Release v2.5.0

.vscode/tasks.json

@@ -171,6 +171,10 @@
                 "Classes",
                 "Comments",
                 "Concurrency",
+                "Concurrency",
+                "Concurrency1",
+                "Concurrency2",
+                "Concurrency3",
                 "Conditionals",
                 "Const",
                 "DeadCode",
@@ -199,6 +203,8 @@
                 "OperatorInvariants",
                 "Operators",
                 "Pointers",
+                "Pointers1",
+                "Pointers2",
                 "Scope",
                 "SideEffects1",
                 "SideEffects2",

c/cert/src/qlpack.yml

@@ -1,4 +1,4 @@
 name: cert-c-coding-standards
-version: 2.4.0
+version: 2.5.0
 suites: codeql-suites
 libraryPathDependencies: common-c-coding-standards

c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads-standard.qhelp

@@ -0,0 +1,33 @@
+<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
+<qhelp>
+  <section title="Classification">
+    <ul>
+      <li>required</li>
+      <li>implementation</li>
+      <li>automated</li>
+    </ul>
+  </section>
+
+  <section title="Rationale">
+    <p>
+           ...
+    </p>
+
+  </section>
+
+  <section title="Exception">
+    <p>
+      ...
+    </p>
+  </section>
+
+  <example>
+    <sample src="standard-example.c"></sample>
+  </example>
+
+  <section title="See more">
+    <ul>
+      <li>...</li>
+    </ul>
+  </section>
+</qhelp>

c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.qhelp

@@ -0,0 +1,18 @@
+<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
+<qhelp>
+  <!-- THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. -->
+  <overview>
+    <p>This query implements the CERT-C rule CON32-C:</p>
+    <blockquote>
+      <p>Prevent data races when accessing bit-fields from multiple threads</p>
+    </blockquote>
+  </overview>
+  <include src="PreventDataRacesWithMultipleThreads-standard.qhelp" />
+  <references>
+    <li>
+      CERT-C:
+      <a href="https://wiki.sei.cmu.edu/confluence/display/c">CON32-C: Prevent data races when accessing bit-fields from multiple threads</a>
+      .
+    </li>
+  </references>
+</qhelp>

c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql

@@ -0,0 +1,23 @@
+/**
+ * @id c/cert/prevent-data-races-with-multiple-threads
+ * @name CON32-C: Prevent data races when accessing bit-fields from multiple threads
+ * @description Accesses to bit fields without proper concurrency protection can result in data
+ *              races.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/cert/id/con32-c
+ *       correctness
+ *       concurrency
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.rules.guardaccesstobitfields.GuardAccessToBitFields
+
+class PreventDataRacesWithMultipleThreadsQuery extends GuardAccessToBitFieldsSharedQuery {
+  PreventDataRacesWithMultipleThreadsQuery() {
+    this = Concurrency1Package::preventDataRacesWithMultipleThreadsQuery()
+  }
+}

c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions-standard.qhelp

@@ -0,0 +1,33 @@
+<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
+<qhelp>
+  <section title="Classification">
+    <ul>
+      <li>required</li>
+      <li>implementation</li>
+      <li>automated</li>
+    </ul>
+  </section>
+
+  <section title="Rationale">
+    <p>
+           ...
+    </p>
+
+  </section>
+
+  <section title="Exception">
+    <p>
+      ...
+    </p>
+  </section>
+
+  <example>
+    <sample src="standard-example.c"></sample>
+  </example>
+
+  <section title="See more">
+    <ul>
+      <li>...</li>
+    </ul>
+  </section>
+</qhelp>

c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.qhelp

@@ -0,0 +1,18 @@
+<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
+<qhelp>
+  <!-- THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. -->
+  <overview>
+    <p>This query implements the CERT-C rule CON33-C:</p>
+    <blockquote>
+      <p>Avoid race conditions when using library functions</p>
+    </blockquote>
+  </overview>
+  <include src="RaceConditionsWhenUsingLibraryFunctions-standard.qhelp" />
+  <references>
+    <li>
+      CERT-C:
+      <a href="https://wiki.sei.cmu.edu/confluence/display/c">CON33-C: Avoid race conditions when using library functions</a>
+      .
+    </li>
+  </references>
+</qhelp>

c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql

@@ -0,0 +1,28 @@
+/**
+ * @id c/cert/race-conditions-when-using-library-functions
+ * @name CON33-C: Avoid race conditions when using library functions
+ * @description Certain functions may cause race conditions when used from a threaded context.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/cert/id/con33-c
+ *       correctness
+ *       concurrency
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.Concurrency
+
+from ThreadedCFN node
+where
+  not isExcluded(node, Concurrency1Package::raceConditionsWhenUsingLibraryFunctionsQuery()) and
+  node.(FunctionCall).getTarget().getName() =
+    [
+      "rand", "srand", "getenv", "strtok", "strerror", "asctime", "ctime", "localtime", "gmtime",
+      "setlocale", "atomic_init", "ATOMIC_VAR_INIT", "tmpnam", "mbrtoc16", "c16rtomb", "mbrtoc32",
+      "c32rtomb"
+    ]
+select node,
+  "Concurrent call to non-reeantrant function $@.", node.(FunctionCall).getTarget(), node.(FunctionCall).getTarget().getName()

c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram-standard.qhelp

@@ -0,0 +1,33 @@
+<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
+<qhelp>
+  <section title="Classification">
+    <ul>
+      <li>required</li>
+      <li>implementation</li>
+      <li>automated</li>
+    </ul>
+  </section>
+
+  <section title="Rationale">
+    <p>
+           ...
+    </p>
+
+  </section>
+
+  <section title="Exception">
+    <p>
+      ...
+    </p>
+  </section>
+
+  <example>
+    <sample src="standard-example.c"></sample>
+  </example>
+
+  <section title="See more">
+    <ul>
+      <li>...</li>
+    </ul>
+  </section>
+</qhelp>

c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.qhelp

@@ -0,0 +1,21 @@
+<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
+<qhelp>
+  <!-- THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. -->
+  <overview>
+    <p>This query implements the CERT-C rule CON37-C:</p>
+    <blockquote>
+      <p>Do not call signal() in a multithreaded program</p>
+    </blockquote>
+  </overview>
+  <include src="DoNotCallSignalInMultithreadedProgram-standard.qhelp" />
+  <section title="Implementation scope">
+    <p></p>
+  </section>
+  <references>
+    <li>
+      CERT-C:
+      <a href="https://wiki.sei.cmu.edu/confluence/display/c">CON37-C: Do not call signal() in a multithreaded program</a>
+      .
+    </li>
+  </references>
+</qhelp>

c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql

@@ -0,0 +1,28 @@
+/**
+ * @id c/cert/do-not-call-signal-in-multithreaded-program
+ * @name CON37-C: Do not call signal() in a multithreaded program
+ * @description Calling signal() from within a multithreaded program can result in unpredictable
+ *              program behavior.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/cert/id/con37-c
+ *       correctness
+ *       concurrency
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.Concurrency
+
+from FunctionCall fc
+// This should only be applied in the context of a multi-threaded program (since
+// it is valid to be used in a non-threaded program) so we filter those types of
+// programs out here
+where
+  not isExcluded(fc, Concurrency1Package::doNotCallSignalInMultithreadedProgramQuery()) and
+  fc.getTarget().getName() = "signal" and
+  exists(ThreadedFunction f)
+select fc,
+  "Call to `signal()` in multithreaded programs."

c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes-standard.qhelp

@@ -0,0 +1,33 @@
+<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
+<qhelp>
+  <section title="Classification">
+    <ul>
+      <li>required</li>
+      <li>implementation</li>
+      <li>automated</li>
+    </ul>
+  </section>
+
+  <section title="Rationale">
+    <p>
+           ...
+    </p>
+
+  </section>
+
+  <section title="Exception">
+    <p>
+      ...
+    </p>
+  </section>
+
+  <example>
+    <sample src="standard-example.c"></sample>
+  </example>
+
+  <section title="See more">
+    <ul>
+      <li>...</li>
+    </ul>
+  </section>
+</qhelp>

c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.qhelp

@@ -0,0 +1,18 @@
+<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
+<qhelp>
+  <!-- THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. -->
+  <overview>
+    <p>This query implements the CERT-C rule STR34-C:</p>
+    <blockquote>
+      <p>Cast characters to unsigned char before converting to larger integer sizes</p>
+    </blockquote>
+  </overview>
+  <include src="CastCharBeforeConvertingToLargerSizes-standard.qhelp" />
+  <references>
+    <li>
+      CERT-C:
+      <a href="https://wiki.sei.cmu.edu/confluence/display/c">STR34-C: Cast characters to unsigned char before converting to larger integer sizes</a>
+      .
+    </li>
+  </references>
+</qhelp>

c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql

@@ -0,0 +1,31 @@
+/**
+ * @id c/cert/cast-char-before-converting-to-larger-sizes
+ * @name STR34-C: Cast characters to unsigned char before converting to larger integer sizes
+ * @description Not casting smaller char sizes to unsigned char before converting to lager integer
+ *              sizes may lead to unpredictable program behavior.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/cert/id/str34-c
+ *       correctness
+ *       security
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import semmle.code.cpp.commons.CommonType
+
+from Cast c
+where
+  not isExcluded(c, Strings3Package::castCharBeforeConvertingToLargerSizesQuery()) and
+  // find cases where there is a conversion happening wherein the
+  // base type is a char
+  c.getExpr().getType() instanceof CharType and
+  not c.getExpr().getType() instanceof UnsignedCharType and
+  // it's a bigger type
+  c.getType().getSize() > c.getExpr().getType().getSize() and
+  // and it's some kind of integer type
+  c.getType() instanceof IntegralType
+select c.getExpr(),
+  "Expression not converted to `unsigned char` before converting to a larger integer type."

c/cert/src/rules/STR38-C/DoNotConfuseNarrowAndWideFunctions-standard.qhelp

@@ -0,0 +1,33 @@
+<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
+<qhelp>
+  <section title="Classification">
+    <ul>
+      <li>required</li>
+      <li>implementation</li>
+      <li>automated</li>
+    </ul>
+  </section>
+
+  <section title="Rationale">
+    <p>
+           ...
+    </p>
+
+  </section>
+
+  <section title="Exception">
+    <p>
+      ...
+    </p>
+  </section>
+
+  <example>
+    <sample src="standard-example.c"></sample>
+  </example>
+
+  <section title="See more">
+    <ul>
+      <li>...</li>
+    </ul>
+  </section>
+</qhelp>