsetjmpHeaderQuery()) and
+  (
+    message = "Use of banned header " + element.(CSetJmpHeader).getIncludeText() + "."
+    or
+    message =
+      "Declaration of variable '" + element.(JmpBufVariable).getName() +
+        "' with banned type 'jmp_buf'."
+    or
+    message =
+      element.(BannedFunctions<LongjmpFunction>::Use).getAction() + " banned function '" +
+        element.(BannedFunctions<LongjmpFunction>::Use).getFunctionName() + "'."
+    or
+    element instanceof SetjmpMacroInvocation and
+    message = "Use of banned macro 'setjmp'."
+  )
+select element, message
diff --git a/cpp/misra/test/rules/RULE-21-10-2/NoCsetjmpHeader.expected b/cpp/misra/test/rules/RULE-21-10-2/NoCsetjmpHeader.expected
@@ -0,0 +1,14 @@
+| test.cpp:1:1:1:18 | #include "csetjmp" | Use of banned header "csetjmp". |
+| test.cpp:2:1:2:19 | #include "setjmp.h" | Use of banned header "setjmp.h". |
+| test.cpp:3:1:3:18 | #include <csetjmp> | Use of banned header <csetjmp>. |
+| test.cpp:4:1:4:19 | #include <setjmp.h> | Use of banned header <setjmp.h>. |
+| test.cpp:8:9:8:10 | g1 | Declaration of variable 'g1' with banned type 'jmp_buf'. |
+| test.cpp:9:14:9:15 | g2 | Declaration of variable 'g2' with banned type 'jmp_buf'. |
+| test.cpp:12:11:12:12 | l1 | Declaration of variable 'l1' with banned type 'jmp_buf'. |
+| test.cpp:13:7:13:16 | setjmp(env) | Use of banned macro 'setjmp'. |
+| test.cpp:14:5:14:11 | call to longjmp | Call to banned function 'longjmp'. |
+| test.cpp:19:16:19:17 | l1 | Declaration of variable 'l1' with banned type 'jmp_buf'. |
+| test.cpp:20:7:20:16 | setjmp(env) | Use of banned macro 'setjmp'. |
+| test.cpp:21:5:21:16 | call to longjmp | Call to banned function 'longjmp'. |
+| test.cpp:26:11:26:12 | l1 | Declaration of variable 'l1' with banned type 'jmp_buf'. |
+| test.cpp:27:16:27:17 | l2 | Declaration of variable 'l2' with banned type 'jmp_buf'. |
diff --git a/cpp/misra/test/rules/RULE-21-10-2/NoCsetjmpHeader.qlref b/cpp/misra/test/rules/RULE-21-10-2/NoCsetjmpHeader.qlref
@@ -0,0 +1 @@
+rules/RULE-21-10-2/NoCsetjmpHeader.ql
diff --git a/cpp/misra/test/rules/RULE-21-10-2/test.cpp b/cpp/misra/test/rules/RULE-21-10-2/test.cpp
@@ -0,0 +1,38 @@
+#include "csetjmp"  // NON_COMPLIANT
+#include "setjmp.h" // NON_COMPLIANT
+#include <csetjmp>  // NON_COMPLIANT
+#include <setjmp.h> // NON_COMPLIANT
+#include <stdexcept>
+
+// Global variables for testing
+jmp_buf g1;      // NON_COMPLIANT
+std::jmp_buf g2; // NON_COMPLIANT
+
+void test_setjmp_usage() {
+  jmp_buf l1;            // NON_COMPLIANT
+  if (setjmp(l1) == 0) { // NON_COMPLIANT
+    longjmp(l1, 1);      // NON_COMPLIANT
+  }
+}
+
+void test_std_setjmp_usage() {
+  std::jmp_buf l1;       // NON_COMPLIANT
+  if (setjmp(l1) == 0) { // NON_COMPLIANT
+    std::longjmp(l1, 1); // NON_COMPLIANT
+  }
+}
+
+void test_jmp_buf_declaration() {
+  jmp_buf l1;      // NON_COMPLIANT
+  std::jmp_buf l2; // NON_COMPLIANT
+}
+
+void test_compliant_alternative() {
+  // Using structured exception handling or other alternatives
+  // instead of setjmp/longjmp
+  try {
+    throw std::runtime_error("error");
+  } catch (const std::runtime_error &) { // COMPLIANT
+    // Handle error properly
+  }
+}
