diff --git a/.github/workflows/code-scanning-pack-gen.yml b/.github/workflows/code-scanning-pack-gen.yml index 7406218e4..fdad8f932 100644 --- a/.github/workflows/code-scanning-pack-gen.yml +++ b/.github/workflows/code-scanning-pack-gen.yml @@ -105,7 +105,6 @@ jobs: mkdir -p "$query_dir" # Copy each selected ql file, plus the related files (qhelp, qhelp implementation) cp "$copy_from_root_name.ql" "lgtm-cpp-query-pack/$copy_to_root_name.ql" - cp "$copy_from_root_name-implementation.qhelp" "lgtm-cpp-query-pack/$copy_to_root_name-implementation.qhelp" cp "$copy_from_root_name.qhelp" "lgtm-cpp-query-pack/$copy_to_root_name.qhelp" done } diff --git a/.github/workflows/codeql_unit_tests.yml b/.github/workflows/codeql_unit_tests.yml index 605489a0e..c4e26abc0 100644 --- a/.github/workflows/codeql_unit_tests.yml +++ b/.github/workflows/codeql_unit_tests.yml @@ -65,6 +65,13 @@ jobs: codeql-home: ${{ github.workspace }}/codeql_home add-to-path: false + - name: Pre-Compile Queries + id: pre-compile-queries + run: | + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path cpp --threads 0 cpp + ${{ github.workspace }}/codeql_home/codeql/codeql query compile --search-path c --search-path cpp --threads 0 c + + - name: Run test suites id: run-test-suites env: @@ -108,12 +115,20 @@ jobs: # XL runners have 8 cores, so split the tests into 8 "slices", and run one per thread num_slices = 8 procs = [] + for slice in range(1, num_slices+1): test_report_path = os.path.join(runner_temp, "${{ matrix.language }}", f"test_report_{runner_os}_{cli_version}_{stdlib_ref_ident}_slice_{slice}_of_{num_slices}.json") os.makedirs(os.path.dirname(test_report_path), exist_ok=True) test_report_file = open(test_report_path, 'w') files_to_close.append(test_report_file) - procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + if "${{ matrix.language }}".casefold() == "c".casefold(): + # c tests require cpp -- but we don't want c things on the cpp + # path in case of design errors. + cpp_language_root = Path(workspace, 'cpp') + procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={cpp_language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + else: + procs.append(subprocess.Popen([codeql_bin, "test", "run", "--failing-exitcode=122", f"--slice={slice}/{num_slices}", "--ram=2048", "--format=json", f'--search-path={language_root}', f'--search-path={language_root}', *test_roots], stdout=test_report_file, stderr=subprocess.PIPE)) + for p in procs: p.wait() if p.returncode != 0: @@ -133,7 +148,7 @@ jobs: - name: Upload test results uses: actions/upload-artifact@v2 with: - name: test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} + name: ${{ matrix.language }}-test-results-${{ runner.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library_ident }} path: | ${{ runner.temp }}/${{ matrix.language }}/test_report_${{ runner.os }}_${{ matrix.codeql_cli }}_${{ matrix.codeql_standard_library_ident }}_slice_*.json if-no-files-found: error @@ -148,11 +163,11 @@ jobs: - name: Validate test results run: | - for json_report in test-results-*/test_report_* + for json_report in *-test-results-*/test_report_* do jq --raw-output '"PASS \(map(select(.pass == true)) | length)/\(length)'" $json_report\"" "$json_report" done - FAILING_TESTS=$(jq --raw-output '.[] | select(.pass == false)' test-results-*/test_report_*.json) + FAILING_TESTS=$(jq --raw-output '.[] | select(.pass == false)' *-test-results-*/test_report_*.json) if [[ ! -z "$FAILING_TESTS" ]]; then echo "ERROR: The following tests failed:" echo $FAILING_TESTS | jq . diff --git a/.vscode/tasks.json b/.vscode/tasks.json index efcee2415..24432cd31 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -12,7 +12,6 @@ }, "problemMatcher": [] }, - { "label": "🔃 Standards Automation: Switch To Test or Implementation", "type": "shell", @@ -23,7 +22,6 @@ }, "problemMatcher": [] }, - { "label": "Standards Automation: Install Deps", "type": "shell", @@ -165,49 +163,52 @@ "type": "pickString", "options": [ "Allocations", + "BannedFunctions", "BannedSyntax", "BannedTypes", - "BannedFunctions", + "Classes", + "Classes", "Classes", "Comments", "Concurrency", + "Conditionals", "Const", + "DeadCode", "Declarations", "Exceptions1", "Exceptions2", + "Expressions", + "Freed", + "Functions", + "IO", "Includes", + "Initialization", + "IntegerConversion", "Invariants", - "IO", "Iterators", + "Lambdas", "Literals", "Loops", "Macros", + "Misc", + "MoveForward", "Naming", + "Null", + "OperatorInvariants", + "Operators", + "Pointers", "Scope", - "Classes", - "SmartPointers1", - "SmartPointers2", "SideEffects1", "SideEffects2", + "SmartPointers1", + "SmartPointers2", "Strings", + "Strings1", + "Strings2", "Syntax", "Templates", - "Classes", - "Freed", - "Initialization", - "Functions", - "Null", - "OperatorInvariants", - "VirtualFunctions", - "Conditionals", - "MoveForward", - "Operators", "TypeRanges", - "Lambdas", - "Pointers", - "IntegerConversion", - "Expressions", - "DeadCode" + "VirtualFunctions" ] }, { diff --git a/c/cert/src/qlpack.yml b/c/cert/src/qlpack.yml index 586a651e2..9ecaaadc7 100644 --- a/c/cert/src/qlpack.yml +++ b/c/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

None

- - \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp index 458fbe3f7..628d8290f 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects-standard.qhelp @@ -1,33 +1,679 @@ -
- -
+
+

Evaluation of an expression may produce side effects. At specific points during execution, known as sequence points, all side effects of previous evaluations are complete, and no side effects of subsequent evaluations have yet taken place. Do not depend on the order of evaluation for side effects unless there is an intervening sequence point.

+

The C Standard, 6.5, paragraph 2 [ISO/IEC 9899:2011], states

+
+

If a side effect on a scalar object is unsequenced relative to either a different side effect on the same scalar object or a value computation using the value of the same scalar object, the behavior is undefined. If there are multiple allowable orderings of the subexpressions of an expression, the behavior is undefined if such an unsequenced side effect occurs in any of the orderings.

+
+

This requirement must be met for each allowable ordering of the subexpressions of a full expression; otherwise, the behavior is undefined. (See undefined behavior 35.)

+

The following sequence points are defined in the C Standard, Annex C [ISO/IEC 9899:2011]:

+ +

Furthermore, Section 6.5.16, paragraph 3 says (regarding assignment operations):

+
+

The side effect of updating the stored value of the left operand is sequenced after the value computations of the left and right operands.

+
+

This rule means that statements such as

+ i = i + 1; +a[i] = i; + +

have defined behavior, and statements such as the following do not:

+ /* i is modified twice between sequence points */ +i = ++i + 1; -
-

- ... -

+/* i is read other than to determine the value to be stored */ +a[i++] = i; + +

Not all instances of a comma in C code denote a usage of the comma operator. For example, the comma between arguments in a function call is not a sequence point. However, according to the C Standard, 6.5.2.2, paragraph 10 [ISO/IEC 9899:2011]

+
+

Every evaluation in the calling function (including other function calls) that is not otherwise specifically sequenced before or after the execution of the body of the called function is indeterminately sequenced with respect to the execution of the called function.

+
+

This rule means that the order of evaluation for function call arguments is unspecified and can happen in any order.

+
+
+

Programs cannot safely rely on the order of evaluation of operands between sequence points. In this noncompliant code example, i is evaluated twice without an intervening sequence point, so the behavior of the expression is undefined:

+ #include <stdio.h> -
+void func(int i, int *b) { + int a = i + b[++i]; + printf("%d, %d", a, i); +} +
+
+

These examples are independent of the order of evaluation of the operands and can be interpreted in only one way:

+ #include <stdio.h> -
-

- ... -

-
+void func(int i, int *b) { + int a; + ++i; + a = i + b[i]; + printf("%d, %d", a, i); +} +

Alternatively:

+ #include <stdio.h> - - - +void func(int i, int *b) { + int a = i + b[i + 1]; + ++i; + printf("%d, %d", a, i); +} +
+
+

The call to func() in this noncompliant code example has undefined behavior because there is no sequence point between the argument expressions:

+ extern void func(int i, int j); + +void f(int i) { + func(i++, i); +} +

The first (left) argument expression reads the value of i (to determine the value to be stored) and then modifies i. The second (right) argument expression reads the value of i between the same pair of sequence points as the first argument, but not to determine the value to be stored in i. This additional attempt to read the value of i has undefined behavior.

+
+
+

This compliant solution is appropriate when the programmer intends for both arguments to func() to be equivalent:

+ extern void func(int i, int j); + +void f(int i) { + i++; + func(i, i); +} +

This compliant solution is appropriate when the programmer intends for the second argument to be 1 greater than the first:

+ extern void func(int i, int j); + +void f(int i) { + int j = i++; + func(j, i); +} +
+
+

The order of evaluation for function arguments is unspecified. This noncompliant code example exhibits unspecified behavior but not undefined behavior:

+ extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} -
-
    -
  • ...
    • -
-
+int b(void) { + glob = 42; + return glob; +} + +void func(void) { + c(a(), b()); +} +

It is unspecified what order a() and b() are called in; the only guarantee is that both a() and b() will be called before c() is called. If a() or b() rely on shared state when calculating their return value, as they do in this example, the resulting arguments passed to c() may differ between compilers or architectures.

+
+
+

In this compliant solution, the order of evaluation for a() and b() is fixed, and so no unspecified behavior occurs:

+ extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} +int b(void) { + glob = 42; + return glob; +} + +void func(void) { + int a_val, b_val; + + a_val = a(); + b_val = b(); + + c(a_val, b_val); +} +
+
+

Attempting to modify an object multiple times between sequence points may cause that object to take on an unexpected value, which can lead to unexpected program behavior.

+ + + + + + + + + + + + + + + + + + + +
+ Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
+ EXP30-C + + Medium + + Probable + + Medium + + P8 + + L2 +
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Tool + + Version + + Checker + + Description +
+ + Astrée + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
+ + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP30 + +
+ + Clang + + + 3.9 + + -Wunsequenced + + Detects simple violations of this rule, but does not diagnose unsequenced function call arguments. +
+ + Compass/ROSE + + + + + Can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. It also must check that no variable is modified once, then read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator +
+ + Coverity + + + 2017.07 + + EVALUATION_ORDER + + Can detect the specific instance where a statement contains multiple side effects on the same value with an undefined evaluation order because, with different compiler flags or different compilers or platforms, the statement may behave differently +
+ + ECLAIR + + + 1.2 + + CC2.EXP30 + + Fully implemented +
+ + GCC + + + 4.3.5 + + + Can detect violations of this rule when the + -Wsequence-point + flag is used +
+ + Helix QAC + + + 2022.1 + + C0400, C0401, C0402, C0403, C0404, C0405 + +
+ + Klocwork + + + 2022.1 + + PORTING.VAR.EFFECTS + MISRA.INCR_DECR.OTHER + +
+ + LDRA tool suite + + + 9.7.1 + + 35 D, 1 Q, 9 S, 30 S, 134 S + + Partially implemented +
+ + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP30-a + CERT_C-EXP30-b + CERT_C-EXP30-c + CERT_C-EXP30-d + + The value of an expression shall be the same under any order of evaluation that the standard permits + Don't write code that depends on the order of evaluation of function arguments + Don't write code that depends on the order of evaluation of function designator and function arguments + Don't write code that depends on the order of evaluation of expression that involves a function call +
+ + PC-lint Plus + + + 1.4 + + 564 + + Partially supported +
+ + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP30-C + + + Checks for situations when expression value depends on order of evaluation or of side effects (rule partially covered) +
+ + PRQA QA-C + + + 9.7 + + 0400, 0401, 0402, + 0403, 0404, 0405 + + Fully implemented +
+ + PVS-Studio + + + 7.18 + + V532 + + , + + V567 + +
+ + RuleChecker + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
+ + Splint + + + 3.1.1 + + +
+ + SonarQube C/C++ Plugin + + + 3.11 + + IncAndDecMixedWithOtherOperators + +
+ + TrustInSoft Analyzer + + + 1.38 + + separated + + Exhaustively verified (see + + one compliant and one non-compliant example + + ). +
+
+
+

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

+
+
+

Key here (explains table format and definitions)

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Taxonomy + + Taxonomy item + + Relationship +
+ + CERT C + + + + EXP50-CPP. Do not depend on the order of evaluation for side effects + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + CERT Oracle Secure Coding Standard for Java + + + + EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + ISO/IEC TR 24772:2013 + + + Operator Precedence/Order of Evaluation [JCW] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + ISO/IEC TR 24772:2013 + + + Side-effects and Order of Evaluation [SAM] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
+ + MISRA C:2012 + + + Rule 13.2 (required) + + CERT cross-reference in + + MISRA C:2012 – Addendum 3 + +
+ + CWE 2.11 + + + + CWE-758 + + + 2017-07-07: CERT: Rule subset of CWE +
+
+
+

Key here for mapping notes

+

CWE-758 and EXP30-C

+

Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)

+

CWE-758 = Union( EXP30-C, list) where list =

+ +
+
+ + + + + + + + + + + + + + + +
+ [ + + ISO/IEC 9899:2011 + + ] + + 6.5, "Expressions" + 6.5.2.2, "Function Calls" + Annex C, "Sequence Points" +
+ [ + + Saks 2007 + + ] + +
+ [ + + Summit 2005 + + ] + + Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11 +
+
\ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp index f7783bfac..0ad32f85e 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.qhelp @@ -8,9 +8,6 @@ -
- -
  • CERT-C: diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp index 458fbe3f7..628d8290f 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects-standard.qhelp @@ -1,33 +1,679 @@ -
    -
      -
    • required
      • -
    • implementation
      • -
    • automated
      • -
    -
    +
    +

    Evaluation of an expression may produce side effects. At specific points during execution, known as sequence points, all side effects of previous evaluations are complete, and no side effects of subsequent evaluations have yet taken place. Do not depend on the order of evaluation for side effects unless there is an intervening sequence point.

    +

    The C Standard, 6.5, paragraph 2 [ISO/IEC 9899:2011], states

    +
    +

    If a side effect on a scalar object is unsequenced relative to either a different side effect on the same scalar object or a value computation using the value of the same scalar object, the behavior is undefined. If there are multiple allowable orderings of the subexpressions of an expression, the behavior is undefined if such an unsequenced side effect occurs in any of the orderings.

    +
    +

    This requirement must be met for each allowable ordering of the subexpressions of a full expression; otherwise, the behavior is undefined. (See undefined behavior 35.)

    +

    The following sequence points are defined in the C Standard, Annex C [ISO/IEC 9899:2011]:

    +
      +
    • Between the evaluations of the function designator and actual arguments in a function call and the actual call
      • +
    • Between the evaluations of the first and second operands of the following operators:Logical AND: &&Logical OR: ||Comma: ,
      • +
    • Between the evaluations of the first operand of the conditional ?: operator and whichever of the second and third operands is evaluated
      • +
    • The end of a full declarator
      • +
    • Between the evaluation of a full expression and the next full expression to be evaluated; the following are full expressions:An initializer that is not part of a compound literalThe expression in an expression statementThe controlling expression of a selection statement (if or switch)The controlling expression of a while or do statementEach of the (optional) expressions of a for statementThe (optional) expression in a return statement
      • +
    • Immediately before a library function returns
      • +
    • After the actions associated with each formatted input/output function conversion specifier
      • +
    • Immediately before and immediately after each call to a comparison function, and also between any call to a comparison function and any movement of the objects passed as arguments to that call
      • +
    +

    Furthermore, Section 6.5.16, paragraph 3 says (regarding assignment operations):

    +
    +

    The side effect of updating the stored value of the left operand is sequenced after the value computations of the left and right operands.

    +
    +

    This rule means that statements such as

    + i = i + 1; +a[i] = i; + +

    have defined behavior, and statements such as the following do not:

    + /* i is modified twice between sequence points */ +i = ++i + 1; -
    -

    - ... -

    +/* i is read other than to determine the value to be stored */ +a[i++] = i; + +

    Not all instances of a comma in C code denote a usage of the comma operator. For example, the comma between arguments in a function call is not a sequence point. However, according to the C Standard, 6.5.2.2, paragraph 10 [ISO/IEC 9899:2011]

    +
    +

    Every evaluation in the calling function (including other function calls) that is not otherwise specifically sequenced before or after the execution of the body of the called function is indeterminately sequenced with respect to the execution of the called function.

    +
    +

    This rule means that the order of evaluation for function call arguments is unspecified and can happen in any order.

    +
    +
    +

    Programs cannot safely rely on the order of evaluation of operands between sequence points. In this noncompliant code example, i is evaluated twice without an intervening sequence point, so the behavior of the expression is undefined:

    + #include <stdio.h> -
    +void func(int i, int *b) { + int a = i + b[++i]; + printf("%d, %d", a, i); +}     +
    +
    +

    These examples are independent of the order of evaluation of the operands and can be interpreted in only one way:

    + #include <stdio.h> -
    -

    - ... -

    -
    +void func(int i, int *b) { + int a; + ++i; + a = i + b[i]; + printf("%d, %d", a, i); +}     +

    Alternatively:

    + #include <stdio.h> - - - +void func(int i, int *b) { + int a = i + b[i + 1]; + ++i; + printf("%d, %d", a, i); +} +
    +
    +

    The call to func() in this noncompliant code example has undefined behavior because there is no sequence point between the argument expressions:

    + extern void func(int i, int j); + +void f(int i) { + func(i++, i); +} +

    The first (left) argument expression reads the value of i (to determine the value to be stored) and then modifies i. The second (right) argument expression reads the value of i between the same pair of sequence points as the first argument, but not to determine the value to be stored in i. This additional attempt to read the value of i has undefined behavior.

    +
    +
    +

    This compliant solution is appropriate when the programmer intends for both arguments to func() to be equivalent:

    + extern void func(int i, int j); + +void f(int i) { + i++; + func(i, i); +} +

    This compliant solution is appropriate when the programmer intends for the second argument to be 1 greater than the first:

    + extern void func(int i, int j); + +void f(int i) { + int j = i++; + func(j, i); +} +
    +
    +

    The order of evaluation for function arguments is unspecified. This noncompliant code example exhibits unspecified behavior but not undefined behavior:

    + extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} -
    -
      -
    • ...
      • -
    -
    +int b(void) { + glob = 42; + return glob; +} + +void func(void) { + c(a(), b()); +}     +

    It is unspecified what order a() and b() are called in; the only guarantee is that both a() and b() will be called before c() is called. If a() or b() rely on shared state when calculating their return value, as they do in this example, the resulting arguments passed to c() may differ between compilers or architectures.

    +
    +
    +

    In this compliant solution, the order of evaluation for a() and b() is fixed, and so no unspecified behavior occurs:

    + extern void c(int i, int j); +int glob; + +int a(void) { + return glob + 10; +} +int b(void) { + glob = 42; + return glob; +} + +void func(void) { + int a_val, b_val; + + a_val = a(); + b_val = b(); + + c(a_val, b_val); +} +
    +
    +

    Attempting to modify an object multiple times between sequence points may cause that object to take on an unexpected value, which can lead to unexpected program behavior.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + EXP30-C + + Medium + + Probable + + Medium + + P8 + + L2 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP30 + +
    + + Clang + + + 3.9 + + -Wunsequenced + + Detects simple violations of this rule, but does not diagnose unsequenced function call arguments. +
    + + Compass/ROSE + + + + + Can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. It also must check that no variable is modified once, then read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator +
    + + Coverity + + + 2017.07 + + EVALUATION_ORDER + + Can detect the specific instance where a statement contains multiple side effects on the same value with an undefined evaluation order because, with different compiler flags or different compilers or platforms, the statement may behave differently +
    + + ECLAIR + + + 1.2 + + CC2.EXP30 + + Fully implemented +
    + + GCC + + + 4.3.5 + + + Can detect violations of this rule when the + -Wsequence-point + flag is used +
    + + Helix QAC + + + 2022.1 + + C0400, C0401, C0402, C0403, C0404, C0405 + +
    + + Klocwork + + + 2022.1 + + PORTING.VAR.EFFECTS + MISRA.INCR_DECR.OTHER + +
    + + LDRA tool suite + + + 9.7.1 + + 35 D, 1 Q, 9 S, 30 S, 134 S + + Partially implemented +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP30-a + CERT_C-EXP30-b + CERT_C-EXP30-c + CERT_C-EXP30-d + + The value of an expression shall be the same under any order of evaluation that the standard permits + Don't write code that depends on the order of evaluation of function arguments + Don't write code that depends on the order of evaluation of function designator and function arguments + Don't write code that depends on the order of evaluation of expression that involves a function call +
    + + PC-lint Plus + + + 1.4 + + 564 + + Partially supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP30-C + + + Checks for situations when expression value depends on order of evaluation or of side effects (rule partially covered) +
    + + PRQA QA-C + + + 9.7 + + 0400, 0401, 0402, + 0403, 0404, 0405 + + Fully implemented +
    + + PVS-Studio + + + 7.18 + + V532 + + , + + V567 + +
    + + RuleChecker + + + 20.10 + + evaluation-order + multiple-volatile-accesses + + Fully checked +
    + + Splint + + + 3.1.1 + + +
    + + SonarQube C/C++ Plugin + + + 3.11 + + IncAndDecMixedWithOtherOperators + +
    + + TrustInSoft Analyzer + + + 1.38 + + separated + + Exhaustively verified (see + + one compliant and one non-compliant example + + ). +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + EXP50-CPP. Do not depend on the order of evaluation for side effects + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT Oracle Secure Coding Standard for Java + + + + EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TR 24772:2013 + + + Operator Precedence/Order of Evaluation [JCW] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TR 24772:2013 + + + Side-effects and Order of Evaluation [SAM] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + MISRA C:2012 + + + Rule 13.2 (required) + + CERT cross-reference in + + MISRA C:2012 – Addendum 3 + +
    + + CWE 2.11 + + + + CWE-758 + + + 2017-07-07: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-758 and EXP30-C

    +

    Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)

    +

    CWE-758 = Union( EXP30-C, list) where list =

    +
      +
    • Undefined behavior that results from anything other than reading and writing to a variable twice without an intervening sequence point.
      • +
    +
    +
    + + + + + + + + + + + + + + + +
    + [ + + ISO/IEC 9899:2011 + + ] + + 6.5, "Expressions" + 6.5.2.2, "Function Calls" + Annex C, "Sequence Points" +
    + [ + + Saks 2007 + + ] + +
    + [ + + Summit 2005 + + ] + + Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11 +
    +
    \ No newline at end of file diff --git a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp index 6313114ff..b1a3a347d 100644 --- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp +++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfScalarEvaluationForSideEffects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-implementation.qhelp b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp index 458fbe3f7..f439c6375 100644 --- a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp +++ b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect-standard.qhelp @@ -1,33 +1,481 @@ -
    -
      -
    • required
      • -
    • implementation
      • -
    • automated
      • -
    -
    +
    +

    Some operators do not evaluate their operands beyond the type information the operands provide. When using one of these operators, do not pass an operand that would otherwise yield a side effect since the side effect will not be generated.

    +

    The sizeof operator yields the size (in bytes) of its operand, which may be an expression or the parenthesized name of a type. In most cases, the operand is not evaluated. A possible exception is when the type of the operand is a variable length array type (VLA); then the expression is evaluated. When part of the operand of the sizeof operator is a VLA type and when changing the value of the VLA's size expression would not affect the result of the operator, it is unspecified whether or not the size expression is evaluated. (See unspecified behavior 22.)

    +

    The operand passed to_Alignof is never evaluated, despite not being an expression. For instance, if the operand is a VLA type and the VLA's size expression contains a side effect, that side effect is never evaluated.

    +

    The operand used in the controlling expression of a _Generic selection expression is never evaluated.

    +

    Providing an expression that appears to produce side effects may be misleading to programmers who are not aware that these expressions are not evaluated, and in the case of a VLA used in sizeof, have unspecified results. As a result, programmers may make invalid assumptions about program state, leading to errors and possible software vulnerabilities.

    +

    This rule is similar to PRE31-C. Avoid side effects in arguments to unsafe macros.

    +
    +
    +

    In this noncompliant code example, the expression a++ is not evaluated:

    + #include <stdio.h> + +void func(void) { + int a = 14; + int b = sizeof(a++); + printf("%d, %d\n", a, b); +} +

    Consequently, the value of a after b has been initialized is 14.

    +
    +
    +

    In this compliant solution, the variable a is incremented outside of the sizeof operation:

    + #include <stdio.h> + +void func(void) { + int a = 14; + int b = sizeof(a); + ++a; + printf("%d, %d\n", a, b); +} +
    +
    +

    In this noncompliant code example, the expression ++n in the initialization expression of a must be evaluated because its value affects the size of the VLA operand of the sizeof operator. However, in the initialization expression of b, the expression ++n % 1 evaluates to 0. This means that the value of n does not affect the result of the sizeof operator. Consequently, it is unspecified whether or not n will be incremented when initializing b.

    + #include <stddef.h> +#include <stdio.h> + +void f(size_t n) { + /* n must be incremented */ + size_t a = sizeof(int[++n]); + + /* n need not be incremented */ + size_t b = sizeof(int[++n % 1 + 1]); -
    -

    - ... -

    + printf("%zu, %zu, %zu\n", a, b, n); + /* ... */ +} +
    +
    +

    This compliant solution avoids changing the value of the variable n used in each sizeof expression and instead increments n safely afterwards:

    + #include <stddef.h> +#include <stdio.h> + +void f(size_t n) { + size_t a = sizeof(int[n + 1]); + ++n; -
    + size_t b = sizeof(int[n % 1 + 1]); + ++n; + printf("%zu, %zu, %zu\n", a, b, n); + /* ... */ +} +     +
    +
    +

    This noncompliant code example attempts to modify a variable's value as part of the _Generic selection control expression. The programmer may expect that a is incremented, but because _Generic does not evaluate its control expression, the value of a is not modified.

    + #include <stdio.h> -
    -

    - ... -

    -
    +#define S(val) _Generic(val, int : 2, \ + short : 3, \ + default : 1) +void func(void) { + int a = 0; + int b = S(a++); + printf("%d, %d\n", a, b); +}     +
    +
    +

    In this compliant solution, a is incremented outside of the _Generic selection expression:

    + #include <stdio.h> - - - - -
    -
      -
    • ...
      • -
    -
    +#define S(val) _Generic(val, int : 2, \ + short : 3, \ + default : 1) +void func(void) { + int a = 0; + int b = S(a); + ++a; + printf("%d, %d\n", a, b); +}     +
    +
    +

    This noncompliant code example attempts to modify a variable while getting its default alignment value. The user may have expected val to be incremented as part of the _Alignof expression, but because _Alignof does not evaluate its operand, val is unchanged.

    + #include <stdio.h> + +void func(void) { + int val = 0; + /* ... */ + size_t align = _Alignof(int[++val]); + printf("%zu, %d\n", align, val); + /* ... */ +} +
    +
    +

    This compliant solution moves the expression out of the _Alignof operator:

    + #include <stdio.h> +void func(void) { + int val = 0; + /* ... */ + ++val; + size_t align = _Alignof(int[val]); + printf("%zu, %d\n", align, val); + /* ... */ +} +
    +
    +

    EXP44-C-EX1: Reading a volatile-qualified value is a side-effecting operation. However, accessing a value through a volatile-qualified type does not guarantee side effects will happen on the read of the value unless the underlying object is also volatile-qualified. Idiomatic reads of a volatile-qualified object are permissible as an operand to a sizeof(), _Alignof(), or _Generic expression, as in the following example:

    + void f(void) { + int * volatile v; + (void)sizeof(*v); +} +
    +
    +

    If expressions that appear to produce side effects are supplied to an operator that does not evaluate its operands, the results may be different than expected. Depending on how this result is used, it can lead to unintended program behavior.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + EXP44-C + + Low + + Unlikely + + Low + + P3 + + L3 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + alignof-side-effectgeneric-selection-side-effectsizeof + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP44 + +
    + + Clang + + + 3.9 + + -Wunevaluated-expression + + Can diagnose some instance of this rule, but not all (such as the + _Alignof + NCCE). +
    + + CodeSonar + + + 6.2p0 + + LANG.STRUCT.SE.SIZEOF + + Side effects in sizeof +
    + + Compass/ROSE + + + + +
    + + Coverity + + + 2017.07 + + MISRA C 2004 Rule 12.3 + + Partially implemented +
    + + ECLAIR + + + 1.2 + + CC2.EXP06 + + Fully implemented +
    + + Helix QAC + + + 2022.1 + + C3307 + +
    + + Klocwork + + + 2022.1 + + MISRA.SIZEOF.SIDE_EFFECT + +
    + + LDRA tool suite + + + 9.7.1 + + 54 S, 653 S + + Fully implemented +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP44-a + CERT_C-EXP44-b + + Object designated by a volatile lvalue should not be accessed in the operand of the sizeof operator + The function call that causes the side effect shall not be the operand of the sizeof operator +
    + + PC-lint Plus + + + 1.4 + + 9006 + + Partially supported: reports use of sizeof with an expression that would have side effects +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP44-C + + + Checks for situations when side effects of specified expressions are ignored (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 3307 + + Fully implemented +
    + + PVS-Studio + + + 7.18 + + V568 + +
    + + RuleChecker + + + 20.10 + + alignof-side-effectgeneric-selection-side-effectsizeof + + Fully checked +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + EXP52-CPP. Do not rely on side effects in unevaluated operands + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    +
    \ No newline at end of file diff --git a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp index 1069bc421..b33510d09 100644 --- a/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp +++ b/c/cert/src/rules/EXP44-C/UnevaluatedOperandWithSideEffect.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-implementation.qhelp b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp index 458fbe3f7..01036cbe9 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements-standard.qhelp @@ -1,33 +1,688 @@ -
    -
      -
    • required
      • -
    • implementation
      • -
    • automated
      • -
    -
    - -
    -

    - ... -

    - -
    - -
    -

    - ... -

    -
    - - - - - -
    -
      -
    • ...
      • -
    -
    +
    +

    Do not use the assignment operator in the contexts listed in the following table because doing so typically indicates programmer error and can result in unexpected behavior.

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Operator + + Context +
    + if + + Controlling expression +
    + while + + Controlling expression +
    + do ... while + + Controlling expression +
    + for + + Second operand +
    + ?: + + First operand +
    + ?: + + Second or third operands, where the ternary expression is used in any of these contexts +
    + && + + Either operand +
    + || + + either operand +
    + , + + Second operand, when the comma expression is used in any of these contexts +
    +

    Performing assignment statements in other contexts do not violate this rule. However, they may violate other rules, such as EXP30-C. Do not depend on the order of evaluation for side effects.

    +

    Noncompliant Code Example

    +

    In this noncompliant code example, an assignment expression is the outermost expression in an if statement:

    + if (a = b) { + /* ... */ +} + +

    Although the intent of the code may be to assign b to a and test the value of the result for equality to 0, it is frequently a case of the programmer mistakenly using the assignment operator = instead of the equals operator ==. Consequently, many compilers will warn about this condition, making this coding error detectable by adhering to MSC00-C. Compile cleanly at high warning levels.

    +
    +
    +

    When the assignment of b to a is not intended, the conditional block is now executed when a is equal to b:

    + if (a == b) { + /* ... */ +} + +
    +
    +

    When the assignment is intended, this compliant solution explicitly uses inequality as the outermost expression while performing the assignment in the inner expression:

    + if ((a = b) != 0) { + /* ... */ +} + +

    It is less desirable in general, depending on what was intended, because it mixes the assignment in the condition, but it is clear that the programmer intended the assignment to occur.

    +
    +
    +

    In this noncompliant code example, the expression x = y is used as the controlling expression of the while statement:

    + do { /* ... */ } while (foo(), x = y); +
    +
    +

    When the assignment of y to x is not intended, the conditional block should be executed only when x is equal to y, as in this compliant solution:

    + do { /* ... */ } while (foo(), x == y); + +
    +
    +

    When the assignment is intended, this compliant solution can be used:

    + do { /* ... */ } while (foo(), (x = y) != 0); + +
    +
    +

    The same result can be obtained using the for statement, which is specifically designed to evaluate an expression on each iteration of the loop, just before performing the test in its controlling expression. Remember that its controlling expression is the second operand, where the assignment occurs in its third operand:

    + for (; x; foo(), x = y) { /* ... */ } +
    +
    +

    In this noncompliant example, the expression p = q is used as the controlling expression of the while statement:

    + do { /* ... */ } while (x = y, p = q); +
    +
    +

    In this compliant solution, the expression x = y is not used as the controlling expression of the while statement:

    + do { /* ... */ } while (x = y, p == q); + +
    +
    +

    This noncompliant code example has a typo that results in an assignment rather than a comparison.

    + while (ch = '\t' || ch == ' ' || ch == '\n') { + /* ... */ +} + +

    Many compilers will warn about this condition. This coding error would typically be eliminated by adherence to MSC00-C. Compile cleanly at high warning levels. Although this code compiles, it will cause unexpected behavior to an unsuspecting programmer. If the intent was to verify a string such as a password, user name, or group user ID, the code may produce significant vulnerabilities and require significant debugging.

    +
    +
    +

    When comparisons are made between a variable and a literal or const-qualified variable, placing the variable on the right of the comparison operation can prevent a spurious assignment.

    +

    In this code example, the literals are placed on the left-hand side of each comparison. If the programmer were to inadvertently use an assignment operator, the statement would assign ch to '\t', which is invalid and produces a diagnostic message.

    + while ('\t' = ch || ' ' == ch || '\n' == ch) { + /* ... */ +} +

    Due to the diagnostic, the typo will be easily spotted and fixed.

    + while ('\t' == ch || ' ' == ch || '\n' == ch) { + /* ... */ +} +

    As a result, any mistaken use of the assignment operator that could otherwise create a vulnerability for operations such as string verification will result in a compiler diagnostic regardless of compiler, warning level, or implementation.

    +
    +
    +

    EXP45-C-EX1: Assignment can be used where the result of the assignment is itself an operand to a comparison expression or relational expression. In this compliant example, the expression x = y is itself an operand to a comparison operation:

    + if ((x = y) != 0) { /* ... */ } +

    EXP45-C-EX2: Assignment can be used where the expression consists of a single primary expression. The following code is compliant because the expression x = y is a single primary expression:

    + if ((x = y)) { /* ... */ } +

    The following controlling expression is noncompliant because && is not a comparison or relational operator and the entire expression is not primary:

    + if ((v = w) && flag) { /* ... */ } +

    When the assignment of v to w is not intended, the following controlling expression can be used to execute the conditional block when v is equal to w:

    + if ((v == w) && flag) { /* ... */ }; +

    When the assignment is intended, the following controlling expression can be used:

    + if (((v = w) != 0) && flag) { /* ... */ }; +

    EXP45-C-EX3: Assignment can be used in a function argument or array index. In this compliant solution, the expression x = y is used in a function argument:

    + if (foo(x = y)) { /* ... */ } +
    +
    +

    Errors of omission can result in unintended program flow.

    + + + + + + + + + + + + + + + + + + + +
    + Recommendation + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + EXP45-C + + Low + + Likely + + Medium + + P6 + + L2 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + assignment-conditional + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-EXP45 + +
    + + Clang + + + 3.9 + + -Wparentheses + + Can detect some instances of this rule, but does not detect all +
    + + CodeSonar + + + 6.2p0 + + LANG.STRUCT.CONDASSIGLANG.STRUCT.SE.CONDLANG.STRUCT.USEASSIGN + + Assignment in conditional + Condition contains side effects + Assignment result in expression +
    + + Compass/ROSE + + + + + Could detect violations of this recommendation by identifying any assignment expression as the top-level expression in an + if + or + while + statement +
    + + ECLAIR + + + 1.2 + + CC2.EXP18 + CC2.EXP21 + + Fully implemented +
    + + GCC + + + 4.3.5 + + + Can detect violations of this recommendation when the + -Wall + flag is used +
    + + Helix QAC + + + 2022.1 + + C3314, C3326, C3344, C3416 + C++4071, C++4074 + +
    + + Klocwork + + + 2022.1 + + ASSIGCOND.CALL + ASSIGCOND.GENMISRA.ASSIGN.COND + +
    + + LDRA tool suite + + + 9.7.1 + + 114 S, 132 S + + Enhanced Enforcement +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-EXP45-b + CERT_C-EXP45-d + + Assignment operators shall not be used in conditions without brackets + Assignment operators shall not be used in expressions that yield a Boolean value +
    + + PC-lint Plus + + + 1.4 + + 720 + + Partially supported: reports Boolean test of unparenthesized assignment +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule EXP45-C + + + Checks for invalid use of = (assignment) operator (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 3314, 3326, 3344, 3416 + + Partially implemented +
    + + PRQA QA-C++ + + + 4.4 + + 4071, 4074 + +
    + + PVS-Studio + + + 7.18 + + V559 + , + V633 + , + V699 + +
    + + RuleChecker + + + 20.10 + + assignment-conditional + + Fully checked +
    + + SonarQube C/C++ Plugin + + + 3.11 + + AssignmentInSubExpression + +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + EXP19-CPP. Do not perform assignments in conditional expressions + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT Oracle Secure Coding Standard for Java + + + + EXP51-J. Do not perform assignments in conditional expressions + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TR 24772:2013 + + + Likely Incorrect Expression [KOA] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + ISO/IEC TS 17961 + + + No assignment in conditional expressions [boolasgn] + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-480 + + , Use of Incorrect Operator + + 2017-07-05: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-481 + + + 2017-07-05: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-480 and EXP45-C

    +

    Intersection( EXP45-C, EXP46-C) = Ø

    +

    CWE-480 = Union( EXP45-C, list) where list =

    +
      +
    • Usage of incorrect operator besides s/=/==/
      • +
    +

    CWE-569 and EXP45-C

    +

    CWE-480 = Subset( CWE-569)

    +
    +
    + + + + + + + + + + + +
    + [ + + Dutta 03 + + ] + + "Best Practices for Programming in C" +
    + [ + + Hatton 1995 + + ] + + Section 2.7.2, "Errors of Omission and Addition" +
    +
    \ No newline at end of file diff --git a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp index 240fef3e3..82c72bc41 100644 --- a/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp +++ b/c/cert/src/rules/EXP45-C/AssignmentsInSelectionStatements.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings-implementation.qhelp b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp index 7cd34ab9f..c289d0a58 100644 --- a/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp +++ b/c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO30-C/standard-example.c b/c/cert/src/rules/FIO30-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof-implementation.qhelp b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp index 5ba4f7c80..ddb42c3df 100644 --- a/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp +++ b/c/cert/src/rules/FIO34-C/DistinguishBetweenCharReadFromAFileAndEofOrWeof.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability-implementation.qhelp b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp index 4a648e11b..980ea8be3 100644 --- a/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp +++ b/c/cert/src/rules/FIO34-C/EndOfFileCheckPortability.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO34-C/standard-example.c b/c/cert/src/rules/FIO34-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject-implementation.qhelp b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp index c9cb5b93e..88766992b 100644 --- a/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp +++ b/c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO38-C/standard-example.c b/c/cert/src/rules/FIO38-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning-implementation.qhelp b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp index 7de21baaa..333b34b2f 100644 --- a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp +++ b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO39-C/standard-example.c b/c/cert/src/rules/FIO39-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure-implementation.qhelp b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp index d2b9fa337..753fc0162 100644 --- a/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp +++ b/c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO40-C/standard-example.c b/c/cert/src/rules/FIO40-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects-implementation.qhelp b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp index 0468a54e2..9555b25cf 100644 --- a/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp +++ b/c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO41-C/standard-example.c b/c/cert/src/rules/FIO41-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp index d3b9cfb2f..8349d80e5 100644 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp +++ b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO42-C/standard-example.c b/c/cert/src/rules/FIO42-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos-implementation.qhelp b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp index cdbaab7a8..9bd681d3f 100644 --- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp +++ b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO44-C/standard-example.c b/c/cert/src/rules/FIO44-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile-implementation.qhelp b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp index f36147e9b..7858cad95 100644 --- a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp +++ b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C: diff --git a/c/cert/src/rules/FIO46-C/standard-example.c b/c/cert/src/rules/FIO46-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers-standard.qhelp b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers-standard.qhelp new file mode 100644 index 000000000..7d0bdffbc --- /dev/null +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers-standard.qhelp @@ -0,0 +1,597 @@ + + +
    +

    Pseudorandom number generators use mathematical algorithms to produce a sequence of numbers with good statistical properties, but the numbers produced are not genuinely random.

    +

    The C Standard rand() function makes no guarantees as to the quality of the random sequence produced. The numbers generated by some implementations of rand() have a comparatively short cycle and the numbers can be predictable. Applications that have strong pseudorandom number requirements must use a generator that is known to be sufficient for their needs.

    +
    +
    +

    The following noncompliant code generates an ID with a numeric part produced by calling the rand() function. The IDs produced are predictable and have limited randomness.

    + #include <stdio.h> +#include <stdlib.h> +  +enum { len = 12 }; +  +void func(void) { + /* + * id will hold the ID, starting with the characters + * "ID" followed by a random integer. + */ +  char id[len]; + int r; + int num; + /* ... */ + r = rand(); /* Generate a random integer */ + num = snprintf(id, len, "ID%-d", r); /* Generate the ID */ + /* ... */ +} +
    +
    +

    This compliant solution replaces the rand() function with the POSIX random() function:

    + #include <stdio.h> +#include <stdlib.h> +#include <time.h> + +enum { len = 12 };  + +void func(void) { + /* + * id will hold the ID, starting with the characters + * "ID" followed by a random integer. + */ +  char id[len]; + int r; + int num; + /* ... */ + struct timespec ts; + if (timespec_get(&ts, TIME_UTC) == 0) { +  /* Handle error */ + } + srandom(ts.tv_nsec ^ ts.tv_sec); /* Seed the PRNG */ + /* ... */ + r = random(); /* Generate a random integer */ + num = snprintf(id, len, "ID%-d", r); /* Generate the ID */ + /* ... */ +} +

    The POSIX random() function is a better pseudorandom number generator. Although on some platforms the low dozen bits generated by rand() go through a cyclic pattern, all the bits generated by random() are usable. The rand48 family of functions provides another alternative for pseudorandom numbers.

    +

    Although not specified by POSIX, arc4random() is another possibility for systems that support it. The arc4random(3) manual page [OpenBSD] states

    +
    +

    ... provides higher quality of data than those described in rand(3), random(3), and drand48(3).

    +
    +

    To achieve the best random numbers possible, an implementation-specific function must be used. When unpredictability is crucial and speed is not an issue, as in the creation of strong cryptographic keys, use a true entropy source, such as /dev/random, or a hardware device capable of generating random numbers. The /dev/random device can block for a long time if there are not enough events going on to generate sufficient entropy.

    +
    +
    +

    On Windows platforms, the BCryptGenRandom() function can be used to generate cryptographically strong random numbers. The Microsoft Developer Network BCryptGenRandom() reference [MSDN] states:

    +
    +

    The default random number provider implements an algorithm for generating random numbers that complies with the NIST SP800-90 standard, specifically the CTR_DRBG portion of that standard.

    +
    + #include <Windows.h> +#include <bcrypt.h> +#include <stdio.h> + +#pragma comment(lib, "Bcrypt") + +void func(void) { + BCRYPT_ALG_HANDLE Prov; + int Buffer; + if (!BCRYPT_SUCCESS( + BCryptOpenAlgorithmProvider(&Prov, BCRYPT_RNG_ALGORITHM, + NULL, 0))) { + /* handle error */ + } + if (!BCRYPT_SUCCESS(BCryptGenRandom(Prov, (PUCHAR) (&Buffer), + sizeof(Buffer), 0))) { + /* handle error */ + } + printf("Random number: %d\n", Buffer); + BCryptCloseAlgorithmProvider(Prov, 0); +} +
    +
    +

    The use of the rand() function can result in predictable random numbers.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + MSC30-C + + Medium + + Unlikely + + Low + + P6 + + L2 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + stdlib-use-rand + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-MSC30 + +
    + + Clang + + + 4.0 (prerelease) + + cert-msc30-c + + Checked by + clang-tidy +
    + + CodeSonar + + + 6.2p0 + + BADFUNC.RANDOM.RAND + + Use of rand +
    + + Compass/ROSE + + + + +
    + + Coverity + + + 2017.07 + + DONTCALL + + Implemented - weak support +
    + + ECLAIR + + + 1.2 + + CC2.MSC30 + + Fully implemented +
    + + Helix QAC + + + 2022.1 + + C5022 + C++5029 + +
    + + Klocwork + + + 2022.1 + + CERT.MSC.STD_RAND_CALL + +
    + + LDRA tool suite + + + 9.7.1 + + 44 S + + Enhanced enforcement +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-MSC30-a + + Do not use the rand() function for generating pseudorandom numbers +
    + + PC-lint Plus + + + 1.4 + + 586 + + Fully supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule MSC30-C + + + Checks for vulnerable pseudo-random number generator (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 5022 + + Fully implemented +
    + + PRQA QA-C++ + + + 4.4 + + 5029 + +
    + + RuleChecker + + + 20.10 + + stdlib-use-rand + + Fully checked +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C + + + + MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT Oracle Secure Coding Standard for Java + + + + MSC02-J. Generate strong random numbers + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-327 + + , Use of a Broken or Risky Cryptographic Algorithm + + 2017-05-16: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-330 + + , Use of Insufficiently Random Values + + 2017-06-28: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-338 + + , Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) + + 2017-06-28: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-676 + + + 2017-05-18: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-327 and MSC30-C

    +
      +
    • CWE-327 forbids “broken or risky cryptographic algorithms” but does not specify what constitutes such an algo.
      • +
    +
      +
    • Per CERT judgement, rand() qualifies, so:
      • +
    +
      +
    • CWE-327 = Union( MSC30-C, list) where list =
      • +
    +
      +
    • Invocation of broken/risky crypto algorithms besides rand()
      • +
    +

    CWE-338 and MSC30-C

    +

    CWE-338 = Union( MSC30-C, list) where list =

    +
      +
    • Use of a weak PRNG besides standard C rand().
      • +
    +

    CWE-330 and MSC30-C

    +

    Independent( MSC30-C, MSC32-C, CON33-C)

    +

    CWE-330 = Union( MSC30-C, MSC32-C, CON33-C, list) where list = other improper use or creation of random values. (EG the would qualify)

    +

    MSC30-C, MSC32-C and CON33-C are independent, they have no intersections. They each specify distinct errors regarding PRNGs.

    +

    CWE-676 and MSC30-C

    +
      +
    • Independent( ENV33-C, CON33-C, STR31-C, EXP33-C, MSC30-C, ERR34-C)
      • +
    +
      +
    • MSC30-C implies that rand() is dangerous.
      • +
    +
      +
    • CWE-676 = Union( MSC30-C, list) where list =
      • +
    +
      +
    • Invocation of other dangerous functions, besides rand().
      • +
    +
    +
    + + + + + + + + + + + +
    + [ + + MSDN + + ] + + " + + BCryptGenRandom() Function + + " +
    + [ + + OpenBSD + + ] + + + arc4random() + +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.qhelp b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.qhelp new file mode 100644 index 000000000..fa8411001 --- /dev/null +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule MSC30-C:

    +
    +

    Do not use the rand() function for generating pseudorandom numbers

    +
    +     + + +
  • + CERT-C: + MSC30-C: Do not use the rand() function for generating pseudorandom numbers + . +
    • +     + \ No newline at end of file diff --git a/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql new file mode 100644 index 000000000..5feb7d5f9 --- /dev/null +++ b/c/cert/src/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.ql @@ -0,0 +1,21 @@ +/** + * @id c/cert/rand-used-for-generating-pseudorandom-numbers + * @name MSC30-C: Do not use the rand() function for generating pseudorandom numbers + * @description rand() shall not be used to generate pseudorandom numbers. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc30-c + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers + +class RandUsedForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { + RandUsedForGeneratingPseudorandomNumbersQuery() { + this = MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() + } +} diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators-standard.qhelp b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators-standard.qhelp new file mode 100644 index 000000000..ee66852ba --- /dev/null +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators-standard.qhelp @@ -0,0 +1,425 @@ + + +
    +

    A pseudorandom number generator (PRNG) is a deterministic algorithm capable of generating sequences of numbers that approximate the properties of random numbers. Each sequence is completely determined by the initial state of the PRNG and the algorithm for changing the state. Most PRNGs make it possible to set the initial state, also called the seed state. Setting the initial state is called seeding the PRNG.

    +

    Calling a PRNG in the same initial state, either without seeding it explicitly or by seeding it with the same value, results in generating the same sequence of random numbers in different runs of the program. Consider a PRNG function that is seeded with some initial seed value and is consecutively called to produce a sequence of random numbers, S. If the PRNG is subsequently seeded with the same initial seed value, then it will generate the same sequence S.

    +

    As a result, after the first run of an improperly seeded PRNG, an attacker can predict the sequence of random numbers that will be generated in the future runs. Improperly seeding or failing to seed the PRNG can lead to vulnerabilities, especially in security protocols.

    +

    The solution is to ensure that the PRNG is always properly seeded. A properly seeded PRNG will generate a different sequence of random numbers each time it is run.

    +

    Not all random number generators can be seeded. True random number generators that rely on hardware to produce completely unpredictable results do not need to be and cannot be seeded. Some high-quality PRNGs, such as the /dev/random device on some UNIX systems, also cannot be seeded. This rule applies only to algorithmic pseudorandom number generators that can be seeded.

    +
    +
    +

    This noncompliant code example generates a sequence of 10 pseudorandom numbers using the random() function. When random() is not seeded, it behaves like rand(), producing the same sequence of random numbers each time any program that uses it is run.

    + #include <stdio.h> +#include <stdlib.h> +  +void func(void) { + for (unsigned int i = 0; i < 10; ++i) { + /* Always generates the same sequence */ + printf("%ld, ", random()); + } +} +

    The output is as follows:

    + 1st run: 1804289383, 846930886, 1681692777, 1714636915, 1957747793, 424238335, 719885386, 1649760492, 596516649, + 1189641421, +2nd run: 1804289383, 846930886, 1681692777, 1714636915, 1957747793, 424238335, 719885386, 1649760492, 596516649, + 1189641421, +... +nth run: 1804289383, 846930886, 1681692777, 1714636915, 1957747793, 424238335, 719885386, 1649760492, 596516649, + 1189641421, +
    +
    +

    Call srandom() before invoking random() to seed the random sequence generated by random(). This compliant solution produces different random number sequences each time the function is called, depending on the resolution of the system clock:

    + #include <stdio.h> +#include <stdlib.h> +#include <time.h> +  +void func(void) { + struct timespec ts; + if (timespec_get(&ts, TIME_UTC) == 0) { + /* Handle error */ + } else { + srandom(ts.tv_nsec ^ ts.tv_sec); + for (unsigned int i = 0; i < 10; ++i) { + /* Generates different sequences at different runs */ +  printf("%ld, ", random()); + } + } +} + +

    The output is as follows:

    + 1st run: 198682410, 2076262355, 910374899, 428635843, 2084827500, 1558698420, 4459146, 733695321, 2044378618, 1649046624, +2nd run: 1127071427, 252907983, 1358798372, 2101446505, 1514711759, 229790273, 954268511, 1116446419, 368192457, + 1297948050, +3rd run: 2052868434, 1645663878, 731874735, 1624006793, 938447420, 1046134947, 1901136083, 418123888, 836428296, + 2017467418, +

    This may not be sufficiently random for concurrent execution, which may lead to correlated generated series in different threads. Depending on the application and the desired level of security, a programmer may choose alternative ways to seed PRNGs. In general, hardware is more capable than software of generating real random numbers (for example, by sampling the thermal noise of a diode).

    +
    +
    +

    The BCryptGenRandom() function does not run the risk of not being properly seeded because its arguments serve as seeders:

    + #include <stdio.h> +#include <Windows.h> +#include <Bcrypt.h> +#include <Ntstatus.h> +#include <Wincrypt.h> + +void func(void) { + BCRYPT_ALG_HANDLE hAlgorithm = NULL; + long rand_buf; + PUCHAR pbBuffer = (PUCHAR) &rand_buf; + ULONG cbBuffer = sizeof(rand_buf); + ULONG dwFlags = BCRYPT_USE_SYSTEM_PREFERRED_RNG; + NTSTATUS status; + for (unsigned int i = 0; i < 10; ++i) { + status = BCryptGenRandom(hAlgorithm, pbBuffer, cbBuffer, dwFlags); + if (status == STATUS_SUCCESS) { + printf("%ld, ", rand_buf); + } else { + /* Handle Error */ + } + } +} + +

    The output is as follows:

    + 1st run: -683378946, 1957231690, 1933176011, -1745403355, -883473417, 882992405, 169629816, 1824800038, 899851668, 1702784647, +2nd run: -58750553, -1921870721, -1973269161, 1512649964, -673518452, 234003619, -1622633366, 1312389688, -2125631172, 2067680022, +3rd run: -189899579, 1220698973, 752205360, -1826365616, 79310867, 1430950090, -283206168, -941773185, 129633665, 543448789, +
    +
    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + MSC32-C + + Medium + + Likely + + Low + + P18 + + L1 +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + + Supported, but no explicit checker +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-MSC32 + +
    + + Helix QAC + + + 2022.1 + + C5031 + C++5036 + +
    + + Klocwork + + + 2022.1 + + CERT.MSC.SEED_RANDOM + +
    + + PC-lint Plus + + + 1.4 + + 2460, 2461, 2760 + + Fully supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule MSC32-C + + + Checks for: + Deterministic random output from constant seedeterministic random output from constant seed, predictable random output from predictable seedredictable random output from predictable seed. + Rule fully covered. +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-MSC32-d + + Properly seed pseudorandom number generators +
    + + PRQA QA-C + + + 9.7 + + 5031  + +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C Secure Coding Standard + + + + MSC30-C. Do not use the rand() function for generating pseudorandom numbers + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CERT C + + + + MSC51-CPP. Ensure your random number generator is properly seeded + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-327 + + , Use of a Broken or Risky Cryptographic Algorithm + + 2017-05-16: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-330 + + , Use of Insufficiently Random Values + + 2017-06-28: CERT: Rule subset of CWE +
    + + CWE 2.11 + + + + CWE-331 + + , Insufficient Entropy + + 2017-06-28: CERT: Exact +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-327 and MSC32-C

    +
      +
    • Intersection( MSC30-C, MSC32-C) = Ø
      • +
    +
      +
    • MSC32-C says to properly seed pseudorandom number generators. For example, if you call rand(), make sure to seed it properly by calling srand() first. So far, we haven’t found any calls to rand().
      • +
    +
      +
    • Failure to seed a PRNG causes it to produce reproducible (hence insecure) series of random numbers.
      • +
    +
      +
    • CWE-327 = Union( MSC32-C, list) where list =
      • +
    +
      +
    • Invocation of broken/risky crypto algorithms that are not properly seeded
      • +
    +

    CWE-330 and MSC32-C

    +

    Independent( MSC30-C, MSC32-C, CON33-C)

    +

    CWE-330 = Union( MSC30-C, MSC32-C, CON33-C, list) where list = other improper use or creation of random values. (EG the would qualify)

    +

    MSC30-C, MSC32-C and CON33-C are independent, they have no intersections. They each specify distinct errors regarding PRNGs.

    +
    +
    + + + + + + + +
    + [ + + MSDN + + ] + + " + + BCryptGenRandom() Function + + " +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qhelp b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qhelp new file mode 100644 index 000000000..70be073e9 --- /dev/null +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule MSC32-C:

    +
    +

    Properly seed pseudorandom number generators

    +
    +     + + +
  • + CERT-C: + MSC32-C: Properly seed pseudorandom number generators + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql new file mode 100644 index 000000000..b175dd5fa --- /dev/null +++ b/c/cert/src/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql @@ -0,0 +1,44 @@ +/** + * @id c/cert/properly-seed-pseudorandom-number-generators + * @name MSC32-C: Properly seed pseudorandom number generators + * @description Improperly seeded random number generators can lead to insecure code. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc32-c + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert + +/** Defines a class that models function calls to srandom() */ +class SRandomCall extends FunctionCall { + SRandomCall(){ + getTarget().hasGlobalOrStdName("srandom") + } + + /** Holds if the call is not obviously trivial. */ + predicate isTrivial(){ + getArgument(0) instanceof Literal + } +} + +from FunctionCall fc +where + not isExcluded(fc, MiscPackage::properlySeedPseudorandomNumberGeneratorsQuery()) and + + // find all calls to random() + fc.getTarget().hasGlobalOrStdName("random") and + + // where there isn't a call to srandom that comes before it that is + // non-trivial + not exists(SRandomCall sr | + // normally we would want to do this in reverse --- but srandom() is + // not pure and the order does not matter. + sr.getASuccessor*() = fc and not sr.isTrivial() + ) + + +select fc, "Call to `random()` without a valid call to `srandom()`." diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction-standard.qhelp b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction-standard.qhelp new file mode 100644 index 000000000..08dadda26 --- /dev/null +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction-standard.qhelp @@ -0,0 +1,524 @@ + + +
    +

    If control reaches the closing curly brace (}) of a non-void function without evaluating a return statement, using the return value of the function call is undefined behavior. (See undefined behavior 88.)

    +
    +
    +

    In this noncompliant code example, control reaches the end of the checkpass() function when the two strings passed to strcmp() are not equal, resulting in undefined behavior. Many compilers will generate code for the checkpass() function, returning various values along the execution path where no return statement is defined.

    + #include <string.h> +#include <stdio.h> +  +int checkpass(const char *password) { + if (strcmp(password, "pass") == 0) { + return 1; + } +} + +void func(const char *userinput) { + if (checkpass(userinput)) { + printf("Success\n"); + } +} +

    This error is frequently diagnosed by compilers. (See MSC00-C. Compile cleanly at high warning levels.)

    +
    +
    +

    This compliant solution ensures that the checkpass() function always returns a value:

    + #include <string.h> +#include <stdio.h> +  +int checkpass(const char *password) { + if (strcmp(password, "pass") == 0) { + return 1; + } + return 0; +} + +void func(const char *userinput) { + if (checkpass(userinput)) { + printf("Success!\n"); + } +} +
    +
    +

    In this noncompliant code example, control reaches the end of the getlen() function when input does not contain the integer delim. Because the potentially undefined return value of getlen() is later used as an index into an array, a buffer overflow may occur.

    + #include <stddef.h> +  +size_t getlen(const int *input, size_t maxlen, int delim) { + for (size_t i = 0; i < maxlen; ++i) { + if (input[i] == delim) { + return i; + } + } +} +  +void func(int userdata) { + size_t i; + int data[] = { 1, 1, 1 }; + i = getlen(data, sizeof(data), 0); + data[i] = userdata; +} +

    Implementation Details (GCC)

    +

    Violating this rule can have unexpected consequences, as in the following example:

    + #include <stdio.h> + +size_t getlen(const int *input, size_t maxlen, int delim) { + for (size_t i = 0; i < maxlen; ++i) { + if (input[i] == delim) { + return i; + } + } +} + +int main(int argc, char **argv) { + size_t i; + int data[] = { 1, 1, 1 }; + + i = getlen(data, sizeof(data), 0); + printf("Returned: %zu\n", i); + data[i] = 0; + + return 0; +} +

    When this program is compiled with -Wall on most versions of the GCC compiler, the following warning is generated:

    + example.c: In function 'getlen': +example.c:12: warning: control reaches end of non-void function + +

    None of the inputs to the function equal the delimiter, so when run with GCC 5.3 on Linux, control reaches the end of the getlen() function, which is undefined behavior and in this test returns 3, causing an out-of-bounds write to the data array.

    +
    +
    +

    This compliant solution changes the interface of getlen() to store the result in a user-provided pointer and returns a status indicator to report success or failure. The best method for handling this type of error is specific to the application and the type of error. (See ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy for more on error handling.)

    + #include <stddef.h> +  +int getlen(const int *input, size_t maxlen, int delim, +  size_t *result) { + if (result == NULL) { + return -1; + } + for (size_t i = 0; i < maxlen; ++i) { + if (input[i] == delim) { + *result = i; + return 0; + } + } + return -1; +} + +void func(int userdata) { + size_t i; + int data[] = {1, 1, 1}; + if (getlen(data, sizeof(data), 0, &i) != 0) { + /* Handle error */ + } else { + data[i] = userdata; + } +} + +
    +
    +

    MSC37-C-EX1: According to the C Standard, 5.1.2.2.3, paragraph 1 [ISO/IEC 9899:2011], "Reaching the } that terminates the main function returns a value of 0." As a result, it is permissible for control to reach the end of the main() function without executing a return statement.

    +

    MSC37-C-EX2: It is permissible for a control path to not return a value if that code path is never taken and a function marked _Noreturn is called as part of that code path. For example:

    + #include <stdio.h> +#include <stdlib.h> + +_Noreturn void unreachable(const char *msg) { + printf("Unreachable code reached: %s\n", msg); + exit(1); +} + +enum E { + One, + Two, + Three +}; + +int f(enum E e) { + switch (e) { + case One: return 1; + case Two: return 2; + case Three: return 3; + } + unreachable("Can never get here"); +} +
    +
    +

    Using the return value from a non-void function where control reaches the end of the function without evaluating a return statement can lead to buffer overflow vulnerabilities as well as other unexpected program behaviors.

    + + + + + + + + + + + + + + + + + + + +
    + Rule + + Severity + + Likelihood + + Remediation Cost + + Priority + + Level +
    + MSC37-C + + High + + Unlikely + + Low + + P9 + + L2 +
    +
    +
    +

    Search for vulnerabilities resulting from the violation of this rule on the CERT website.

    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + Tool + + Version + + Checker + + Description +
    + + Astrée + + + 20.10 + + return-implicit + + Fully checked +
    + + Axivion Bauhaus Suite + + + 7.2.0 + + CertC-MSC37 + +
    + + CodeSonar + + + 6.2p0 + + LANG.STRUCT.MRS + + Missing return statement +
    + + Coverity + + + 2017.07 + + MISSING_RETURN + + Implemented +
    + + Helix QAC + + + 2022.1 + + C2888 + C++2888, C++4022 + +
    + + Klocwork + + + 2022.1 + + FUNCRET.GEN + FUNCRET.IMPLICIT + +
    + + LDRA tool suite + + + 9.7.1 + + 2 D, 36 S, 66 S + + Fully implemented +
    + + Parasoft C/C++test + + + 2021.2 + + CERT_C-MSC37-a + + All exit paths from a function with non-void return type shall have an explicit return statement with an expression +
    + + PC-lint Plus + + + 1.4 + + 533 + + Fully supported +
    + + Polyspace Bug Finder + + + R2021a + + + CERT C: Rule MSC37-C + + + Checks for missing return statement (rule fully covered) +
    + + PRQA QA-C + + + 9.7 + + 2888 + +
    + + PRQA QA-C++ + + + 4.4 + + 2888, 4022  + +
    + + RuleChecker + + + 20.10 + + return-implicit + + Fully checked +
    + + SonarQube C/C++ Plugin + + + 3.11 + + S935 + +
    + + TrustInSoft Analyzer + + + 1.38 + + Body of function falls-through + + Exhaustively verified. +
    +
    +
    +

    Key here (explains table format and definitions)

    + + + + + + + + + + + + + + + + + + +
    + Taxonomy + + Taxonomy item + + Relationship +
    + + CERT C Secure Coding Standard + + + + MSC01-C. Strive for logical completeness + + + Prior to 2018-01-12: CERT: Unspecified Relationship +
    + + CWE 2.11 + + + + CWE-758 + + + 2017-07-07: CERT: Rule subset of CWE +
    +
    +
    +

    Key here for mapping notes

    +

    CWE-758 and MSC37-C

    +

    Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)

    +

    CWE-758 = Union( MSC37-C, list) where list =

    +

    Undefined behavior that results from anything other than failing to return a value from a function that expects one

    +
    +
    + + + + + + + +
    + [ + + ISO/IEC 9899:2011 + + ] + + 5.1.2.2.3, "Program Termination" +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.qhelp b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.qhelp new file mode 100644 index 000000000..28a45a931 --- /dev/null +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule MSC37-C:

    +
    +

    Ensure that control never reaches the end of a non-void function

    +
    +     + + +
  • + CERT-C: + MSC37-C: Ensure that control never reaches the end of a non-void function + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql new file mode 100644 index 000000000..2f141417b --- /dev/null +++ b/c/cert/src/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.ql @@ -0,0 +1,22 @@ +/** + * @id c/cert/control-flow-reaches-the-end-of-a-non-void-function + * @name MSC37-C: Ensure that control never reaches the end of a non-void function + * @description Non-void functions that end without an explicit return can produce unpredictable + * results. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/msc37-c + * correctness + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.rules.nonvoidfunctiondoesnotreturn.NonVoidFunctionDoesNotReturn + +class ControlFlowReachesTheEndOfANonVoidFunctionQuery extends NonVoidFunctionDoesNotReturnSharedQuery { + ControlFlowReachesTheEndOfANonVoidFunctionQuery() { + this = MiscPackage::controlFlowReachesTheEndOfANonVoidFunctionQuery() + } +} diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals-standard.qhelp b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals-standard.qhelp new file mode 100644 index 000000000..458fbe3f7 --- /dev/null +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals-standard.qhelp @@ -0,0 +1,33 @@ + + +
    +
      +
    • required
      • +
    • implementation
      • +
    • automated
      • +
    +
    + +
    +

    + ... +

    + +
    + +
    +

    + ... +

    +
    + + + + + +
    +
      +
    • ...
      • +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qhelp b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qhelp new file mode 100644 index 000000000..9d78ccdf9 --- /dev/null +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule STR30-C:

    +
    +

    Do not attempt to modify string literals

    +
    +     + + +
  • + CERT-C: + STR30-C: Do not attempt to modify string literals + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql new file mode 100644 index 000000000..b26cc1a04 --- /dev/null +++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql @@ -0,0 +1,154 @@ +/** + * @id c/cert/do-not-attempt-to-modify-string-literals + * @name STR30-C: Do not attempt to modify string literals + * @description Modifying a string literal can produce unexpected effects. + * @kind problem + * @precision very-high + * @problem.severity error + * @tags external/cert/id/str30-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.security.BufferWrite +import semmle.code.cpp.dataflow.DataFlow + +/** + * Class that includes into `BufferWrite` functions that will modify their + * first argument. This is an extension of `BufferWrite` which covers the case + * of opaque writes via library functions. + */ +class ModifiesFirstArgFunction extends BufferWrite, FunctionCall { + Expr modifiedExpr; + + ModifiesFirstArgFunction() { + getTarget().getName() = ["mkstemp", "memset", "memcpy", "memmove"] and + getArgument(0) = modifiedExpr + } + + override Type getBufferType() { none() } + + override Expr getDest() { result = modifiedExpr } +} + +/** + * Models a dataflow wherein a source is either a implicit or explicit string + * literal that is assigned to a non modifiable type or wherein the string + * literal arises as a argument to a function that may modify its argument. + */ +class ImplicitOrExplicitStringLiteralModifiedConfiguration extends DataFlow::Configuration { + ImplicitOrExplicitStringLiteralModifiedConfiguration() { + this = "ImplicitOrExplicitStringLiteralModifiedConfiguration" + } + + override predicate isSource(DataFlow::Node node) { + // usage through variables + exists(Variable v | + v.getAnAssignedValue() = node.asExpr() and + ( + node.asExpr() instanceof ImplicitStringLiteral or + node.asExpr() instanceof StringLiteralOrConstChar + ) and + v.getType().getUnderlyingType() instanceof CharPointerType + ) + or + // direct usage of string literals as function parameters + exists(BufferWrite bw | + bw.getDest() = node.asExpr() and + ( + node.asExpr() instanceof ImplicitStringLiteral or + node.asExpr() instanceof StringLiteralOrConstChar + ) + ) + } + + override predicate isSink(DataFlow::Node node) { + // it's either a buffer write of some kind that we + // know about + exists(BufferWrite bw | bw.getDest() = node.asExpr()) + or + // or it is a direct assignment of some kind - including reassignment of the pointer + exists(AssignExpr aexp | aexp.getLValue().(ArrayExpr).getArrayBase() = node.asExpr()) + or + exists(AssignExpr aexp | aexp.getLValue().(PointerDereferenceExpr).getOperand() = node.asExpr()) + } +} + +class MaybeReturnsStringLiteralFunctionCall extends FunctionCall { + MaybeReturnsStringLiteralFunctionCall() { + getTarget().getName() in [ + "strpbrk", "strchr", "strrchr", "strstr", "wcspbrk", "wcschr", "wcsrchr", "wcsstr", + "memchr", "wmemchr" + ] + } +} + +class ImplicitStringLiteral extends Expr { + ImplicitStringLiteral() { + exists(MaybeReturnsStringLiteralFunctionCall fc, Variable e | + e.getAnAssignedValue() = fc and + this = fc and + // additionally, we require that the first argument is either an explicit + // or implicit string literal + ( + // directly a string literal + fc.getArgument(0) instanceof StringLiteralOrConstChar + or + // a string literal flows into it + exists(StringLiteralOrConstChar sl | + DataFlow::localFlow(DataFlow::exprNode(sl), DataFlow::exprNode(fc.getArgument(0))) + ) + or + // or a base flows into it + exists(ImplicitStringLiteralBase base | + DataFlow::localFlow(DataFlow::exprNode(base), DataFlow::exprNode(fc.getArgument(0))) + ) + ) + ) + } +} + +class StringLiteralOrConstChar extends Expr { + StringLiteralOrConstChar() { + this instanceof StringLiteral + or + getUnspecifiedType() instanceof CharPointerType and + getType().(PointerType).getBaseType().isConst() + } +} + +/** + * Since it is possible to produce an implicit literal by either + * an explicit literal being passed to one of these functions this + * class exists to establish the "base" type, that is an explicit + * string literal passed or flowing into the first argument. The other + * Implicit string literal class will then check to see if it is inductively + * an implicit string literal. + */ +class ImplicitStringLiteralBase extends Expr { + ImplicitStringLiteralBase() { + exists(MaybeReturnsStringLiteralFunctionCall fc, Variable e | + e.getAnAssignedValue() = fc and + this = fc and + // it either directly gets a string literal or one via flow + ( + fc.getArgument(0) instanceof StringLiteralOrConstChar or + exists(StringLiteralOrConstChar sl | + DataFlow::localFlow(DataFlow::exprNode(sl), DataFlow::exprNode(fc.getArgument(0))) + ) + ) + ) + } +} + +from Expr literal, Expr literalWrite, ImplicitOrExplicitStringLiteralModifiedConfiguration config +where + not isExcluded(literal, Strings1Package::doNotAttemptToModifyStringLiteralsQuery()) and + not isExcluded(literalWrite, Strings1Package::doNotAttemptToModifyStringLiteralsQuery()) and + config.hasFlow(DataFlow::exprNode(literal), DataFlow::exprNode(literalWrite)) +select literalWrite, + "This operation may write to a string that may be a string literal that was $@.", literal, + "created here" diff --git a/c/cert/src/rules/STR30-C/standard-example.c b/c/cert/src/rules/STR30-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator-standard.qhelp b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator-standard.qhelp new file mode 100644 index 000000000..458fbe3f7 --- /dev/null +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator-standard.qhelp @@ -0,0 +1,33 @@ + + +
    +
      +
    • required
      • +
    • implementation
      • +
    • automated
      • +
    +
    + +
    +

    + ... +

    + +
    + +
    +

    + ... +

    +
    + + + + + +
    +
      +
    • ...
      • +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qhelp b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qhelp new file mode 100644 index 000000000..4cd91b96b --- /dev/null +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule STR31-C:

    +
    +

    Guarantee that storage for strings has sufficient space for character data and the null terminator

    +
    +     + + +
  • + CERT-C: + STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql new file mode 100644 index 000000000..24e55f80d --- /dev/null +++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql @@ -0,0 +1,67 @@ +/** + * @id c/cert/strings-has-sufficient-space-for-the-null-terminator + * @name STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator + * @description Many library functions in the C standard library assume C strings are null + * terminated and failing to null terminate strings may lead to unpredictable program + * behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/str31-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.internal.TaintTrackingUtil +import codingstandards.cpp.PossiblyUnsafeStringOperation + +/** + * Models a class of function calls that are unsafe. + */ +class PossiblyUnsafeStringFunctionCall extends FunctionCall { + PossiblyUnsafeStringFunctionCall() { getTarget().getName() = ["gets", "getchar"] } +} + +/** + * Models a family of expression that produce results that are + * potentially unbounded. + */ +class PossiblyUnboundedExpr extends Expr { + PossiblyUnboundedExpr() { + // argv + exists(Function f | + f.hasName("main") and + this = f.getParameter(1).getAnAccess() + ) + or + // getenv + exists(FunctionCall fc | + fc.getTarget().hasName("getenv") and + this = fc + ) + } +} + +from Expr e +where + not isExcluded(e, Strings1Package::stringsHasSufficientSpaceForTheNullTerminatorQuery()) and + e instanceof PossiblyUnsafeStringOperation + or + e instanceof PossiblyUnsafeStringFunctionCall + or + exists(CharArrayInitializedWithStringLiteral cl | + cl.getContainerLength() <= cl.getStringLiteralLength() and + TaintTracking::localTaint(DataFlow::exprNode(cl), DataFlow::exprNode(e)) + ) + or + e instanceof PossiblyUnboundedExpr and + exists(FunctionCall fc | + fc.getTarget() instanceof StandardCStringFunction and + TaintTracking::localTaint(DataFlow::exprNode(e), DataFlow::exprNode(fc.getAnArgument())) + ) +select e, + "Expression produces or consumes a string that may not have sufficient space for a null-terminator." diff --git a/c/cert/src/rules/STR31-C/standard-example.c b/c/cert/src/rules/STR31-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString-standard.qhelp b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString-standard.qhelp new file mode 100644 index 000000000..458fbe3f7 --- /dev/null +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString-standard.qhelp @@ -0,0 +1,33 @@ + + +
    +
      +
    • required
      • +
    • implementation
      • +
    • automated
      • +
    +
    + +
    +

    + ... +

    + +
    + +
    +

    + ... +

    +
    + + + + + +
    +
      +
    • ...
      • +
    +
    +     \ No newline at end of file diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qhelp b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qhelp new file mode 100644 index 000000000..c1f38a0a5 --- /dev/null +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qhelp @@ -0,0 +1,18 @@ + + + + +

    This query implements the CERT-C rule STR32-C:

    +
    +

    Do not pass a non-null-terminated character sequence to a library function that expects a string

    +
    +     + + +
  • + CERT-C: + STR32-C: Do not pass a non-null-terminated character sequence to a library function that expects a string + . +
    • +     +     \ No newline at end of file diff --git a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql new file mode 100644 index 000000000..a65e7958b --- /dev/null +++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql @@ -0,0 +1,75 @@ +/** + * @id c/cert/non-null-terminated-to-function-that-expects-a-string + * @name STR32-C: Do not pass a non-null-terminated character sequence to a library function that expects a string + * @description Passing a string that is not null-terminated can lead to unpredictable program + * behavior. + * @kind problem + * @precision medium + * @problem.severity error + * @tags external/cert/id/str32-c + * correctness + * security + * external/cert/obligation/rule + */ + +import cpp +import codingstandards.c.cert +import codingstandards.cpp.Naming +import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.dataflow.internal.TaintTrackingUtil +import codingstandards.cpp.PossiblyUnsafeStringOperation + +/** + * Models a function that is part of the standard library that expects a + * null-terminated string as an argument. Note that most standard library + * functions expect this; as a simplifying assumption we assume that a flow + * into these functions implies such a usage. + */ +class ExpectsNullTerminatedStringAsArgumentFunctionCall extends FunctionCall { + Expr e; + + ExpectsNullTerminatedStringAsArgumentFunctionCall() { + Naming::Cpp14::hasStandardLibraryFunctionName(getTarget().getName()) and + exists(Type t | + e = getAnArgument() and + t = getTarget().getAParameter().getType().(DerivedType).getBaseType*() and + (t instanceof CharType or t instanceof Wchar_t) + ) + } + + /** + * This predicate will produce a result equal to any argument of a function + * that expects null-terminated strings. + */ + Expr getAnExpectingExpr() { result = e } +} + +from ExpectsNullTerminatedStringAsArgumentFunctionCall fc, Expr e, Expr target +where + target = fc.getAnExpectingExpr() and + not isExcluded(fc, Strings1Package::nonNullTerminatedToFunctionThatExpectsAStringQuery()) and + ( + exists(PossiblyUnsafeStringOperation op | + // don't report violations of the same function call. + not op = fc and + e = op and + TaintTracking::localTaint(DataFlow::exprNode(op.getAnArgument()), DataFlow::exprNode(target)) + ) + or + exists(CharArrayInitializedWithStringLiteral op | + e = op and + op.getContainerLength() <= op.getStringLiteralLength() and + TaintTracking::localTaint(DataFlow::exprNode(op), DataFlow::exprNode(target)) + ) + ) and + // don't report cases flowing to this node where there is a flow from a + // literal assignment of a null terminator + not exists(AssignExpr aexp | + aexp.getLValue() instanceof ArrayExpr and + aexp.getRValue() instanceof Zero and + TaintTracking::localTaint(DataFlow::exprNode(aexp.getRValue()), DataFlow::exprNode(target)) and + // this must be AFTER the operation causing the non-null termination to be valid. + aexp.getAPredecessor*() = e + ) +select fc, "String modified by $@ is passed to function expecting a null-terminated string.", e, + "this expression" diff --git a/c/cert/src/rules/STR32-C/standard-example.c b/c/cert/src/rules/STR32-C/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/cert/test/qlpack.yml b/c/cert/test/qlpack.yml index 2ff75c747..dfe16b190 100644 --- a/c/cert/test/qlpack.yml +++ b/c/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-c-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: cert-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected index 50449f4a2..f13114684 100644 --- a/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected +++ b/c/cert/test/rules/FIO38-C/DoNotCopyAFileObject.expected @@ -1,5 +1,5 @@ -| test.c:4:20:4:26 | * ... | A FILE object is being copied. | -| test.c:11:21:11:30 | * ... | A FILE object is being copied. | -| test.c:17:21:17:31 | * ... | A FILE object is being copied. | -| test.c:23:15:23:21 | * ... | A FILE object is being copied. | -| test.c:36:19:36:28 | * ... | A FILE object is being copied. | +| test.c:10:20:10:26 | * ... | A FILE object is being copied. | +| test.c:17:21:17:30 | * ... | A FILE object is being copied. | +| test.c:23:21:23:31 | * ... | A FILE object is being copied. | +| test.c:29:15:29:21 | * ... | A FILE object is being copied. | +| test.c:42:19:42:28 | * ... | A FILE object is being copied. | \ No newline at end of file diff --git a/c/cert/test/rules/FIO38-C/test.c b/c/cert/test/rules/FIO38-C/test.c index f1b3f616c..0f0eb111a 100644 --- a/c/cert/test/rules/FIO38-C/test.c +++ b/c/cert/test/rules/FIO38-C/test.c @@ -1,4 +1,10 @@ #include +#if !defined(__DEFINED_struct__IO_FILE) +struct _IO_FILE { + char __x; +}; +#define __DEFINED_struct__IO_FILE +#endif int f1(void) { FILE my_stdout = *stdout; // NON_COMPLIANT diff --git a/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref b/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref new file mode 100644 index 000000000..31cba60b7 --- /dev/null +++ b/c/cert/test/rules/MSC30-C/RandUsedForGeneratingPseudorandomNumbers.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.expected b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.expected new file mode 100644 index 000000000..f905fb455 --- /dev/null +++ b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.expected @@ -0,0 +1,3 @@ +| test.c:6:19:6:24 | call to random | Call to `random()` without a valid call to `srandom()`. | +| test.c:18:19:18:24 | call to random | Call to `random()` without a valid call to `srandom()`. | +| test.c:25:19:25:24 | call to random | Call to `random()` without a valid call to `srandom()`. | diff --git a/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qlref b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qlref new file mode 100644 index 000000000..c00a554d4 --- /dev/null +++ b/c/cert/test/rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.qlref @@ -0,0 +1 @@ +rules/MSC32-C/ProperlySeedPseudorandomNumberGenerators.ql \ No newline at end of file diff --git a/c/cert/test/rules/MSC32-C/test.c b/c/cert/test/rules/MSC32-C/test.c new file mode 100644 index 000000000..c147bc1e9 --- /dev/null +++ b/c/cert/test/rules/MSC32-C/test.c @@ -0,0 +1,26 @@ +#include +#include +#include + +void f1(void) { + printf("%ld, ", random()); // NON_COMPLIANT +} + +void f2(void) { + struct timespec ts; + timespec_get(&ts, TIME_UTC); + srandom(ts.tv_nsec ^ ts.tv_sec); + printf("%ld, ", random()); // COMPLIANT +} + +void f3(void) { + srandom(1); + printf("%ld, ", random()); // NON_COMPLIANT +} + +#define SEED 100 + +void f4(void) { + srandom(SEED); + printf("%ld, ", random()); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/cert/test/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.testref b/c/cert/test/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.testref new file mode 100644 index 000000000..6ddd134ce --- /dev/null +++ b/c/cert/test/rules/MSC37-C/ControlFlowReachesTheEndOfANonVoidFunction.testref @@ -0,0 +1 @@ +c/common/test/rules/nonvoidfunctiondoesnotreturn/NonVoidFunctionDoesNotReturn.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected new file mode 100644 index 000000000..27ef66bc7 --- /dev/null +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected @@ -0,0 +1,53 @@ +| test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here | +| test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here | +| test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here | +| test.c:58:3:58:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:56:13:56:18 | call to strchr | created here | +| test.c:65:6:65:6 | b | This operation may write to a string that may be a string literal that was $@. | test.c:63:7:63:13 | call to strrchr | created here | +| test.c:87:13:87:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:87:13:87:20 | codeql | created here | +| test.c:88:12:88:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:88:12:88:19 | codeql | created here | +| test.c:89:12:89:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:89:12:89:19 | codeql | created here | +| test.c:90:13:90:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:90:13:90:20 | codeql | created here | +| test.c:91:12:91:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:91:12:91:19 | codeql | created here | +| test.c:92:13:92:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:92:13:92:20 | codeql | created here | +| test.c:93:12:93:19 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:93:12:93:19 | codeql | created here | +| test.c:94:13:94:20 | codeql | This operation may write to a string that may be a string literal that was $@. | test.c:94:13:94:20 | codeql | created here | +| test.c:100:13:100:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:101:12:101:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:102:12:102:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:103:13:103:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:104:12:104:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:105:13:105:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:106:12:106:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:107:13:107:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:99:15:99:22 | codeql | created here | +| test.c:113:13:113:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:114:12:114:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:115:12:115:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:116:13:116:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:117:12:117:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:118:13:118:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:119:12:119:12 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:120:13:120:13 | a | This operation may write to a string that may be a string literal that was $@. | test.c:112:15:112:20 | call to strchr | created here | +| test.c:125:13:125:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:125:13:125:14 | aa | created here | +| test.c:126:12:126:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:126:12:126:13 | aa | created here | +| test.c:127:12:127:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:127:12:127:13 | aa | created here | +| test.c:128:13:128:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:128:13:128:14 | aa | created here | +| test.c:129:12:129:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:129:12:129:13 | aa | created here | +| test.c:130:13:130:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:130:13:130:14 | aa | created here | +| test.c:131:12:131:13 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:131:12:131:13 | aa | created here | +| test.c:132:13:132:14 | aa | This operation may write to a string that may be a string literal that was $@. | test.c:132:13:132:14 | aa | created here | +| test.c:137:11:137:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:138:10:138:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:139:10:139:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:140:11:140:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:141:10:141:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:142:11:142:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:143:10:143:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:144:11:144:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:148:13:148:20 | codeql | created here | +| test.c:154:11:154:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:155:10:155:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:156:10:156:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:157:11:157:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:158:10:158:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:159:11:159:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:160:10:160:10 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | +| test.c:161:11:161:11 | a | This operation may write to a string that may be a string literal that was $@. | test.c:165:13:165:18 | call to strchr | created here | diff --git a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qlref b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qlref new file mode 100644 index 000000000..e780711b6 --- /dev/null +++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.qlref @@ -0,0 +1 @@ +rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR30-C/test.c b/c/cert/test/rules/STR30-C/test.c new file mode 100644 index 000000000..8c3059205 --- /dev/null +++ b/c/cert/test/rules/STR30-C/test.c @@ -0,0 +1,184 @@ +#include +#include + +// explicit string literals +void f1_explicit() { + char *a = "codeql"; + a[0] = 'a'; // NON_COMPLIANT +} + +void f2_explicit() { + char a[] = "codeql"; + a[0] = 'a'; // COMPLIANT +} + +void f3_explicit() { + char a[7] = "codeql"; + a[0] = 'a'; // COMPLIANT +} + +void f4_explicit() { + char *a = "codeql"; + if (a[0] == 'a') { // COMPLIANT + ; + } +} + +// implicit string literals +void f1_implicit() { + char *a = strchr("codeql", 'c'); + a[0] = 'a'; // NON_COMPLIANT +} + +void f2_implicit() { + char *a = strchr("codeql", 'c'); + char *b = strchr(a, 'c'); + b[0] = 'a'; // NON_COMPLIANT - implicitly literal +} + +void f3_implicit() { + char a_base[7]; + char *a = strchr(a_base, 'c'); + char *b = strchr(a, 'c'); + b[0] = 'a'; // COMPLIANT -- not implicitly literal +} + +void f4_implicit() { + char *a = strchr("codeql", 'c'); + if (a[0] == 'a') { // COMPLIANT + ; + } +} + +void f5_implicit() { + char *a_base = "codeql"; + char *a = strchr(a_base, 'c'); + char *b = strchr(a, 'c'); + + b[0] = 'a'; // NON_COMPLIANT - implicitly literal +} + +void f7_implicit(const char *a) { + char *b; + b = strrchr(a, 'c'); + if (b) { + *b = '\0'; // NON_COMPLIANT + } +} + +// local scope +void f5_local(const char *aa) { + + // allowed cases + { + char a[] = "codeql"; + mkstemp(a); // COMPLIANT + memset(a, '0', 100); // COMPLIANT + memcpy(a, "0", 100); // COMPLIANT + memmove(a, "0", 100); // COMPLIANT + strcat(a, "0"); // COMPLIANT + strncat(a, "0", 100); // COMPLIANT + strcpy(a, "0"); // COMPLIANT + strncpy(a, "0", 100); // COMPLIANT + } + + // explicit 1 + { + mkstemp("codeql"); // NON_COMPLIANT + memset("codeql", '0', 100); // NON_COMPLIANT + memcpy("codeql", "0", 100); // NON_COMPLIANT + memmove("codeql", "0", 100); // NON_COMPLIANT + strcat("codeql", "0"); // NON_COMPLIANT + strncat("codeql", "0", 100); // NON_COMPLIANT + strcpy("codeql", "0"); // NON_COMPLIANT + strncpy("codeql", "0", 100); // NON_COMPLIANT + } + + // explicit 2 + { + char *a = "codeql"; + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT + } + + { + // implicit + char *a = strchr("codeql", 'c'); + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT + } + + { + // implicit + mkstemp(aa); // NON_COMPLIANT + memset(aa, '0', 100); // NON_COMPLIANT + memcpy(aa, "0", 100); // NON_COMPLIANT + memmove(aa, "0", 100); // NON_COMPLIANT + strcat(aa, "0"); // NON_COMPLIANT + strncat(aa, "0", 100); // NON_COMPLIANT + strcpy(aa, "0"); // NON_COMPLIANT + strncpy(aa, "0", 100); // NON_COMPLIANT + } +} +// flow scope +void f5_flow(char *a) { + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT +} + +void f5_explicit() { + char *a = "codeql"; + f5_flow(a); + f5_flow("codeql"); +} + +void f6_flow(char *a) { + mkstemp(a); // NON_COMPLIANT + memset(a, '0', 100); // NON_COMPLIANT + memcpy(a, "0", 100); // NON_COMPLIANT + memmove(a, "0", 100); // NON_COMPLIANT + strcat(a, "0"); // NON_COMPLIANT + strncat(a, "0", 100); // NON_COMPLIANT + strcpy(a, "0"); // NON_COMPLIANT + strncpy(a, "0", 100); // NON_COMPLIANT +} + +void f6_implicit() { + char *a = strchr("codeql", 'c'); + f6_flow(a); + f6_flow("codeql"); +} + +void f7_flow(char *a) { + mkstemp(a); // COMPLIANT + memset(a, '0', 100); // COMPLIANT + memcpy(a, "0", 100); // COMPLIANT + memmove(a, "0", 100); // COMPLIANT + strcat(a, "0"); // COMPLIANT + strncat(a, "0", 100); // COMPLIANT + strcpy(a, "0"); // COMPLIANT + strncpy(a, "0", 100); // COMPLIANT +} + +void f7_ok() { + char a[10] = "codeql"; + f7_flow(a); +} \ No newline at end of file diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected new file mode 100644 index 000000000..d5529dd26 --- /dev/null +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected @@ -0,0 +1,7 @@ +| test.c:10:20:10:24 | Co | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:32:3:32:9 | call to strncat | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:37:7:37:10 | call to gets | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:48:14:48:19 | call to getenv | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | +| test.c:53:20:53:23 | argv | Expression produces or consumes a string that may not have sufficient space for a null-terminator. | diff --git a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qlref b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qlref new file mode 100644 index 000000000..77925ee7a --- /dev/null +++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.qlref @@ -0,0 +1 @@ +rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR31-C/test.c b/c/cert/test/rules/STR31-C/test.c new file mode 100644 index 000000000..1abfeba84 --- /dev/null +++ b/c/cert/test/rules/STR31-C/test.c @@ -0,0 +1,58 @@ +#include +#include +#include + +char *gets(char *s); // Needs to be forward declared because it is an inherently + // dangerous function + +void f1() { + char a1_nt[7] = "CodeQL"; // COMPLIANT + char a1_nnt[3] = "Cod"; // NON_COMPLIANT + + char a1[9]; + char a2[10]; + char a9[10]; + + strncpy(a2, a1, + 5); // NON_COMPLIANT - not null terminated because n < length(src) + strncpy(a9, a1, 10); // COMPLIANT - is null terminated; n > length(src) +} + +void f2() { + char a1[10]; + char a2[10]; + + snprintf(a1, 10, "CodeQL %d", 3); // COMPLIANT - will be null terminated + snprintf(a2, 11, "CodeQL %d", + 3); // NON_COMPLIANT - will not be null terminated +} + +void f3() { + char a1[2]; + strncat(a1, "CodeQL", 5); // NON_COMPLIANT - will not be null terminated +} + +void f4() { + char s2[10]; + if (gets(s2) == NULL) { // NON_COMPLIANT + } +} + +void f5() { + char a1[100]; + char *a2 = getenv("editor"); +} + +void f6() { + char a1[100]; + char *a2 = getenv("editor"); // NON_COMPLIANT + strcpy(a1, a2); +} + +int main(int argc, char *argv[]) { + char *const a1 = argv[0]; // NON_COMPLIANT + char a2[100]; + strcpy(a2, a1); + + return 0; +} \ No newline at end of file diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected new file mode 100644 index 000000000..bddddc6cb --- /dev/null +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected @@ -0,0 +1,16 @@ +| test.c:19:3:19:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | +| test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:7:20:7:24 | Co | this expression | +| test.c:22:3:22:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:24:3:24:8 | call to strlen | String modified by $@ is passed to function expecting a null-terminated string. | test.c:13:3:13:9 | call to strncpy | this expression | +| test.c:33:3:33:9 | call to wprintf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:30:24:30:29 | Co | this expression | +| test.c:46:3:46:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | +| test.c:47:3:47:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:41:3:41:10 | call to snprintf | this expression | +| test.c:55:3:55:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | +| test.c:56:3:56:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:53:3:53:9 | call to strncat | this expression | +| test.c:62:3:62:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | +| test.c:63:3:63:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:60:20:60:24 | Co | this expression | +| test.c:75:3:75:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | +| test.c:76:3:76:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:72:20:72:24 | Co | this expression | +| test.c:85:3:85:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | +| test.c:86:3:86:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:83:3:83:9 | call to strncpy | this expression | diff --git a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qlref b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qlref new file mode 100644 index 000000000..bb2e2338e --- /dev/null +++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.qlref @@ -0,0 +1 @@ +rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql \ No newline at end of file diff --git a/c/cert/test/rules/STR32-C/test.c b/c/cert/test/rules/STR32-C/test.c new file mode 100644 index 000000000..288ef7e5e --- /dev/null +++ b/c/cert/test/rules/STR32-C/test.c @@ -0,0 +1,87 @@ +#include +#include +#include + +void f1() { + char a1_nt[7] = "CodeQL"; // is null terminated + char a1_nnt[3] = "Cod"; // is NOT null termianted + + char a1[9]; + char a2[10]; + char a9[10]; + + strncpy(a2, a1, 5); // not null terminated because n < length(src) + strncpy(a9, a1, 10); // is null terminated; n > length(src) + + printf("%s", a1_nt); // COMPLIANT + printf(a1_nt); // COMPLIANT + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + printf("%s", a2); // NON_COMPLIANT + printf(a2); // NON_COMPLIANT + strlen(a2); // NON_COMPLIANT + + printf(a9); // COMPLIANT + printf(a9); // COMPLIANT + + wchar_t wa1_nt[7] = L"CodeQL"; // is null terminated + wchar_t wa1_nnt[3] = L"Cod"; // is NOT null termianted + + wprintf(wa1_nt); // COMPLIANT + wprintf(wa1_nnt); // NON_COMPLIANT +} + +void f2() { + char a1[10]; + char a2[10]; + + snprintf(a1, 10, "CodeQL %d", 3); // will be null terminated + snprintf(a2, 11, "CodeQL %d", 3); // will not be null terminated + + printf("%s", a1); // COMPLIANT + printf(a1); // COMPLIANT + + printf("%s", a2); // NON_COMPLIANT + printf(a2); // NON_COMPLIANT +} + +void f3() { + char a1[2]; + + strncat(a1, "CodeQL", 5); // will not be null terminated + + printf(a1); // NON_COMPLIANT + printf("%s", a1); // NON_COMPLIANT +} + +void f4() { + char a1_nnt[3] = "Cod"; // is NOT null termianted + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + a1_nnt[2] = '\0'; + + printf("%s", a1_nnt); // COMPLIANT + printf(a1_nnt); // COMPLIANT +} + +f5() { + char a1_nnt[3] = "Cod"; // is NOT null termianted + char a2[10] = "CodeQL"; + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT + + a1_nnt[2] = '\0'; + + printf("%s", a1_nnt); // COMPLIANT + printf(a1_nnt); // COMPLIANT + + strncpy(a1_nnt, a2, 1); // not null terminated because n < length(src) + + printf("%s", a1_nnt); // NON_COMPLIANT + printf(a1_nnt); // NON_COMPLIANT +} \ No newline at end of file diff --git a/c/common/src/codingstandards/c/Expr.qll b/c/common/src/codingstandards/c/Expr.qll index 200f67ff7..eadc87048 100644 --- a/c/common/src/codingstandards/c/Expr.qll +++ b/c/common/src/codingstandards/c/Expr.qll @@ -1,25 +1,10 @@ import cpp -/* A full expression as defined in ISO/IEC 9899:2011 Annex C point 1. */ +/* A full expression as defined in ISO/IEC 9899:2011 6.8 point 4 and Annex C point 1 item 5. */ class FullExpr extends Expr { FullExpr() { - // An initializer that is not part of a compound literal (see 6.7.9). - this instanceof AssignExpr and not this.getParent+() instanceof AggregateLiteral - or - // The expression in an expression statement (see 6.8.3) - any(ExprStmt s).getExpr() = this - or - // The controlling expression of a selection statement (see 6.8.4) or - // the controlling expression of a `while`, `do`, or `for` statement (see 6.8.5) - any(ControlStructure s).getControllingExpr() = this - or - // Each of the possible optional expressions, besides the controlling expression, - // of a `for` statement (see 6.8.5.3). Note that if `clause-1` will be an expression statement if - // it is an expression and is therefore handle in the expression statement case. - any(ForStmt s).getUpdate() = this - or - // The expression in a `return` statement, if any (see 6.8.6.4) - any(ReturnStmt s).getExpr() = this + not this.getParent() instanceof Expr and + not exists(Variable v | v.getInitializer().getExpr() = this) } } diff --git a/c/common/src/codingstandards/c/Ordering.qll b/c/common/src/codingstandards/c/Ordering.qll index 14f776f93..955cba5e5 100644 --- a/c/common/src/codingstandards/c/Ordering.qll +++ b/c/common/src/codingstandards/c/Ordering.qll @@ -64,6 +64,10 @@ module Ordering { // Note we don't strictly check if `e2` is the next to be evaluated full expression and rely on the // `isCandidate` configuration to minimze the scope or related full expressions. e1 instanceof FullExpr and e2 instanceof FullExpr + or + // The side effect of updating the stored value of the left operand is sequenced after the value computations of the left and right operands. + // See 6.5.16 + e2.(Assignment).getAnOperand().getAChild*() = e1 ) } diff --git a/c/common/src/codingstandards/c/SideEffects.qll b/c/common/src/codingstandards/c/SideEffects.qll new file mode 100644 index 000000000..3cea568e3 --- /dev/null +++ b/c/common/src/codingstandards/c/SideEffects.qll @@ -0,0 +1,41 @@ +/** A module that implements the side effects described in 5.1.2.3 section 1 of the ISO/IEC 9899:2011 standard. */ + +import cpp +import semmle.code.cpp.security.FileWrite +import codingstandards.cpp.SideEffect +import codingstandards.cpp.sideeffect.Customizations + +private class ModifyingLocalObject extends LocalSideEffect::Range { + ModifyingLocalObject() { + this.(AssignExpr).getLValue().(VariableAccess).getTarget() instanceof LocalScopeVariable + or + this.(CrementOperation).getOperand().(VariableAccess).getTarget() instanceof LocalScopeVariable + } +} + +private class ModifyingGlobalObject extends GlobalSideEffect::Range { + ModifyingGlobalObject() { + this.(AssignExpr).getLValue().(VariableAccess).getTarget() instanceof GlobalVariable + or + this.(CrementOperation).getOperand().(VariableAccess).getTarget() instanceof GlobalVariable + } +} + +private class VolatileAccess extends GlobalSideEffect::Range, VariableAccess { + VolatileAccess() { + this.getTarget().isVolatile() and + // Exclude value computation of an lvalue expression soley used to determine the identity + // of the object. As noted in the footnote of 6.5.16 point 3 it is implementation dependend + // whether the value of the assignment expression deterived from the left operand after the assignment + // is determined by reading the object. We assume it is not for assignments that are a child of an + // expression statement because the value is not used and is required for the compliant MISRA-C:2012 case: + // `extern volatile int v; v = v & 0x80;` + not exists(ExprStmt s | s.getExpr().(Assignment).getLValue() = this) + } +} + +private class ExternalFunctionCall extends GlobalSideEffect::Range, FunctionCall { + ExternalFunctionCall() { not exists(this.getTarget().getBlock()) } +} + +private class FileWriteEffect extends ExternalSideEffect::Range, FileWrite { } diff --git a/c/common/src/qlpack.yml b/c/common/src/qlpack.yml index d5851968b..ddab9cafc 100644 --- a/c/common/src/qlpack.yml +++ b/c/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-c-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/c/common/test/expr/FullExpr.expected b/c/common/test/expr/FullExpr.expected index b25672bc2..4785b9002 100644 --- a/c/common/test/expr/FullExpr.expected +++ b/c/common/test/expr/FullExpr.expected @@ -1,8 +1,9 @@ -| fullexpr.c:11:3:11:5 | ... ++ | -| fullexpr.c:13:7:13:7 | i | -| fullexpr.c:15:10:15:10 | i | -| fullexpr.c:18:12:18:12 | i | -| fullexpr.c:20:8:20:12 | ... = ... | -| fullexpr.c:20:15:20:20 | ... < ... | -| fullexpr.c:20:23:20:25 | ++ ... | -| fullexpr.c:23:10:23:10 | i | +| fullexpr.c:8:18:11:37 | temporary object | +| fullexpr.c:13:3:13:5 | ... ++ | +| fullexpr.c:15:7:15:7 | i | +| fullexpr.c:17:10:17:10 | i | +| fullexpr.c:20:12:20:12 | i | +| fullexpr.c:22:8:22:12 | ... = ... | +| fullexpr.c:22:15:22:20 | ... < ... | +| fullexpr.c:22:23:22:25 | ++ ... | +| fullexpr.c:25:10:25:10 | i | diff --git a/c/common/test/expr/fullexpr.c b/c/common/test/expr/fullexpr.c index f4229e3bd..5384f6add 100644 --- a/c/common/test/expr/fullexpr.c +++ b/c/common/test/expr/fullexpr.c @@ -5,8 +5,10 @@ struct foo { void full_expr() { int i; - struct foo f = (struct foo){ - .i = 0, .j = 0}; // Not a full expression, part of a compound expression. + struct foo f = (struct foo){// Compound expression is a full expression. + .i = 0, // Assignments not a full expression, part + // of a compound expression. + .j = 0}; i++; // Full expression, part of expression statement diff --git a/c/common/test/qlpack.yml b/c/common/test/qlpack.yml index 7f28bccc1..35fc480d2 100644 --- a/c/common/test/qlpack.yml +++ b/c/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-c-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-c-coding-standards extractor: cpp diff --git a/c/misra/src/qlpack.yml b/c/misra/src/qlpack.yml index 2002dd53e..2925a83ae 100644 --- a/c/misra/src/qlpack.yml +++ b/c/misra/src/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-c-coding-standards diff --git a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql new file mode 100644 index 000000000..808aa1ba7 --- /dev/null +++ b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql @@ -0,0 +1,27 @@ +/** + * @id c/misra/side-effect-and-crement-in-full-expression + * @name RULE-13-3: A full expression containing an increment (++) or decrement (--) operator should have no other + * @description A full expression containing an increment (++) or decrement (--) operator should + * have no other potential side effects other than that caused by the increment or + * decrement operator + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-13-3 + * readability + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra +import codingstandards.c.Expr +import codingstandards.c.SideEffects + +from FullExpr e, SideEffect se, CrementOperation op +where + not isExcluded(e, SideEffects2Package::sideEffectAndCrementInFullExpressionQuery()) and + e.getAChild+() = op and + se = getASideEffect(e) and + not se instanceof CrementOperation +select e, "The full expression contains the $@ and the $@.", op, op.getOperator(), se, "side effect" diff --git a/c/misra/src/rules/RULE-13-3/standard-example.c b/c/misra/src/rules/RULE-13-3/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql b/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql new file mode 100644 index 000000000..6867455a4 --- /dev/null +++ b/c/misra/src/rules/RULE-17-8/ModificationOfFunctionParameter.ql @@ -0,0 +1,23 @@ +/** + * @id c/misra/modification-of-function-parameter + * @name RULE-17-8: A function parameter should not be modified + * @description A function parameter behaves in the same manner as an object with automatic storage + * duration and the effects of modifying a parameter are not visible in the calling + * function. + * @kind problem + * @precision very-high + * @problem.severity warning + * @tags external/misra/id/rule-17-8 + * correctness + * external/misra/obligation/advisory + */ + +import cpp +import codingstandards.c.misra + +from Parameter p, VariableAccess va +where + not isExcluded(va, SideEffects2Package::modificationOfFunctionParameterQuery()) and + p.getAnAccess() = va and + va.isModified() +select va, "The parameter $@ is modified.", p, p.getName() diff --git a/c/misra/src/rules/RULE-17-8/standard-example.c b/c/misra/src/rules/RULE-17-8/standard-example.c new file mode 100644 index 000000000..e69de29bb diff --git a/c/misra/src/rules/RULE-20-1/standard-example.c b/c/misra/src/rules/RULE-20-1/standard-example.c new file mode 100644 index 000000000..b52af7fb0 --- /dev/null +++ b/c/misra/src/rules/RULE-20-1/standard-example.c @@ -0,0 +1,5 @@ +#define F1_MACRO +#include "f1.h" /* Compliant */ +#include "f2.h" /* Compliant */ +int32_t i = 0; +#include "f3.h" /* Non-compliant */ \ No newline at end of file diff --git a/c/misra/src/rules/RULE-20-2/standard-example.c b/c/misra/src/rules/RULE-20-2/standard-example.c new file mode 100644 index 000000000..cfccf247a --- /dev/null +++ b/c/misra/src/rules/RULE-20-2/standard-example.c @@ -0,0 +1 @@ +#include "fi'le.h" /* Non-compliant */ \ No newline at end of file diff --git a/c/misra/src/rules/RULE-20-9/standard-example.c b/c/misra/src/rules/RULE-20-9/standard-example.c new file mode 100644 index 000000000..9ecd802b4 --- /dev/null +++ b/c/misra/src/rules/RULE-20-9/standard-example.c @@ -0,0 +1,11 @@ +#if M == 0 /* Non-compliant */ +/* Does 'M' expand to zero or is it undefined? */ +#endif +#if defined(M) /* Compliant - M is not evaluated */ +#if M == 0 /* Compliant - M is known to be defined */ +/* 'M' must expand to zero. */ +#endif +#endif +/* Compliant - B is only evaluated in ( B == 0 ) if it is defined */ +#if defined(B) && (B == 0) +#endif \ No newline at end of file diff --git a/c/misra/test/qlpack.yml b/c/misra/test/qlpack.yml index c91e0ca32..87c89cb5c 100644 --- a/c/misra/test/qlpack.yml +++ b/c/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-c-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: misra-c-coding-standards extractor: cpp \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.expected b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.expected new file mode 100644 index 000000000..9226e89ce --- /dev/null +++ b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.expected @@ -0,0 +1,4 @@ +| test.c:16:3:16:11 | ... = ... | The full expression contains the $@ and the $@. | test.c:16:8:16:11 | ... ++ | ++ | test.c:16:3:16:11 | ... = ... | side effect | +| test.c:21:7:21:23 | ... > ... | The full expression contains the $@ and the $@. | test.c:21:15:21:18 | -- ... | -- | test.c:3:19:3:20 | g1 | side effect | +| test.c:25:7:25:23 | ... > ... | The full expression contains the $@ and the $@. | test.c:25:15:25:18 | -- ... | -- | test.c:25:8:25:9 | call to f2 | side effect | +| test.c:33:3:33:28 | ... = ... | The full expression contains the $@ and the $@. | test.c:33:25:33:28 | ... ++ | ++ | test.c:33:3:33:28 | ... = ... | side effect | diff --git a/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.qlref b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.qlref new file mode 100644 index 000000000..ab7975eb5 --- /dev/null +++ b/c/misra/test/rules/RULE-13-3/SideEffectAndCrementInFullExpression.qlref @@ -0,0 +1 @@ +rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-13-3/test.c b/c/misra/test/rules/RULE-13-3/test.c new file mode 100644 index 000000000..6187de20b --- /dev/null +++ b/c/misra/test/rules/RULE-13-3/test.c @@ -0,0 +1,48 @@ + +extern volatile int g1; +int f1() { return g1 + 1; } + +extern int f2(); + +int f3() { return 1; } + +struct S1 { + int l1; +}; + +void test() { + int l1, l2; + + l2 = l1++; // NON_COMPLIANT + + int l3 = l1; + l1++; // COMPLIANT + + if ((f1() + --l1) > 0) // NON_COMPLIANT + { + } + + if ((f2() + --l1) > 0) // NON_COMPLIANT + { + } + + if ((f3() + --l1) > 0) // COMPLIANT + { + } + + l3 = (l2 == l2) ? 0 : l1++; // NON_COMPLIANT + + int l4[1] = {0}; + l4[0]++; // COMPLIANT + + struct S1 l5 = {.l1 = 0}; + l5.l1++; // COMPLIANT + + struct S1 *l6; + l6->l1++; // COMPLIANT + + int *l7 = &l1; + ++(*l7); // COMPLIANT + *l7++; // COMPLIANT + (*l7)++; // COMPLIANT +} \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.expected b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.expected new file mode 100644 index 000000000..1b8c6e5ba --- /dev/null +++ b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.expected @@ -0,0 +1,2 @@ +| test.c:2:3:2:4 | p1 | The parameter $@ is modified. | test.c:1:13:1:14 | p1 | p1 | +| test.c:7:3:7:4 | p1 | The parameter $@ is modified. | test.c:6:14:6:15 | p1 | p1 | diff --git a/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.qlref b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.qlref new file mode 100644 index 000000000..6d759d157 --- /dev/null +++ b/c/misra/test/rules/RULE-17-8/ModificationOfFunctionParameter.qlref @@ -0,0 +1 @@ +rules/RULE-17-8/ModificationOfFunctionParameter.ql \ No newline at end of file diff --git a/c/misra/test/rules/RULE-17-8/test.c b/c/misra/test/rules/RULE-17-8/test.c new file mode 100644 index 000000000..62e06622b --- /dev/null +++ b/c/misra/test/rules/RULE-17-8/test.c @@ -0,0 +1,9 @@ +void f1(int p1) { + p1 = 1; // NON_COMPLIANT +} + +int g1 = 1; +void f2(int *p1) { + p1 = &g1; // NON_COMPLIANT + *p1 = g1; // COMPLIANT +} \ No newline at end of file diff --git a/change_notes/2022-04-06-rand-refactor.md b/change_notes/2022-04-06-rand-refactor.md new file mode 100644 index 000000000..744c3255b --- /dev/null +++ b/change_notes/2022-04-06-rand-refactor.md @@ -0,0 +1 @@ +- Refactored `A26-5-1` and `MSC50-CPP` to share the same query with `MSC30-C`. \ No newline at end of file diff --git a/cpp/autosar/src/qlpack.yml b/cpp/autosar/src/qlpack.yml index 21a87c80c..31eb8beee 100644 --- a/cpp/autosar/src/qlpack.yml +++ b/cpp/autosar/src/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql b/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql index ef14664bf..8a377b9f6 100644 --- a/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql +++ b/cpp/autosar/src/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.ql @@ -44,5 +44,5 @@ where subclass = shadowingVariable.getDeclaringType() ) ) -select f, "Member function $@ is shadowed by $@ in derived class @a", f, f.getName(), e, +select f, "Member function $@ is shadowed by $@ in derived class $@", f, f.getName(), e, description, subclass, subclass.getName() diff --git a/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql b/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql index 4e9d5c313..2085be5b9 100644 --- a/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql +++ b/cpp/autosar/src/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.ql @@ -27,5 +27,5 @@ where not f.isDefaulted() and not f.isCompilerGenerated() and not f.getBlock().getLocation().hasLocationInfo("", 0, 0, 0, 0) -select f, "Non-final virtual function $@ is introduced in final class @$.", f, f.getName(), +select f, "Non-final virtual function $@ is introduced in final class $@.", f, f.getName(), f.getDeclaringType(), f.getDeclaringType().getName() diff --git a/cpp/autosar/src/rules/A15-1-5/standard-example.cpp b/cpp/autosar/src/rules/A15-1-5/standard-example.cpp new file mode 100644 index 000000000..e69de29bb diff --git a/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql b/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql index 38872a318..bcf5357f5 100644 --- a/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql +++ b/cpp/autosar/src/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql @@ -14,11 +14,10 @@ import cpp import codingstandards.cpp.autosar +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -predicate isRand(FunctionCall fc) { fc.getTarget().hasGlobalOrStdName("rand") } - -from FunctionCall fc -where - not isExcluded(fc, BannedFunctionsPackage::pseudorandomNumbersGeneratedUsingRandQuery()) and - isRand(fc) -select fc, "Use of banned function " + fc.getTarget().getQualifiedName() + "." +class PseudorandomNumbersGeneratedUsingRandQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { + PseudorandomNumbersGeneratedUsingRandQuery() { + this = BannedFunctionsPackage::pseudorandomNumbersGeneratedUsingRandQuery() + } +} diff --git a/cpp/autosar/test/qlpack.yml b/cpp/autosar/test/qlpack.yml index ec8efd677..195698fe8 100644 --- a/cpp/autosar/test/qlpack.yml +++ b/cpp/autosar/test/qlpack.yml @@ -1,4 +1,4 @@ name: autosar-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: autosar-cpp-coding-standards extractor: cpp diff --git a/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected b/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected index 6983b4ddc..b8fd44dc4 100644 --- a/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected +++ b/cpp/autosar/test/rules/A10-2-1/NonVirtualPublicOrProtectedFunctionsRedefined.expected @@ -1 +1 @@ -| test.cpp:4:8:4:9 | f1 | Member function $@ is shadowed by $@ in derived class @a | test.cpp:4:8:4:9 | f1 | f1 | test.cpp:13:8:13:9 | f1 | this member function | test.cpp:11:7:11:13 | Derived | Derived | +| test.cpp:4:8:4:9 | f1 | Member function $@ is shadowed by $@ in derived class $@ | test.cpp:4:8:4:9 | f1 | f1 | test.cpp:13:8:13:9 | f1 | this member function | test.cpp:11:7:11:13 | Derived | Derived | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected b/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected index d16f6aee9..7c35a98c9 100644 --- a/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected +++ b/cpp/autosar/test/rules/A10-3-3/VirtualFunctionsIntroducedInFinalClass.expected @@ -1,2 +1,2 @@ -| test.cpp:12:8:12:8 | g | Non-final virtual function $@ is introduced in final class @$. | test.cpp:12:8:12:8 | g | g | test.cpp:9:7:9:13 | Derived | Derived | -| test.cpp:14:16:14:16 | h | Non-final virtual function $@ is introduced in final class @$. | test.cpp:14:16:14:16 | h | h | test.cpp:9:7:9:13 | Derived | Derived | +| test.cpp:12:8:12:8 | g | Non-final virtual function $@ is introduced in final class $@. | test.cpp:12:8:12:8 | g | g | test.cpp:9:7:9:13 | Derived | Derived | +| test.cpp:14:16:14:16 | h | Non-final virtual function $@ is introduced in final class $@. | test.cpp:14:16:14:16 | h | h | test.cpp:9:7:9:13 | Derived | Derived | \ No newline at end of file diff --git a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.expected b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.expected deleted file mode 100644 index 1a3344c36..000000000 --- a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.expected +++ /dev/null @@ -1 +0,0 @@ -| test.cpp:3:47:3:55 | call to rand | Use of banned function std::rand. | diff --git a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.qlref b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.qlref deleted file mode 100644 index 968fd714a..000000000 --- a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.ql \ No newline at end of file diff --git a/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.testref b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.testref new file mode 100644 index 000000000..31cba60b7 --- /dev/null +++ b/cpp/autosar/test/rules/A26-5-1/PseudorandomNumbersGeneratedUsingRand.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/cpp/cert/src/qlpack.yml b/cpp/cert/src/qlpack.yml index 26346cf48..003fb7b7c 100644 --- a/cpp/cert/src/qlpack.yml +++ b/cpp/cert/src/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 suites: codeql-suites libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked-implementation.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp index 9e888978c..75d7fdfc6 100644 --- a/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp +++ b/cpp/cert/src/rules/CON50-CPP/DoNotAllowAMutexToGoOutOfScopeWhileLocked.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked-implementation.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp index 1f8ae81b6..808cb603e 100644 --- a/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp +++ b/cpp/cert/src/rules/CON50-CPP/DoNotDestroyAMutexWhileItIsLocked.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions-implementation.qhelp b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp index 92b70ccf6..20b4d1923 100644 --- a/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp +++ b/cpp/cert/src/rules/CON51-CPP/EnsureActivelyHeldLocksAreReleasedOnExceptionalConditions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads-implementation.qhelp b/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp b/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp index 0b0874bf8..ba85c19d8 100644 --- a/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp +++ b/cpp/cert/src/rules/CON52-CPP/PreventDataRacesWhenAccessingBitFieldsFromMultipleThreads.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder-implementation.qhelp b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp index b11939010..a5ded3d35 100644 --- a/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp +++ b/cpp/cert/src/rules/CON53-CPP/DeadlockByLockingInPredefinedOrder.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop-implementation.qhelp b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp index 0da21dcc6..af8e3fd47 100644 --- a/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp +++ b/cpp/cert/src/rules/CON54-CPP/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables-implementation.qhelp b/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp b/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp index 6daf7ea91..af50203ca 100644 --- a/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp +++ b/cpp/cert/src/rules/CON55-CPP/PreserveThreadSafetyAndLivenessWhenUsingConditionVariables.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex-implementation.qhelp b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp index f1b7dc7a0..752a10d86 100644 --- a/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp +++ b/cpp/cert/src/rules/CON56-CPP/DoNotSpeculativelyLockALockedNonRecursiveMutex.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit-implementation.qhelp b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp index 2438bf8d2..06299a50d 100644 --- a/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp +++ b/cpp/cert/src/rules/CON56-CPP/LockedALockedNonRecursiveMutexAudit.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert-implementation.qhelp b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp index 3731f713a..ba1165f57 100644 --- a/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp +++ b/cpp/cert/src/rules/CTR50-CPP/ContainerAccessWithoutRangeCheckCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess-implementation.qhelp b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp index 05b8fe263..9c8ecf1ce 100644 --- a/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp +++ b/cpp/cert/src/rules/CTR51-CPP/UsesValidContainerElementAccess.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow-implementation.qhelp b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp index 09e6adb30..10164978a 100644 --- a/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp +++ b/cpp/cert/src/rules/CTR52-CPP/GuaranteeGenericCppLibraryFunctionsDoNotOverflow.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges-implementation.qhelp b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp index 51cd887ad..3a2e37be8 100644 --- a/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp +++ b/cpp/cert/src/rules/CTR53-CPP/UseValidIteratorRanges.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers-implementation.qhelp b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp index 4dbb447a8..4acb8354e 100644 --- a/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp +++ b/cpp/cert/src/rules/CTR54-CPP/DoNotSubtractIteratorsForDifferentContainers.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator-implementation.qhelp b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp index 5d1561f97..27710371d 100644 --- a/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp +++ b/cpp/cert/src/rules/CTR55-CPP/DoNotUseAnAdditiveOperatorOnAnIterator.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects-implementation.qhelp b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp index 92aa86767..d2a83dd11 100644 --- a/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp +++ b/cpp/cert/src/rules/CTR56-CPP/DoNotUsePointerArithmeticOnPolymorphicObjects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate-implementation.qhelp b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp index a80e7888a..e844de0b0 100644 --- a/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp +++ b/cpp/cert/src/rules/CTR57-CPP/ProvideAValidOrderingPredicate.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable-implementation.qhelp b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp index 1030c85c2..6bf05bffe 100644 --- a/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp +++ b/cpp/cert/src/rules/CTR58-CPP/PredicateFunctionObjectsShouldNotBeMutable.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction-implementation.qhelp b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp index 0928595f3..db2fd3c76 100644 --- a/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp +++ b/cpp/cert/src/rules/DCL50-CPP/DoNotDefineACStyleVariadicFunction.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp index 72e29bcf7..1e47f7981 100644 --- a/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/EnumeratorReusesReservedName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp index 692b744e3..7a4d271e5 100644 --- a/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/FunctionReusesReservedName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp index d26212f76..fb1c4bd2c 100644 --- a/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/ObjectReusesReservedName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp index e6ba11db6..82a8a64a7 100644 --- a/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/RedefiningOfStandardLibraryName.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp index 5aab15a77..1d0dbd4c4 100644 --- a/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/ReuseOfReservedIdentifier.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp index 56fa858e6..1d25d6860 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfDoubleUnderscoreReservedPrefix.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp index 0cc04c2da..11c8ba2ae 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfReservedLiteralSuffixIdentifier.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix-implementation.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp index db3263896..00e3f9dba 100644 --- a/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp +++ b/cpp/cert/src/rules/DCL51-CPP/UseOfSingleUnderscoreReservedPrefix.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier-implementation.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp index a92d5f084..e47ceb43d 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp +++ b/cpp/cert/src/rules/DCL53-CPP/LocalConstructorInitializedObjectHidesIdentifier.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration-implementation.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp index 9c8408d47..f6d47b4e2 100644 --- a/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp +++ b/cpp/cert/src/rules/DCL53-CPP/LocalFunctionDeclaration.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction-implementation.qhelp b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp index fceae59e3..cbdf56b80 100644 --- a/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp +++ b/cpp/cert/src/rules/DCL54-CPP/SingularOverloadOfMemoryFunction.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries-implementation.qhelp b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp index e58c04c85..ea0b927cc 100644 --- a/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp +++ b/cpp/cert/src/rules/DCL55-CPP/InformationLeakageAcrossTrustBoundaries.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit-implementation.qhelp b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp index b1c4ac046..3a93c502f 100644 --- a/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp +++ b/cpp/cert/src/rules/DCL56-CPP/CyclesDuringStaticObjectInit.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions-implementation.qhelp b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp index 0f1237d94..7781d75a4 100644 --- a/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp +++ b/cpp/cert/src/rules/DCL57-CPP/DoNotLetExceptionsEscapeFromDestructorsOrDeallocationFunctions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces-implementation.qhelp b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp index 3085f98eb..7bca07108 100644 --- a/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp +++ b/cpp/cert/src/rules/DCL58-CPP/ModificationOfTheStandardNamespaces.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile-implementation.qhelp b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp index 113b3eefb..eacdf902c 100644 --- a/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp +++ b/cpp/cert/src/rules/DCL59-CPP/UnnamedNamespaceInHeaderFile.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed-implementation.qhelp b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp index 8fa5f4391..0a909aa73 100644 --- a/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp +++ b/cpp/cert/src/rules/DCL60-CPP/OneDefinitionRuleNotObeyed.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp index b50a1bb53..5243c6e6f 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/ConditionVariablePostConditionFailedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp index d55f61c6c..a9ccd96a7 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/ExitHandlerThrowsExceptionCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp index 98f4e7538..f871c5c3f 100644 --- a/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/ExplicitAbruptTerminationCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp index c5a6537d4..86efd7d17 100644 --- a/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/JoinableThreadCopiedOrDestroyedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert-implementation.qhelp b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp index b69bdc6d9..68e8276df 100644 --- a/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp +++ b/cpp/cert/src/rules/ERR50-CPP/RethrowNestedWithoutCaptureCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions-implementation.qhelp b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp index f78844a82..473f9fb2a 100644 --- a/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp +++ b/cpp/cert/src/rules/ERR51-CPP/HandleAllExceptions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp-implementation.qhelp b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp index 4f740363a..d06a4066a 100644 --- a/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp +++ b/cpp/cert/src/rules/ERR52-CPP/DoNotUseSetjmpOrLongjmp.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock-implementation.qhelp b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp index 7e9dad10c..56ed5b76e 100644 --- a/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp +++ b/cpp/cert/src/rules/ERR53-CPP/DestroyedValueReferencedInConstructorDestructorCatchBlock.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert-implementation.qhelp b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp index e440b6f96..4b3f30df6 100644 --- a/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp +++ b/cpp/cert/src/rules/ERR54-CPP/CatchBlockShadowingCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications-implementation.qhelp b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp index 33d637bda..97ddffd88 100644 --- a/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp +++ b/cpp/cert/src/rules/ERR55-CPP/HonorExceptionSpecifications.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety-implementation.qhelp b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp index 715b977b4..729647f54 100644 --- a/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp +++ b/cpp/cert/src/rules/ERR56-CPP/GuaranteeExceptionSafety.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions-implementation.qhelp b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp index 304c23084..6feed0090 100644 --- a/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp +++ b/cpp/cert/src/rules/ERR57-CPP/DoNotLeakResourcesWhenHandlingExceptions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting-implementation.qhelp b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp index e89626392..91102cdf0 100644 --- a/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp +++ b/cpp/cert/src/rules/ERR58-CPP/HandleAllExceptionsThrownBeforeMainBeginsExecuting.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries-implementation.qhelp b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp index ab2e069b4..46a5bf7c9 100644 --- a/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp +++ b/cpp/cert/src/rules/ERR59-CPP/DoNotThrowAnExceptionAcrossExecutionBoundaries.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible-implementation.qhelp b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp index e8390cab0..0c8a21a0e 100644 --- a/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp +++ b/cpp/cert/src/rules/ERR60-CPP/ExceptionObjectsMustBeNothrowCopyConstructible.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference-implementation.qhelp b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp index 96bbff970..024d2d9d5 100644 --- a/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp +++ b/cpp/cert/src/rules/ERR61-CPP/CatchExceptionsByLvalueReference.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber-implementation.qhelp b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp index 9fd4014c2..a4d556709 100644 --- a/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp +++ b/cpp/cert/src/rules/ERR62-CPP/DetectErrorsWhenConvertingAStringToANumber.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments-implementation.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp index 30485d51c..98ea01687 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfEvaluationForSideEffectsInFunctionCallsAsFunctionArguments.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects-implementation.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp index 699dcae3b..2e2043586 100644 --- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp +++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType-implementation.qhelp b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp index bab273302..d4221a920 100644 --- a/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp +++ b/cpp/cert/src/rules/EXP51-CPP/DoNotDeleteAnArrayThroughAPointerOfTheIncorrectType.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp index 5c737b5cb..61fb64f7b 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclTypeOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp index e61f7fd5f..16e28086e 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInDeclValExpression.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp index 3ca2680fa..cb380a43a 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInNoExceptOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp index 854075684..29ba45f75 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInSizeOfOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand-implementation.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp index ebaa58fa5..0050a1623 100644 --- a/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp +++ b/cpp/cert/src/rules/EXP52-CPP/DoNotRelyOnSideEffectsInTypeIdOperand.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory-implementation.qhelp b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp index 92cb07e3f..163b71351 100644 --- a/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp +++ b/cpp/cert/src/rules/EXP53-CPP/DoNotReadUninitializedMemory.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert-implementation.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp index b70aed574..30ec44646 100644 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp +++ b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedAfterLifetimeCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert-implementation.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp index 594bededd..c2c00bf44 100644 --- a/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp +++ b/cpp/cert/src/rules/EXP54-CPP/ObjectAccessedBeforeLifetimeCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert-implementation.qhelp b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp index 97c36b86d..4c4bca1e5 100644 --- a/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp +++ b/cpp/cert/src/rules/EXP55-CPP/RemoveConstOrVolatileQualificationCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage-implementation.qhelp b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp index 5c75dda2f..63512d091 100644 --- a/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp +++ b/cpp/cert/src/rules/EXP56-CPP/FunctionWithMismatchedLanguageLinkage.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass-implementation.qhelp b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp index 8c52759b7..c7a9a20a8 100644 --- a/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp +++ b/cpp/cert/src/rules/EXP57-CPP/CastOfPointerToIncompleteClass.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass-implementation.qhelp b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp index 09bb4a571..520541c4e 100644 --- a/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp +++ b/cpp/cert/src/rules/EXP57-CPP/DeletingPointerToIncompleteClass.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart-implementation.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp index d6dc4cf08..83cd57e24 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp +++ b/cpp/cert/src/rules/EXP58-CPP/PassNonTrivialObjectToVaStart.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart-implementation.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp index 35845e58c..c0df5abcf 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp +++ b/cpp/cert/src/rules/EXP58-CPP/PassPromotablePrimitiveTypeToVaStart.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart-implementation.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp index c8fa7c609..3405f83f2 100644 --- a/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp +++ b/cpp/cert/src/rules/EXP58-CPP/PassReferenceTypeToVaStart.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember-implementation.qhelp b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp index 5d10c114d..9c422eb68 100644 --- a/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp +++ b/cpp/cert/src/rules/EXP59-CPP/OffsetUsedOnInvalidTypeOrMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries-implementation.qhelp b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp index a48b6f90f..25f5f152e 100644 --- a/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp +++ b/cpp/cert/src/rules/EXP60-CPP/DoNotPassANonstandardObjectAcrossBoundaries.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference-implementation.qhelp b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp index 561708c29..47350453c 100644 --- a/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp +++ b/cpp/cert/src/rules/EXP61-CPP/EscapingLambdaObjectWithCaptureByReference.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference-implementation.qhelp b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp index 365bf5cd8..14b0826e4 100644 --- a/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp +++ b/cpp/cert/src/rules/EXP61-CPP/ReturningLambdaObjectWithCaptureByReference.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation-implementation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp index 70ee33587..d974ca606 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp +++ b/cpp/cert/src/rules/EXP62-CPP/MemcmpUsedToAccessObjectRepresentation.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation-implementation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp index 9709abc10..70f10334c 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp +++ b/cpp/cert/src/rules/EXP62-CPP/MemcpyUsedToAccessObjectRepresentation.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation-implementation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp index 8807a291d..ef2663ac6 100644 --- a/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp +++ b/cpp/cert/src/rules/EXP62-CPP/MemsetUsedToAccessObjectRepresentation.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject-implementation.qhelp b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp index 4e38c3b1c..cf87df9f2 100644 --- a/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp +++ b/cpp/cert/src/rules/EXP63-CPP/DoNotRelyOnTheValueOfAMovedFromObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition-implementation.qhelp b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp index 9e842328e..7241204ee 100644 --- a/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp +++ b/cpp/cert/src/rules/FIO50-CPP/InterleavedInputOutputWithoutPosition.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp index 6cb834b3c..c4f28931d 100644 --- a/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp +++ b/cpp/cert/src/rules/FIO51-CPP/CloseFilesWhenTheyAreNoLongerNeeded.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue-implementation.qhelp b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp index 25a87e721..3876482d7 100644 --- a/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp +++ b/cpp/cert/src/rules/INT50-CPP/DoNotCastToAnOutOfRangeEnumerationValue.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree-implementation.qhelp b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp index e3b5de6a2..6038851fb 100644 --- a/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp +++ b/cpp/cert/src/rules/MEM50-CPP/UseAfterFree.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources-implementation.qhelp b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp index 6ec536afe..b199f6045 100644 --- a/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp +++ b/cpp/cert/src/rules/MEM51-CPP/ProperlyDeallocateDynamicallyAllocatedResources.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors-implementation.qhelp b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp index 41775fd8d..3155e7f4d 100644 --- a/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp +++ b/cpp/cert/src/rules/MEM52-CPP/DetectAndHandleMemoryAllocationErrors.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject-implementation.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp index cd10bab2f..3a0979f97 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp +++ b/cpp/cert/src/rules/MEM53-CPP/MissingConstructorCallForManuallyManagedObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject-implementation.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp index 76b5d5681..1f026cc34 100644 --- a/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp +++ b/cpp/cert/src/rules/MEM53-CPP/MissingDestructorCallForManuallyManagedObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert-implementation.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp index 802d35675..180d3837f 100644 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp +++ b/cpp/cert/src/rules/MEM54-CPP/PlacementNewInsufficientStorageCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert-implementation.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp index 93f8399f1..d477c38ce 100644 --- a/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp +++ b/cpp/cert/src/rules/MEM54-CPP/PlacementNewNotProperlyAlignedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp index 74b425921..c9ddb67c0 100644 --- a/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/OperatorDeleteMissingPartnerCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp index 24b1f1916..9f878aa7c 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingNoThrowOperatorNewDeleteCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp index fb683fda9..d6125106e 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewReturnsNullCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert-implementation.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp index 1579bf392..1d4ae1f83 100644 --- a/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp +++ b/cpp/cert/src/rules/MEM55-CPP/ThrowingOperatorNewThrowsInvalidExceptionCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert-implementation.qhelp b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp index ccbf2c941..3f6689d24 100644 --- a/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp +++ b/cpp/cert/src/rules/MEM56-CPP/OwnedPointerValueStoredInUnrelatedSmartPointerCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes-implementation.qhelp b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp index b9db9ba42..dbe04bcf7 100644 --- a/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp +++ b/cpp/cert/src/rules/MEM57-CPP/UsingDefaultOperatorNewForOverAlignedTypes.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers-implementation.qhelp b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp index 34cd31108..ae3d8bd91 100644 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp +++ b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql index 28467b825..ea2f3be3e 100644 --- a/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql +++ b/cpp/cert/src/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -12,11 +12,10 @@ import cpp import codingstandards.cpp.cert +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers -predicate isRand(FunctionCall fc) { fc.getTarget().hasGlobalOrStdName("rand") } - -from FunctionCall fc -where - not isExcluded(fc, BannedFunctionsPackage::doNotUseRandForGeneratingPseudorandomNumbersQuery()) and - isRand(fc) -select fc, "Use of banned function " + fc.getTarget().getQualifiedName() + "." +class DoNotUseRandForGeneratingPseudorandomNumbersQuery extends DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery { + DoNotUseRandForGeneratingPseudorandomNumbersQuery() { + this = BannedFunctionsPackage::doNotUseRandForGeneratingPseudorandomNumbersQuery() + } +} diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator-implementation.qhelp b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp index 84e3c43eb..5e7142dc6 100644 --- a/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp +++ b/cpp/cert/src/rules/MSC51-CPP/BadlySeededRandomNumberGenerator.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert-implementation.qhelp b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp index 6b483ec44..ee9872226 100644 --- a/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp +++ b/cpp/cert/src/rules/MSC52-CPP/NonVoidFunctionDoesNotReturnCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert-implementation.qhelp b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp index 626d147af..8c0ae3f92 100644 --- a/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp +++ b/cpp/cert/src/rules/MSC53-CPP/FunctionNoReturnAttributeConditionCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction-implementation.qhelp b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp index 0090cc162..ec6d3c36a 100644 --- a/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp +++ b/cpp/cert/src/rules/MSC54-CPP/SignalHandlerMustBeAPlainOldFunction.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors-implementation.qhelp b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp index 5b29f05c2..1eb301374 100644 --- a/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp +++ b/cpp/cert/src/rules/OOP50-CPP/DoNotInvokeVirtualFunctionsFromConstructorsOrDestructors.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects-implementation.qhelp b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp index 4747aa95c..a17536cd9 100644 --- a/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp +++ b/cpp/cert/src/rules/OOP51-CPP/DoNotSliceDerivedObjects.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor-implementation.qhelp b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp index 3f48aa04e..6e42d3cc0 100644 --- a/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp +++ b/cpp/cert/src/rules/OOP52-CPP/DoNotDeleteAPolymorphicObjectWithoutAVirtualDestructor.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP52-CPP/standard-example.cpp b/cpp/cert/src/rules/OOP52-CPP/standard-example.cpp new file mode 100644 index 000000000..e69de29bb diff --git a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit-implementation.qhelp b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp index f2016bd3d..a889e932b 100644 --- a/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp +++ b/cpp/cert/src/rules/OOP53-CPP/UseCanonicalOrderForMemberInit.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment-implementation.qhelp b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp index e155b4552..24ec825f7 100644 --- a/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp +++ b/cpp/cert/src/rules/OOP54-CPP/GracefullyHandleSelfCopyAssignment.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember-implementation.qhelp b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp index 923368136..d4118a33e 100644 --- a/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp +++ b/cpp/cert/src/rules/OOP55-CPP/MemberAccessWithUninitializedStaticPointerToMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember-implementation.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp index 3644ad655..4c9929ef7 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessNonexistentMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember-implementation.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp index c1ecb1902..ae912456e 100644 --- a/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp +++ b/cpp/cert/src/rules/OOP55-CPP/UseOfPointerToMemberToAccessUndefinedMember.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements-implementation.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp index 95b1501a6..0989b59e1 100644 --- a/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp +++ b/cpp/cert/src/rules/OOP56-CPP/HonorNewReplacementHandlerRequirements.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements-implementation.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp index d33ab9e08..8be1346a2 100644 --- a/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp +++ b/cpp/cert/src/rules/OOP56-CPP/HonorTerminationReplacementHandlerRequirements.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions-implementation.qhelp b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp index a99655f0e..e90c025f2 100644 --- a/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp +++ b/cpp/cert/src/rules/OOP57-CPP/PreferSpecialMemberFunctionsAndOverloadedOperatorsToCStandardLibraryFunctions.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject-implementation.qhelp b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp index 641d8c9ef..b1a12b0a4 100644 --- a/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp +++ b/cpp/cert/src/rules/OOP58-CPP/CopyOperationsMustNotMutateTheSourceObject.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert-implementation.qhelp b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp index ddc7b58e1..3280090bf 100644 --- a/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp +++ b/cpp/cert/src/rules/STR50-CPP/BasicStringMayNotBeNullTerminatedCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert-implementation.qhelp b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp index 61310c939..2b753a239 100644 --- a/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp +++ b/cpp/cert/src/rules/STR50-CPP/OperationMayNotNullTerminateCStyleStringCert.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer-implementation.qhelp b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp index d023c155e..87becb82c 100644 --- a/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp +++ b/cpp/cert/src/rules/STR51-CPP/DoNotAttemptToCreateAStringFromANullPointer.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString-implementation.qhelp b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp index 9a82fa5e1..940566ee9 100644 --- a/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp +++ b/cpp/cert/src/rules/STR52-CPP/UseValidReferencesForElementsOfString.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess-implementation.qhelp b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp index 421fb87c8..f3dbea681 100644 --- a/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp +++ b/cpp/cert/src/rules/STR53-CPP/RangeCheckStringElementAccess.qhelp @@ -8,9 +8,6 @@ -
    - -
  • CERT-C++: diff --git a/cpp/cert/test/qlpack.yml b/cpp/cert/test/qlpack.yml index 9d0f02504..11d4756c2 100644 --- a/cpp/cert/test/qlpack.yml +++ b/cpp/cert/test/qlpack.yml @@ -1,4 +1,4 @@ name: cert-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: cert-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qlref b/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qlref deleted file mode 100644 index 5c79d4203..000000000 --- a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.qlref +++ /dev/null @@ -1 +0,0 @@ -rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.testref b/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.testref new file mode 100644 index 000000000..31cba60b7 --- /dev/null +++ b/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.testref @@ -0,0 +1 @@ +cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql \ No newline at end of file diff --git a/cpp/cert/test/rules/MSC50-CPP/test.cpp b/cpp/cert/test/rules/MSC50-CPP/test.cpp deleted file mode 100644 index 03d820a15..000000000 --- a/cpp/cert/test/rules/MSC50-CPP/test.cpp +++ /dev/null @@ -1,3 +0,0 @@ -#include - -void test_use_of_rand() { int random_number = std::rand() % 10; } \ No newline at end of file diff --git a/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll b/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll index 5fbd40ae5..ab454957e 100644 --- a/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll +++ b/cpp/common/src/codingstandards/cpp/PossiblyUnsafeStringOperation.qll @@ -78,3 +78,31 @@ class PossiblyUnsafeStringOperation extends FunctionCall { ) } } + +/** + * Models a character array that is initialized with a string literal. + */ +class CharArrayInitializedWithStringLiteral extends Expr { + int stringLiteralLength; + int containerLength; + + CharArrayInitializedWithStringLiteral() { + exists(Variable v, StringLiteral sl | + v.getInitializer().getExpr() = sl and + ( + // `getValueText()` includes the quotes of the string + // this calculation is to subtract that overage. This also handles + // wide strings initialized with L"" + if sl.getValueText().charAt(0) = "L" + then sl.getValueText().length() - 3 = stringLiteralLength + else sl.getValueText().length() - 2 = stringLiteralLength + ) and + containerLength = v.getType().(ArrayType).getArraySize() and + this = sl + ) + } + + int getStringLiteralLength() { result = stringLiteralLength } + + int getContainerLength() { result = containerLength } +} diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql index 4c968ae15..bb4cabd80 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationPermits.ql @@ -2,7 +2,6 @@ * @id cpp/coding-standards/invalid-deviation-permits * @name Invalid deviation permits * @description Deviation permits marked as invalid will not be applied. - * @kind problem */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql index 2004ad90f..ec555a8a5 100644 --- a/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql +++ b/cpp/common/src/codingstandards/cpp/deviations/InvalidDeviationRecords.ql @@ -2,7 +2,6 @@ * @id cpp/coding-standards/invalid-deviations * @name Invalid deviations * @description Deviation records marked as invalid will not be applied. - * @kind problem */ import cpp diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll new file mode 100644 index 000000000..c63fe7c7d --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Misc.qll @@ -0,0 +1,58 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype MiscQuery = + TRandUsedForGeneratingPseudorandomNumbersQuery() or + TProperlySeedPseudorandomNumberGeneratorsQuery() or + TControlFlowReachesTheEndOfANonVoidFunctionQuery() + +predicate isMiscQueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `randUsedForGeneratingPseudorandomNumbers` query + MiscPackage::randUsedForGeneratingPseudorandomNumbersQuery() and + queryId = + // `@id` for the `randUsedForGeneratingPseudorandomNumbers` query + "c/cert/rand-used-for-generating-pseudorandom-numbers" and + ruleId = "MSC30-C" + or + query = + // `Query` instance for the `properlySeedPseudorandomNumberGenerators` query + MiscPackage::properlySeedPseudorandomNumberGeneratorsQuery() and + queryId = + // `@id` for the `properlySeedPseudorandomNumberGenerators` query + "c/cert/properly-seed-pseudorandom-number-generators" and + ruleId = "MSC32-C" + or + query = + // `Query` instance for the `controlFlowReachesTheEndOfANonVoidFunction` query + MiscPackage::controlFlowReachesTheEndOfANonVoidFunctionQuery() and + queryId = + // `@id` for the `controlFlowReachesTheEndOfANonVoidFunction` query + "c/cert/control-flow-reaches-the-end-of-a-non-void-function" and + ruleId = "MSC37-C" +} + +module MiscPackage { + Query randUsedForGeneratingPseudorandomNumbersQuery() { + //autogenerate `Query` type + result = + // `Query` type for `randUsedForGeneratingPseudorandomNumbers` query + TQueryC(TMiscPackageQuery(TRandUsedForGeneratingPseudorandomNumbersQuery())) + } + + Query properlySeedPseudorandomNumberGeneratorsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `properlySeedPseudorandomNumberGenerators` query + TQueryC(TMiscPackageQuery(TProperlySeedPseudorandomNumberGeneratorsQuery())) + } + + Query controlFlowReachesTheEndOfANonVoidFunctionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `controlFlowReachesTheEndOfANonVoidFunction` query + TQueryC(TMiscPackageQuery(TControlFlowReachesTheEndOfANonVoidFunctionQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll index 54910ea2b..9f5fb0956 100644 --- a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll @@ -4,23 +4,32 @@ import codingstandards.cpp.exclusions.RuleMetadata //** Import packages for this language **/ import IO1 import IO2 +import Misc import Preprocessor1 import SideEffects1 +import SideEffects2 +import Strings1 import Syntax /** The TQuery type representing this language * */ newtype TCQuery = TIO1PackageQuery(IO1Query q) or TIO2PackageQuery(IO2Query q) or + TMiscPackageQuery(MiscQuery q) or TPreprocessor1PackageQuery(Preprocessor1Query q) or TSideEffects1PackageQuery(SideEffects1Query q) or + TSideEffects2PackageQuery(SideEffects2Query q) or + TStrings1PackageQuery(Strings1Query q) or TSyntaxPackageQuery(SyntaxQuery q) /** The metadata predicate * */ predicate isQueryMetadata(Query query, string queryId, string ruleId) { isIO1QueryMetadata(query, queryId, ruleId) or isIO2QueryMetadata(query, queryId, ruleId) or + isMiscQueryMetadata(query, queryId, ruleId) or isPreprocessor1QueryMetadata(query, queryId, ruleId) or isSideEffects1QueryMetadata(query, queryId, ruleId) or + isSideEffects2QueryMetadata(query, queryId, ruleId) or + isStrings1QueryMetadata(query, queryId, ruleId) or isSyntaxQueryMetadata(query, queryId, ruleId) } diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll new file mode 100644 index 000000000..c14446ee9 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/SideEffects2.qll @@ -0,0 +1,42 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype SideEffects2Query = + TSideEffectAndCrementInFullExpressionQuery() or + TModificationOfFunctionParameterQuery() + +predicate isSideEffects2QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `sideEffectAndCrementInFullExpression` query + SideEffects2Package::sideEffectAndCrementInFullExpressionQuery() and + queryId = + // `@id` for the `sideEffectAndCrementInFullExpression` query + "c/misra/side-effect-and-crement-in-full-expression" and + ruleId = "RULE-13-3" + or + query = + // `Query` instance for the `modificationOfFunctionParameter` query + SideEffects2Package::modificationOfFunctionParameterQuery() and + queryId = + // `@id` for the `modificationOfFunctionParameter` query + "c/misra/modification-of-function-parameter" and + ruleId = "RULE-17-8" +} + +module SideEffects2Package { + Query sideEffectAndCrementInFullExpressionQuery() { + //autogenerate `Query` type + result = + // `Query` type for `sideEffectAndCrementInFullExpression` query + TQueryC(TSideEffects2PackageQuery(TSideEffectAndCrementInFullExpressionQuery())) + } + + Query modificationOfFunctionParameterQuery() { + //autogenerate `Query` type + result = + // `Query` type for `modificationOfFunctionParameter` query + TQueryC(TSideEffects2PackageQuery(TModificationOfFunctionParameterQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll new file mode 100644 index 000000000..7a401ea5b --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/exclusions/c/Strings1.qll @@ -0,0 +1,58 @@ +//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY. **/ +import cpp +import RuleMetadata +import codingstandards.cpp.exclusions.RuleMetadata + +newtype Strings1Query = + TDoNotAttemptToModifyStringLiteralsQuery() or + TStringsHasSufficientSpaceForTheNullTerminatorQuery() or + TNonNullTerminatedToFunctionThatExpectsAStringQuery() + +predicate isStrings1QueryMetadata(Query query, string queryId, string ruleId) { + query = + // `Query` instance for the `doNotAttemptToModifyStringLiterals` query + Strings1Package::doNotAttemptToModifyStringLiteralsQuery() and + queryId = + // `@id` for the `doNotAttemptToModifyStringLiterals` query + "c/cert/do-not-attempt-to-modify-string-literals" and + ruleId = "STR30-C" + or + query = + // `Query` instance for the `stringsHasSufficientSpaceForTheNullTerminator` query + Strings1Package::stringsHasSufficientSpaceForTheNullTerminatorQuery() and + queryId = + // `@id` for the `stringsHasSufficientSpaceForTheNullTerminator` query + "c/cert/strings-has-sufficient-space-for-the-null-terminator" and + ruleId = "STR31-C" + or + query = + // `Query` instance for the `nonNullTerminatedToFunctionThatExpectsAString` query + Strings1Package::nonNullTerminatedToFunctionThatExpectsAStringQuery() and + queryId = + // `@id` for the `nonNullTerminatedToFunctionThatExpectsAString` query + "c/cert/non-null-terminated-to-function-that-expects-a-string" and + ruleId = "STR32-C" +} + +module Strings1Package { + Query doNotAttemptToModifyStringLiteralsQuery() { + //autogenerate `Query` type + result = + // `Query` type for `doNotAttemptToModifyStringLiterals` query + TQueryC(TStrings1PackageQuery(TDoNotAttemptToModifyStringLiteralsQuery())) + } + + Query stringsHasSufficientSpaceForTheNullTerminatorQuery() { + //autogenerate `Query` type + result = + // `Query` type for `stringsHasSufficientSpaceForTheNullTerminator` query + TQueryC(TStrings1PackageQuery(TStringsHasSufficientSpaceForTheNullTerminatorQuery())) + } + + Query nonNullTerminatedToFunctionThatExpectsAStringQuery() { + //autogenerate `Query` type + result = + // `Query` type for `nonNullTerminatedToFunctionThatExpectsAString` query + TQueryC(TStrings1PackageQuery(TNonNullTerminatedToFunctionThatExpectsAStringQuery())) + } +} diff --git a/cpp/common/src/codingstandards/cpp/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.qll b/cpp/common/src/codingstandards/cpp/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.qll new file mode 100644 index 000000000..d4c26ad34 --- /dev/null +++ b/cpp/common/src/codingstandards/cpp/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.qll @@ -0,0 +1,18 @@ +/** + * Provides a library which includes a `problems` predicate for uses of rand() + * for generating random numbers. + */ + +import cpp +import codingstandards.cpp.Customizations +import codingstandards.cpp.Exclusions + +abstract class DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery extends Query { } + +Query getQuery() { result instanceof DoNotUseRandForGeneratingPseudorandomNumbersSharedQuery } + +query predicate problems(FunctionCall fc, string message) { + not isExcluded(fc, getQuery()) and + fc.getTarget().hasGlobalOrStdName("rand") and + message = "Use of banned function " + fc.getTarget().getQualifiedName() + "." +} diff --git a/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll b/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll index dbc4d13dd..bb3fb7fad 100644 --- a/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll +++ b/cpp/common/src/codingstandards/cpp/sideeffect/DefaultEffects.qll @@ -1,10 +1,10 @@ import cpp import codingstandards.cpp.SideEffect import codingstandards.cpp.sideeffect.Customizations -import codingstandards.cpp.Allocations -import codingstandards.cpp.Expr -import codingstandards.cpp.Variable -import semmle.code.cpp.security.FileWrite +private import codingstandards.cpp.Allocations +private import codingstandards.cpp.Expr +private import codingstandards.cpp.Variable +private import semmle.code.cpp.security.FileWrite /** A function call that performs an IO operation and thus exhibts an external side effect. */ private class IOFunctionCall extends FunctionCall, ExternalSideEffect::Range { diff --git a/cpp/common/src/qlpack.yml b/cpp/common/src/qlpack.yml index b66d6f283..109077ece 100644 --- a/cpp/common/src/qlpack.yml +++ b/cpp/common/src/qlpack.yml @@ -1,3 +1,3 @@ name: common-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: codeql-cpp diff --git a/cpp/common/test/qlpack.yml b/cpp/common/test/qlpack.yml index 47f83b092..907404ca8 100644 --- a/cpp/common/test/qlpack.yml +++ b/cpp/common/test/qlpack.yml @@ -1,4 +1,4 @@ name: common-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-cpp-coding-standards extractor: cpp diff --git a/cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.expected b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected similarity index 100% rename from cpp/cert/test/rules/MSC50-CPP/DoNotUseRandForGeneratingPseudorandomNumbers.expected rename to cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.expected diff --git a/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql new file mode 100644 index 000000000..05388363d --- /dev/null +++ b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/DoNotUseRandForGeneratingPseudorandomNumbers.ql @@ -0,0 +1,2 @@ +// GENERATED FILE - DO NOT MODIFY +import codingstandards.cpp.rules.donotuserandforgeneratingpseudorandomnumbers.DoNotUseRandForGeneratingPseudorandomNumbers diff --git a/cpp/autosar/test/rules/A26-5-1/test.cpp b/cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp similarity index 100% rename from cpp/autosar/test/rules/A26-5-1/test.cpp rename to cpp/common/test/rules/donotuserandforgeneratingpseudorandomnumbers/test.cpp diff --git a/cpp/misra/src/qlpack.yml b/cpp/misra/src/qlpack.yml index fbc916b8a..173ccaa1d 100644 --- a/cpp/misra/src/qlpack.yml +++ b/cpp/misra/src/qlpack.yml @@ -1,3 +1,3 @@ name: misra-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: common-cpp-coding-standards diff --git a/cpp/misra/test/qlpack.yml b/cpp/misra/test/qlpack.yml index 17b683f28..c269fe7d7 100644 --- a/cpp/misra/test/qlpack.yml +++ b/cpp/misra/test/qlpack.yml @@ -1,4 +1,4 @@ name: misra-cpp-coding-standards-tests -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: misra-cpp-coding-standards extractor: cpp diff --git a/cpp/report/src/qlpack.yml b/cpp/report/src/qlpack.yml index e3c48fe63..5a8be4085 100644 --- a/cpp/report/src/qlpack.yml +++ b/cpp/report/src/qlpack.yml @@ -1,3 +1,3 @@ name: report-cpp-coding-standards -version: 2.1.0 +version: 2.3.0 libraryPathDependencies: codeql-cpp diff --git a/development_handbook.md b/development_handbook.md index acc2da6f0..2c0967afb 100644 --- a/development_handbook.md +++ b/development_handbook.md @@ -60,7 +60,6 @@ In the repository, this will be organised as follows: / .ql .qhelp - -implementation.qhelp codeql-suites/ -default.qls ... @@ -205,7 +204,6 @@ python3 scripts/generate_rules/generate_package_files.py After running this script, the following files will be generated in the `//src/rules//` directory: - A `.ql` query file with the query metadata pre-populated, and the standard imports included. - A `.qhelp` query help file with some boilerplate text describing the purpose of the query. - - A `-implementation.qhelp` query help file with a space to enter details about the implementation of this rule in the query. In addition, the following files will be generated in the `//test/rules//` directory: - An empty `test.cpp` file. @@ -214,7 +212,7 @@ In addition, the following files will be generated in the `//tes The script can be safely re-run, except in a few notable cases listed below. Re-running the script has the following effect: - Overwrites the `.qhelp` file and `.qlref` file. - - Touches the `-implementation.qhelp`, `test.cpp` and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. + - Touches the `test.cpp` and `.expected` files, to ensure they exist on disk, but does not modify them if they exist. - Updates the `.ql` query by overwriting the query metadata block only. The QL portion of the file is left untouched. The notable exceptions are: diff --git a/rule_packages/c/Misc.json b/rule_packages/c/Misc.json new file mode 100644 index 000000000..8d7f515e2 --- /dev/null +++ b/rule_packages/c/Misc.json @@ -0,0 +1,66 @@ +{ + "CERT-C": { + "MSC30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "rand() shall not be used to generate pseudorandom numbers.", + "kind": "problem", + "name": "Do not use the rand() function for generating pseudorandom numbers", + "precision": "very-high", + "severity": "error", + "short_name": "RandUsedForGeneratingPseudorandomNumbers", + "shared_implementation_short_name" : "DoNotUseRandForGeneratingPseudorandomNumbers", + "tags": [ + "security" + ] + } + ], + "title": "Do not use the rand() function for generating pseudorandom numbers" + }, + "MSC32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Improperly seeded random number generators can lead to insecure code.", + "kind": "problem", + "name": "Properly seed pseudorandom number generators", + "precision": "very-high", + "severity": "error", + "short_name": "ProperlySeedPseudorandomNumberGenerators", + "tags": [ + "security" + ] + } + ], + "title": "Properly seed pseudorandom number generators", + "implementation_scope": { + "description": "This rule will be checked by looking for calls to random that are no preceded by a call to srandom(). We perform a simple check for the argument to srandom() and verify it is not a literal (or a value easily deduced to be a literal)." + } + }, + "MSC37-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Non-void functions that end without an explicit return can produce unpredictable results.", + "kind": "problem", + "name": "Ensure that control never reaches the end of a non-void function", + "precision": "very-high", + "severity": "error", + "short_name": "ControlFlowReachesTheEndOfANonVoidFunction", + "shared_implementation_short_name": "NonVoidFunctionDoesNotReturn", + "tags": [ + "correctness" + ] + } + ], + "title": "Ensure that control never reaches the end of a non-void function" + } + } +} \ No newline at end of file diff --git a/rule_packages/c/Preprocessor1.json b/rule_packages/c/Preprocessor1.json index 21ad88ea1..b93bc7273 100644 --- a/rule_packages/c/Preprocessor1.json +++ b/rule_packages/c/Preprocessor1.json @@ -37,6 +37,7 @@ "correctness" ] } + ], "title": "The # and ## preprocessor operators should not be used" }, @@ -55,7 +56,11 @@ "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", + "items": [] + } } ], "title": "The ', \" or \\ characters and the /* or // character sequences shall not occur in a header file name" @@ -76,7 +81,11 @@ "tags": [ "correctness", "readability" - ] + ], + "implementation_scope": { + "description": "This query does not detect the case where an undefined character is used but not actually evaluated, for example, as a result of the inclusion of a logical AND operator in the #if expression.", + "items": [] + } } ], "title": "All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be #define\ufffdd before evaluation" diff --git a/rule_packages/c/SideEffects2.json b/rule_packages/c/SideEffects2.json new file mode 100644 index 000000000..9c8c3b71e --- /dev/null +++ b/rule_packages/c/SideEffects2.json @@ -0,0 +1,43 @@ +{ + "MISRA-C-2012": { + "RULE-13-3": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator", + "kind": "problem", + "name": "A full expression containing an increment (++) or decrement (--) operator should have no other", + "precision": "very-high", + "severity": "warning", + "short_name": "SideEffectAndCrementInFullExpression", + "tags": [ + "readability", + "correctness" + ] + } + ], + "title": "A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator" + }, + "RULE-17-8": { + "properties": { + "obligation": "advisory" + }, + "queries": [ + { + "description": "A function parameter behaves in the same manner as an object with automatic storage duration and the effects of modifying a parameter are not visible in the calling function.", + "kind": "problem", + "name": "A function parameter should not be modified", + "precision": "very-high", + "severity": "warning", + "short_name": "ModificationOfFunctionParameter", + "tags": [ + "correctness" + ] + } + ], + "title": "A function parameter should not be modified" + } + } +} \ No newline at end of file diff --git a/rule_packages/c/Strings1.json b/rule_packages/c/Strings1.json new file mode 100644 index 000000000..159034b4a --- /dev/null +++ b/rule_packages/c/Strings1.json @@ -0,0 +1,67 @@ +{ + "CERT-C": { + "STR30-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Modifying a string literal can produce unexpected effects.", + "kind": "problem", + "name": "Do not attempt to modify string literals", + "precision": "very-high", + "severity": "error", + "short_name": "DoNotAttemptToModifyStringLiterals", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not attempt to modify string literals" + }, + "STR31-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Many library functions in the C standard library assume C strings are null terminated and failing to null terminate strings may lead to unpredictable program behavior.", + "kind": "problem", + "name": "Guarantee that storage for strings has sufficient space for character data and the null terminator", + "precision": "medium", + "severity": "error", + "short_name": "StringsHasSufficientSpaceForTheNullTerminator", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Guarantee that storage for strings has sufficient space for character data and the null terminator", + "implementation_scope": { + "description": "The enforcement of this rule does not try to approximate the effects of loops and as such may not find cases where a loop operation on a string fails to null terminate a string (or causes an overflow)." + } + }, + "STR32-C": { + "properties": { + "obligation": "rule" + }, + "queries": [ + { + "description": "Passing a string that is not null-terminated can lead to unpredictable program behavior.", + "kind": "problem", + "name": "Do not pass a non-null-terminated character sequence to a library function that expects a string", + "precision": "medium", + "severity": "error", + "short_name": "NonNullTerminatedToFunctionThatExpectsAString", + "tags": [ + "correctness", + "security" + ] + } + ], + "title": "Do not pass a non-null-terminated character sequence to a library function that expects a string" + } + } +} \ No newline at end of file diff --git a/rule_packages/cpp/BannedFunctions.json b/rule_packages/cpp/BannedFunctions.json index 2ea991c64..a6b37765d 100644 --- a/rule_packages/cpp/BannedFunctions.json +++ b/rule_packages/cpp/BannedFunctions.json @@ -62,6 +62,7 @@ "precision": "very-high", "severity": "error", "short_name": "PseudorandomNumbersGeneratedUsingRand", + "shared_implementation_short_name" : "DoNotUseRandForGeneratingPseudorandomNumbers", "tags": [ "security" ] @@ -220,6 +221,7 @@ "precision": "very-high", "severity": "error", "short_name": "DoNotUseRandForGeneratingPseudorandomNumbers", + "shared_implementation_short_name" : "DoNotUseRandForGeneratingPseudorandomNumbers", "tags": [ "security" ] diff --git a/rule_packages/cpp/Macros.json b/rule_packages/cpp/Macros.json index dc4d22047..c24401688 100644 --- a/rule_packages/cpp/Macros.json +++ b/rule_packages/cpp/Macros.json @@ -44,7 +44,11 @@ "shared_implementation_short_name": "PreprocessorIncludesForbiddenHeaderNames", "tags": [ "correctness" - ] + ], + "implementation_scope": { + "description": "This query identifies the use of the ', \\, /*, // characters in header file names. The query is not able to detect the use of the \" character in header file names.", + "items": [] + } } ], "title": "The ', \", /*, //, \\ characters shall not occur in a header file name or in #include directive." @@ -211,7 +215,11 @@ "tags": [ "correctness", "readability" - ] + ], + "implementation_scope": { + "description": "This query does not detect the case where an undefined character is used but not actually evaluated, for example, as a result of the inclusion of a logical AND operator in the #if expression.", + "items": [] + } } ], "title": "Undefined macro identifiers shall not be used in #if or #elif pre-processor directives, except as operands to the defined operator." diff --git a/rules.csv b/rules.csv index c4e9e0224..a9c027280 100755 --- a/rules.csv +++ b/rules.csv @@ -592,12 +592,12 @@ c,CERT-C,SIG30-C,Yes,Rule,,,Call only asynchronous-safe functions within signal c,CERT-C,SIG31-C,Yes,Rule,,,Do not access shared objects in signal handlers,,Contracts,Medium, c,CERT-C,SIG34-C,Yes,Rule,,,Do not call signal() from within interruptible signal handlers,,Contracts,Medium, c,CERT-C,SIG35-C,Yes,Rule,,,Do not return from a computational exception signal handler,,Contracts,Easy, -c,CERT-C,STR30-C,Yes,Rule,,,Do not attempt to modify string literals,,Strings,Medium, -c,CERT-C,STR31-C,Yes,Rule,,,Guarantee that storage for strings has sufficient space for character data and the null terminator,STR50-CPP,Strings,Very Hard, -c,CERT-C,STR32-C,Yes,Rule,,,Do not pass a non-null-terminated character sequence to a library function that expects a string,STR51-CPP,Strings,Very Hard, -c,CERT-C,STR34-C,Yes,Rule,,,Cast characters to unsigned char before converting to larger integer sizes,,Strings,Hard, -c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be representable as an unsigned char,,Strings,Medium, -c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings,Medium, +c,CERT-C,STR30-C,Yes,Rule,,,Do not attempt to modify string literals,,Strings1,Medium, +c,CERT-C,STR31-C,Yes,Rule,,,Guarantee that storage for strings has sufficient space for character data and the null terminator,STR50-CPP,Strings1,Very Hard, +c,CERT-C,STR32-C,Yes,Rule,,,Do not pass a non-null-terminated character sequence to a library function that expects a string,STR51-CPP,Strings1,Very Hard, +c,CERT-C,STR34-C,Yes,Rule,,,Cast characters to unsigned char before converting to larger integer sizes,,Strings2,Hard, +c,CERT-C,STR37-C,Yes,Rule,,,Arguments to character-handling functions must be representable as an unsigned char,,Strings2,Medium, +c,CERT-C,STR38-C,Yes,Rule,,,Do not confuse narrow and wide character strings and functions,,Strings2,Medium, c,CERT-C,WIN30-C,OutOfScope,Rule,,,Properly pair allocation and deallocation functions,DCL54-CPP,,Easy, c,MISRA-C-2012,RULE-1-1,No,Required,,,Any implementation-defined behaviour on which the output of the program depends shall be documented and understood,,,, c,MISRA-C-2012,RULE-2-1,Yes,Required,,,All source files shall compile without any compilation errors,A1-4-3,Language,Medium, @@ -688,7 +688,7 @@ c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5 c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy, c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium, c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium, -c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects2,Medium, +c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects,Medium, c,MISRA-C-2012,RULE-13-3,Yes,Advisory,,,A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator,,SideEffects2,Medium, c,MISRA-C-2012,RULE-13-4,Yes,Advisory,,,The result of an assignment operator should not be used,M6-2-1,SideEffects1,Easy, c,MISRA-C-2012,RULE-13-5,Yes,Required,,,The right hand operand of a logical && or || operator shall not contain persistent side effects,M5-14-1,SideEffects1,Import, diff --git a/scripts/generate_rules/templates/template-implementation.qhelp b/scripts/generate_rules/templates/template-implementation.qhelp deleted file mode 100644 index a01fab8d1..000000000 --- a/scripts/generate_rules/templates/template-implementation.qhelp +++ /dev/null @@ -1,8 +0,0 @@ - - - -

    None

    -     -     \ No newline at end of file diff --git a/scripts/generate_rules/templates/template.qhelp b/scripts/generate_rules/templates/template.qhelp index 144340ae0..dbad35813 100644 --- a/scripts/generate_rules/templates/template.qhelp +++ b/scripts/generate_rules/templates/template.qhelp @@ -20,9 +20,6 @@ {% endif %} {% endif %} -
    - -
    {% if standard_title | length %}