IntegerOverflow: Add package files.

Author: lcartey

cpp/common/src/codingstandards/cpp/exclusions/c/IntegerOverflow.qll

@@ -0,0 +1,112 @@
+//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY.  **/
+import cpp
+import RuleMetadata
+import codingstandards.cpp.exclusions.RuleMetadata
+
+newtype IntegerOverflowQuery =
+  TUnsignedIntegerOperationsWrapAroundQuery() or
+  TIntegerConversionCausesDataLossQuery() or
+  TSignedIntegerOverflowQuery() or
+  TDivOrRemByZeroQuery() or
+  TUseCorrectIntegerPrecisionsQuery() or
+  TConstantUnsignedIntegerExpressionsWrapAroundQuery()
+
+predicate isIntegerOverflowQueryMetadata(Query query, string queryId, string ruleId, string category) {
+  query =
+    // `Query` instance for the `unsignedIntegerOperationsWrapAround` query
+    IntegerOverflowPackage::unsignedIntegerOperationsWrapAroundQuery() and
+  queryId =
+    // `@id` for the `unsignedIntegerOperationsWrapAround` query
+    "c/cert/unsigned-integer-operations-wrap-around" and
+  ruleId = "INT30-C" and
+  category = "rule"
+  or
+  query =
+    // `Query` instance for the `integerConversionCausesDataLoss` query
+    IntegerOverflowPackage::integerConversionCausesDataLossQuery() and
+  queryId =
+    // `@id` for the `integerConversionCausesDataLoss` query
+    "c/cert/integer-conversion-causes-data-loss" and
+  ruleId = "INT31-C" and
+  category = "rule"
+  or
+  query =
+    // `Query` instance for the `signedIntegerOverflow` query
+    IntegerOverflowPackage::signedIntegerOverflowQuery() and
+  queryId =
+    // `@id` for the `signedIntegerOverflow` query
+    "c/cert/signed-integer-overflow" and
+  ruleId = "INT32-C" and
+  category = "rule"
+  or
+  query =
+    // `Query` instance for the `divOrRemByZero` query
+    IntegerOverflowPackage::divOrRemByZeroQuery() and
+  queryId =
+    // `@id` for the `divOrRemByZero` query
+    "c/cert/div-or-rem-by-zero" and
+  ruleId = "INT33-C" and
+  category = "rule"
+  or
+  query =
+    // `Query` instance for the `useCorrectIntegerPrecisions` query
+    IntegerOverflowPackage::useCorrectIntegerPrecisionsQuery() and
+  queryId =
+    // `@id` for the `useCorrectIntegerPrecisions` query
+    "c/cert/use-correct-integer-precisions" and
+  ruleId = "INT35-C" and
+  category = "rule"
+  or
+  query =
+    // `Query` instance for the `constantUnsignedIntegerExpressionsWrapAround` query
+    IntegerOverflowPackage::constantUnsignedIntegerExpressionsWrapAroundQuery() and
+  queryId =
+    // `@id` for the `constantUnsignedIntegerExpressionsWrapAround` query
+    "c/misra/constant-unsigned-integer-expressions-wrap-around" and
+  ruleId = "RULE-12-4" and
+  category = "advisory"
+}
+
+module IntegerOverflowPackage {
+  Query unsignedIntegerOperationsWrapAroundQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `unsignedIntegerOperationsWrapAround` query
+      TQueryC(TIntegerOverflowPackageQuery(TUnsignedIntegerOperationsWrapAroundQuery()))
+  }
+
+  Query integerConversionCausesDataLossQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `integerConversionCausesDataLoss` query
+      TQueryC(TIntegerOverflowPackageQuery(TIntegerConversionCausesDataLossQuery()))
+  }
+
+  Query signedIntegerOverflowQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `signedIntegerOverflow` query
+      TQueryC(TIntegerOverflowPackageQuery(TSignedIntegerOverflowQuery()))
+  }
+
+  Query divOrRemByZeroQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `divOrRemByZero` query
+      TQueryC(TIntegerOverflowPackageQuery(TDivOrRemByZeroQuery()))
+  }
+
+  Query useCorrectIntegerPrecisionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `useCorrectIntegerPrecisions` query
+      TQueryC(TIntegerOverflowPackageQuery(TUseCorrectIntegerPrecisionsQuery()))
+  }
+
+  Query constantUnsignedIntegerExpressionsWrapAroundQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `constantUnsignedIntegerExpressionsWrapAround` query
+      TQueryC(TIntegerOverflowPackageQuery(TConstantUnsignedIntegerExpressionsWrapAroundQuery()))
+  }
+}

cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll

@@ -30,6 +30,7 @@ import IO1
 import IO2
 import IO3
 import IO4
+import IntegerOverflow
 import InvalidMemory1
 import Language1
 import Language2
@@ -81,6 +82,7 @@ newtype TCQuery =
   TIO2PackageQuery(IO2Query q) or
   TIO3PackageQuery(IO3Query q) or
   TIO4PackageQuery(IO4Query q) or
+  TIntegerOverflowPackageQuery(IntegerOverflowQuery q) or
   TInvalidMemory1PackageQuery(InvalidMemory1Query q) or
   TLanguage1PackageQuery(Language1Query q) or
   TLanguage2PackageQuery(Language2Query q) or
@@ -132,6 +134,7 @@ predicate isQueryMetadata(Query query, string queryId, string ruleId, string cat
   isIO2QueryMetadata(query, queryId, ruleId, category) or
   isIO3QueryMetadata(query, queryId, ruleId, category) or
   isIO4QueryMetadata(query, queryId, ruleId, category) or
+  isIntegerOverflowQueryMetadata(query, queryId, ruleId, category) or
   isInvalidMemory1QueryMetadata(query, queryId, ruleId, category) or
   isLanguage1QueryMetadata(query, queryId, ruleId, category) or
   isLanguage2QueryMetadata(query, queryId, ruleId, category) or

rule_packages/c/IntegerOverflow.json

@@ -0,0 +1,124 @@
+{
+  "CERT-C": {
+    "INT30-C": {
+      "properties": {
+        "obligation": "rule"
+      },
+      "queries": [
+        {
+          "description": "Unsigned integer expressions do not strictly overflow, but instead wrap around in a modular way. If the size of the type is not sufficient, this can happen unexpectedly.",
+          "kind": "problem",
+          "name": "Ensure that unsigned integer operations do not wrap",
+          "precision": "high",
+          "severity": "error",
+          "short_name": "UnsignedIntegerOperationsWrapAround",
+          "tags": [
+            "correctness",
+            "security"
+          ]
+        }
+      ],
+      "title": "Ensure that unsigned integer operations do not wrap"
+    },
+    "INT31-C": {
+      "properties": {
+        "obligation": "rule"
+      },
+      "queries": [
+        {
+          "description": "",
+          "kind": "problem",
+          "name": "Ensure that integer conversions do not result in lost or misinterpreted data",
+          "precision": "high",
+          "severity": "error",
+          "short_name": "IntegerConversionCausesDataLoss",
+          "tags": [
+            "correctness"
+          ]
+        }
+      ],
+      "title": "Ensure that integer conversions do not result in lost or misinterpreted data"
+    },
+    "INT32-C": {
+      "properties": {
+        "obligation": "rule"
+      },
+      "queries": [
+        {
+          "description": "",
+          "kind": "problem",
+          "name": "Ensure that operations on signed integers do not result in overflow",
+          "precision": "high",
+          "severity": "error",
+          "short_name": "SignedIntegerOverflow",
+          "tags": [
+            "correctness",
+            "security"
+          ]
+        }
+      ],
+      "title": "Ensure that operations on signed integers do not result in overflow"
+    },
+    "INT33-C": {
+      "properties": {
+        "obligation": "rule"
+      },
+      "queries": [
+        {
+          "description": "Dividing or taking the remainder by zero is undefined behavior.",
+          "kind": "problem",
+          "name": "Ensure that division and remainder operations do not result in divide-by-zero errors",
+          "precision": "high",
+          "severity": "error",
+          "short_name": "DivOrRemByZero",
+          "tags": [
+            "correctness"
+          ]
+        }
+      ],
+      "title": "Ensure that division and remainder operations do not result in divide-by-zero errors"
+    },
+    "INT35-C": {
+      "properties": {
+        "obligation": "rule"
+      },
+      "queries": [
+        {
+          "description": "",
+          "kind": "problem",
+          "name": "Use correct integer precisions",
+          "precision": "high",
+          "severity": "error",
+          "short_name": "UseCorrectIntegerPrecisions",
+          "tags": [
+            "correctness"
+          ]
+        }
+      ],
+      "title": "Use correct integer precisions"
+    }
+  },
+  "MISRA-C-2012": {
+    "RULE-12-4": {
+      "properties": {
+        "obligation": "advisory"
+      },
+      "queries": [
+        {
+          "description": "Unsigned integer expressions do not strictly overflow, but instead wrap around in a modular way. Any constant unsigned integer expressions that in effect \"overflow\" will not be detected by the compiler. Although there may be good reasons at run-time to rely on the modular arithmetic provided by unsigned integer types, the reasons for using it at compile-time to evaluate a constant expression are less obvious. Any instance of an unsigned integer constant expression wrapping around is therefore likely to indicate a programming error.",
+          "kind": "problem",
+          "name": "Evaluation of constant expressions should not lead to unsigned integer wrap-around",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "ConstantUnsignedIntegerExpressionsWrapAround",
+          "shared_implementation_short_name": "ConstantUnsignedIntegerExpressionsWrapAround",
+          "tags": [
+            "correctness",
+            "security"
+          ]
+        }
+      ],
+      "title": "Evaluation of constant expressions should not lead to unsigned integer wrap-around"
+    }
+  }
+}

rule_packages/cpp/Expressions.json

@@ -249,6 +249,7 @@
           "precision": "very-high",
           "severity": "error",
           "short_name": "ConstantUnsignedIntegerExpressionsWrapAround",
+          "shared_implementation_short_name": "ConstantUnsignedIntegerExpressionsWrapAround",
           "tags": [
             "correctness",
             "security"

rules.csv

@@ -548,12 +548,12 @@ c,CERT-C,FLP32-C,Yes,Rule,,,Prevent or detect domain and range errors in math fu
 c,CERT-C,FLP34-C,Yes,Rule,,,Ensure that floating-point conversions are within range of the new type,,Types,Medium,
 c,CERT-C,FLP36-C,Yes,Rule,,,Preserve precision when converting integral values to floating-point type,,Types,Medium,
 c,CERT-C,FLP37-C,Yes,Rule,,,Do not use object representations to compare floating-point values,,Types,Medium,
-c,CERT-C,INT30-C,Yes,Rule,,,Ensure that unsigned integer operations do not wrap,A4-7-1,Types,Hard,
-c,CERT-C,INT31-C,Yes,Rule,,,Ensure that integer conversions do not result in lost or misinterpreted data,A4-7-1,Types,Hard,
-c,CERT-C,INT32-C,Yes,Rule,,,Ensure that operations on signed integers do not result in overflow,A4-7-1,Types,Hard,
-c,CERT-C,INT33-C,Yes,Rule,,,Ensure that division and remainder operations do not result in divide-by-zero errors,,Types,Hard,
+c,CERT-C,INT30-C,Yes,Rule,,,Ensure that unsigned integer operations do not wrap,A4-7-1,IntegerOverflow,Hard,
+c,CERT-C,INT31-C,Yes,Rule,,,Ensure that integer conversions do not result in lost or misinterpreted data,A4-7-1,IntegerOverflow,Hard,
+c,CERT-C,INT32-C,Yes,Rule,,,Ensure that operations on signed integers do not result in overflow,A4-7-1,IntegerOverflow,Hard,
+c,CERT-C,INT33-C,Yes,Rule,,,Ensure that division and remainder operations do not result in divide-by-zero errors,,IntegerOverflow,Hard,
 c,CERT-C,INT34-C,Yes,Rule,,,Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand,M5-8-1,Types,Import,
-c,CERT-C,INT35-C,Yes,Rule,,,Use correct integer precisions,,Types,Hard,
+c,CERT-C,INT35-C,Yes,Rule,,,Use correct integer precisions,,IntegerOverflow,Hard,
 c,CERT-C,INT36-C,Yes,Rule,,,Converting a pointer to integer or integer to pointer,M5-2-9,Types,Easy,
 c,CERT-C,MEM30-C,Yes,Rule,,,Do not access freed memory,MEM50-CPP,InvalidMemory1,Import,
 c,CERT-C,MEM31-C,Yes,Rule,,,Free dynamically allocated memory when no longer needed,,Memory2,Very Hard,
@@ -685,7 +685,7 @@ c,MISRA-C-2012,RULE-11-9,Yes,Required,,,The macro NULL shall be the only permitt
 c,MISRA-C-2012,RULE-12-1,Yes,Advisory,,,The precedence of operators within expressions should be made explicit,,SideEffects1,Medium,
 c,MISRA-C-2012,RULE-12-2,Yes,Required,,,The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the left hand operand,,Contracts,Medium,
 c,MISRA-C-2012,RULE-12-3,Yes,Advisory,,,The comma operator should not be used,M5-18-1,Banned,Import,
-c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,Types,Easy,
+c,MISRA-C-2012,RULE-12-4,Yes,Advisory,,,Evaluation of constant expressions should not lead to unsigned integer wrap-around,INT30-C,IntegerOverflow,Easy,
 c,MISRA-C-2012,RULE-12-5,Yes,Mandatory,,,The sizeof operator shall not have an operand which is a function parameter declared as �array of type�,,Types,Medium,
 c,MISRA-C-2012,RULE-13-1,Yes,Required,,,Initializer lists shall not contain persistent side effects,,SideEffects1,Medium,
 c,MISRA-C-2012,RULE-13-2,Yes,Required,,,The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders,PRE31-C,SideEffects,Medium,