From 5cddabb1fdfd4677a98f06da6c787bdcd53bb186 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 14 Nov 2018 19:05:35 +0000 Subject: [PATCH 1/2] CPP: Add a test of AV Rule 165. --- .../AV Rule 165/AV Rule 165.expected | 10 +++++++ .../AV Rule 165/AV Rule 165.qlref | 1 + .../jsf/4.21 Operators/AV Rule 165/test.c | 27 +++++++++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected create mode 100644 cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.qlref create mode 100644 cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c diff --git a/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected new file mode 100644 index 000000000000..8cbaac1f40bb --- /dev/null +++ b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected @@ -0,0 +1,10 @@ +| test.c:6:6:6:8 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:9:7:9:9 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:12:7:12:9 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:18:7:18:14 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:19:7:19:23 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:20:7:20:21 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:22:8:22:11 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:23:8:23:11 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:24:6:24:7 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:25:7:25:9 | - ... | The unary minus operator should not be applied to an unsigned expression. | diff --git a/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.qlref b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.qlref new file mode 100644 index 000000000000..a6ee879dfe95 --- /dev/null +++ b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.qlref @@ -0,0 +1 @@ +jsf/4.21 Operators/AV Rule 165.ql diff --git a/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c new file mode 100644 index 000000000000..6845c418afc7 --- /dev/null +++ b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c @@ -0,0 +1,27 @@ + +typedef unsigned int TUI; + +void f(int i, unsigned int ui, signed int si, TUI tui, volatile unsigned int vui, unsigned u, unsigned short us) { + i = -i; + i = -ui; // BAD + i = -si; + ui = -i; + ui = -ui; // BAD + ui = -si; + si = -i; + si = -ui; // BAD + si = -si; + + i = -(int)i; + i = -(unsigned int)i; // BAD [NOT DETECTED] + i = -(signed int)i; + ui = -(int)ui; // [FALSE POSITIVE] + ui = -(unsigned int)ui; // BAD + ui = -(signed int)ui; // [FALSE POSITIVE] + + tui = -tui; // BAD + vui = -vui; // BAD + u = -u; // BAD + us = -us; // BAD + ui = -(5U); // BAD [NOT DETECTED] +} From 3f428a88768fb074253e21af97b5ad22b7e2e74a Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 14 Nov 2018 19:10:30 +0000 Subject: [PATCH 2/2] CPP: Fix for explicitly cast expressions. --- cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql | 2 +- .../jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected | 3 +-- .../test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c | 6 +++--- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql b/cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql index ba2e452eade8..e657be1844e7 100644 --- a/cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql +++ b/cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql @@ -11,6 +11,6 @@ import cpp // see MISRA Rule 5-3-2 from UnaryMinusExpr ume -where ume.getOperand().getUnderlyingType().(IntegralType).isUnsigned() +where ume.getOperand().getExplicitlyConverted().getUnderlyingType().(IntegralType).isUnsigned() and not ume.getOperand() instanceof Literal select ume, "The unary minus operator should not be applied to an unsigned expression." diff --git a/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected index 8cbaac1f40bb..5a6e6a66eefc 100644 --- a/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected +++ b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/AV Rule 165.expected @@ -1,9 +1,8 @@ | test.c:6:6:6:8 | - ... | The unary minus operator should not be applied to an unsigned expression. | | test.c:9:7:9:9 | - ... | The unary minus operator should not be applied to an unsigned expression. | | test.c:12:7:12:9 | - ... | The unary minus operator should not be applied to an unsigned expression. | -| test.c:18:7:18:14 | - ... | The unary minus operator should not be applied to an unsigned expression. | +| test.c:16:6:16:21 | - ... | The unary minus operator should not be applied to an unsigned expression. | | test.c:19:7:19:23 | - ... | The unary minus operator should not be applied to an unsigned expression. | -| test.c:20:7:20:21 | - ... | The unary minus operator should not be applied to an unsigned expression. | | test.c:22:8:22:11 | - ... | The unary minus operator should not be applied to an unsigned expression. | | test.c:23:8:23:11 | - ... | The unary minus operator should not be applied to an unsigned expression. | | test.c:24:6:24:7 | - ... | The unary minus operator should not be applied to an unsigned expression. | diff --git a/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c index 6845c418afc7..26d53e5a0c35 100644 --- a/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c +++ b/cpp/ql/test/query-tests/jsf/4.21 Operators/AV Rule 165/test.c @@ -13,11 +13,11 @@ void f(int i, unsigned int ui, signed int si, TUI tui, volatile unsigned int vui si = -si; i = -(int)i; - i = -(unsigned int)i; // BAD [NOT DETECTED] + i = -(unsigned int)i; // BAD i = -(signed int)i; - ui = -(int)ui; // [FALSE POSITIVE] + ui = -(int)ui; ui = -(unsigned int)ui; // BAD - ui = -(signed int)ui; // [FALSE POSITIVE] + ui = -(signed int)ui; tui = -tui; // BAD vui = -vui; // BAD