Implement BannedAPIs package

cpp/autosar/src/codingstandards/cpp/CommonTypes.qll

@@ -1,7 +1,7 @@
 import cpp as default
 
 /*
- * Implementations of the C/C++ Fixed Width Types from cstdint.h.
+ * Implementations of the C/C++ Fixed Width Types from cstdint.
  *
  * TODO: Deprecate once this is available in the CodeQL standard library.
  */

cpp/common/src/codingstandards/cpp/BannedFunctions.qll

@@ -0,0 +1,69 @@
+/**
+ * A library for supporting the consistent detection of banned functions in C++ code.
+ */
+
+import cpp
+import AlertReporting
+
+/**
+ * A signature for a banned function.
+ */
+signature class BannedFunction extends Function;
+
+/**
+ * A module for detecting uses of banned functions in C++ code.
+ */
+module BannedFunctions<BannedFunction F> {
+  final private class FinalExpr = Expr;
+
+  /**
+   * An expression that uses a banned function.
+   *
+   * It can be either a function call or a function access (taking the address of the function).
+   */
+  class UseExpr extends FinalExpr {
+    string action;
+    F bannedFunction;
+
+    UseExpr() {
+      this.(FunctionCall).getTarget() = bannedFunction and
+      action = "Call to"
+      or
+      this.(FunctionAccess).getTarget() = bannedFunction and
+      action = "Address taken for"
+    }
+
+    string getFunctionName() { result = bannedFunction.getName() }
+
+    string getAction() { result = action }
+
+    Element getPrimaryElement() {
+      // If this is defined in a macro in the users source location, then report the macro
+      // expansion, otherwise report the element itself. This ensures that we always report
+      // the use of the terminating function, but combine usages when the macro is defined
+      // by the user.
+      exists(Element e | e = MacroUnwrapper<UseExpr>::unwrapElement(this) |
+        if exists(e.getFile().getRelativePath()) then result = e else result = this
+      )
+    }
+  }
+
+  final private class FinalElement = Element;
+
+  /**
+   * A `Use` of a banned function.
+   *
+   * This is an `Element` in a program which represents the use of a banned function.
+   * For uses within macro expansions, this may report the location of the macro, if
+   * it is defined within the user's source code.
+   */
+  class Use extends FinalElement {
+    UseExpr use;
+
+    Use() { this = use.getPrimaryElement() }
+
+    string getFunctionName() { result = use.getFunctionName() }
+
+    string getAction() { result = use.getAction() }
+  }
+}

cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedAPIs.qll

@@ -0,0 +1,163 @@
+//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY.  **/
+import cpp
+import RuleMetadata
+import codingstandards.cpp.exclusions.RuleMetadata
+
+newtype BannedAPIsQuery =
+  TAvoidProgramTerminatingFunctionsQuery() or
+  TNoVariadicFunctionMacrosQuery() or
+  TNoCsetjmpHeaderQuery() or
+  TUnsafeStringHandlingFunctionsQuery() or
+  TBannedSystemFunctionQuery() or
+  TUseSmartPtrFactoryFunctionsQuery() or
+  TCharacterHandlingFunctionRestrictionsQuery() or
+  TNoMemoryFunctionsFromCStringQuery() or
+  TLocaleGlobalFunctionNotAllowedQuery()
+
+predicate isBannedAPIsQueryMetadata(Query query, string queryId, string ruleId, string category) {
+  query =
+    // `Query` instance for the `avoidProgramTerminatingFunctions` query
+    BannedAPIsPackage::avoidProgramTerminatingFunctionsQuery() and
+  queryId =
+    // `@id` for the `avoidProgramTerminatingFunctions` query
+    "cpp/misra/avoid-program-terminating-functions" and
+  ruleId = "RULE-18-5-2" and
+  category = "advisory"
+  or
+  query =
+    // `Query` instance for the `noVariadicFunctionMacros` query
+    BannedAPIsPackage::noVariadicFunctionMacrosQuery() and
+  queryId =
+    // `@id` for the `noVariadicFunctionMacros` query
+    "cpp/misra/no-variadic-function-macros" and
+  ruleId = "RULE-21-10-1" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `noCsetjmpHeader` query
+    BannedAPIsPackage::noCsetjmpHeaderQuery() and
+  queryId =
+    // `@id` for the `noCsetjmpHeader` query
+    "cpp/misra/no-csetjmp-header" and
+  ruleId = "RULE-21-10-2" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `unsafeStringHandlingFunctions` query
+    BannedAPIsPackage::unsafeStringHandlingFunctionsQuery() and
+  queryId =
+    // `@id` for the `unsafeStringHandlingFunctions` query
+    "cpp/misra/unsafe-string-handling-functions" and
+  ruleId = "RULE-21-2-2" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `bannedSystemFunction` query
+    BannedAPIsPackage::bannedSystemFunctionQuery() and
+  queryId =
+    // `@id` for the `bannedSystemFunction` query
+    "cpp/misra/banned-system-function" and
+  ruleId = "RULE-21-2-3" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `useSmartPtrFactoryFunctions` query
+    BannedAPIsPackage::useSmartPtrFactoryFunctionsQuery() and
+  queryId =
+    // `@id` for the `useSmartPtrFactoryFunctions` query
+    "cpp/misra/use-smart-ptr-factory-functions" and
+  ruleId = "RULE-23-11-1" and
+  category = "advisory"
+  or
+  query =
+    // `Query` instance for the `characterHandlingFunctionRestrictions` query
+    BannedAPIsPackage::characterHandlingFunctionRestrictionsQuery() and
+  queryId =
+    // `@id` for the `characterHandlingFunctionRestrictions` query
+    "cpp/misra/character-handling-function-restrictions" and
+  ruleId = "RULE-24-5-1" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `noMemoryFunctionsFromCString` query
+    BannedAPIsPackage::noMemoryFunctionsFromCStringQuery() and
+  queryId =
+    // `@id` for the `noMemoryFunctionsFromCString` query
+    "cpp/misra/no-memory-functions-from-c-string" and
+  ruleId = "RULE-24-5-2" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `localeGlobalFunctionNotAllowed` query
+    BannedAPIsPackage::localeGlobalFunctionNotAllowedQuery() and
+  queryId =
+    // `@id` for the `localeGlobalFunctionNotAllowed` query
+    "cpp/misra/locale-global-function-not-allowed" and
+  ruleId = "RULE-25-5-1" and
+  category = "required"
+}
+
+module BannedAPIsPackage {
+  Query avoidProgramTerminatingFunctionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `avoidProgramTerminatingFunctions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TAvoidProgramTerminatingFunctionsQuery()))
+  }
+
+  Query noVariadicFunctionMacrosQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `noVariadicFunctionMacros` query
+      TQueryCPP(TBannedAPIsPackageQuery(TNoVariadicFunctionMacrosQuery()))
+  }
+
+  Query noCsetjmpHeaderQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `noCsetjmpHeader` query
+      TQueryCPP(TBannedAPIsPackageQuery(TNoCsetjmpHeaderQuery()))
+  }
+
+  Query unsafeStringHandlingFunctionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `unsafeStringHandlingFunctions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TUnsafeStringHandlingFunctionsQuery()))
+  }
+
+  Query bannedSystemFunctionQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `bannedSystemFunction` query
+      TQueryCPP(TBannedAPIsPackageQuery(TBannedSystemFunctionQuery()))
+  }
+
+  Query useSmartPtrFactoryFunctionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `useSmartPtrFactoryFunctions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TUseSmartPtrFactoryFunctionsQuery()))
+  }
+
+  Query characterHandlingFunctionRestrictionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `characterHandlingFunctionRestrictions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TCharacterHandlingFunctionRestrictionsQuery()))
+  }
+
+  Query noMemoryFunctionsFromCStringQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `noMemoryFunctionsFromCString` query
+      TQueryCPP(TBannedAPIsPackageQuery(TNoMemoryFunctionsFromCStringQuery()))
+  }
+
+  Query localeGlobalFunctionNotAllowedQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `localeGlobalFunctionNotAllowed` query
+      TQueryCPP(TBannedAPIsPackageQuery(TLocaleGlobalFunctionNotAllowedQuery()))
+  }
+}

cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll

@@ -3,6 +3,7 @@ import cpp
 import codingstandards.cpp.exclusions.RuleMetadata
 //** Import packages for this language **/
 import Allocations
+import BannedAPIs
 import BannedFunctions
 import BannedLibraries
 import BannedSyntax
@@ -58,6 +59,7 @@ import VirtualFunctions
 /** The TQuery type representing this language * */
 newtype TCPPQuery =
   TAllocationsPackageQuery(AllocationsQuery q) or
+  TBannedAPIsPackageQuery(BannedAPIsQuery q) or
   TBannedFunctionsPackageQuery(BannedFunctionsQuery q) or
   TBannedLibrariesPackageQuery(BannedLibrariesQuery q) or
   TBannedSyntaxPackageQuery(BannedSyntaxQuery q) or
@@ -113,6 +115,7 @@ newtype TCPPQuery =
 /** The metadata predicate * */
 predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) {
   isAllocationsQueryMetadata(query, queryId, ruleId, category) or
+  isBannedAPIsQueryMetadata(query, queryId, ruleId, category) or
   isBannedFunctionsQueryMetadata(query, queryId, ruleId, category) or
   isBannedLibrariesQueryMetadata(query, queryId, ruleId, category) or
   isBannedSyntaxQueryMetadata(query, queryId, ruleId, category) or

cpp/common/test/includes/custom-library/custom_abort.h

@@ -0,0 +1,3 @@
+// Used for RULE-18-5-2 for library aborts
+#include <cstdlib>
+#define LIBRARY_ABORT() std::abort()

cpp/common/test/includes/standard-library/cctype

@@ -1 +1,20 @@
-#include "ctype.h"
+#ifndef _GHLIBCPP_CCTYPE
+#define _GHLIBCPP_CCTYPE
+#include "ctype.h"
+namespace std {
+using ::isalnum;
+using ::isalpha;
+using ::isblank;
+using ::iscntrl;
+using ::isdigit;
+using ::isgraph;
+using ::islower;
+using ::isprint;
+using ::ispunct;
+using ::isspace;
+using ::isupper;
+using ::isxdigit;
+using ::tolower;
+using ::toupper;
+} // namespace std
+#endif // _GHLIBCPP_CCTYPE

cpp/common/test/includes/standard-library/cinttypes

@@ -1 +1,12 @@
-#include <inttypes.h>
+#ifndef _GHLIBCPP_CINTTYPES
+#define _GHLIBCPP_CINTTYPES
+#include "inttypes.h"
+
+namespace std {
+using ::strtoimax;
+using ::strtoumax;
+using ::wcstoimax;
+using ::wcstoumax;
+} // namespace std
+
+#endif // _GHLIBCPP_CINTTYPES

cpp/common/test/includes/standard-library/clocale

@@ -1,4 +1,5 @@
-#pragma once
+#ifndef _GHLIBCPP_CLOCALE
+#define _GHLIBCPP_CLOCALE
 
 #define NULL 0
 #define LC_ALL 0
@@ -15,3 +16,5 @@ using ::lconv;
 using ::localeconv;
 using ::setlocale;
 } // namespace std
+
+#endif // _GHLIBCPP_CLOCALE

cpp/common/test/includes/standard-library/csetjmp

@@ -0,0 +1,12 @@
+#ifndef _GHLIBCPP_CSETJMP
+#define _GHLIBCPP_CSETJMP
+
+#include "setjmp.h"
+
+// C++ std namespace declarations
+namespace std {
+using ::jmp_buf;
+using ::longjmp;
+} // namespace std
+
+#endif // _GHLIBCPP_CSETJMP

cpp/common/test/includes/standard-library/cstdarg

@@ -1,9 +1,9 @@
 #pragma once
+#ifndef _GHLIBCPP_CSTDARG
+#define _GHLIBCPP_CSTDARG
+#include "stdarg.h"
 
 namespace std {
-    typedef __builtin_va_list va_list;
+using ::va_list;
 } // namespace std
-
-#define va_arg(v, p) __builtin_va_arg(v, p)
-#define va_end(v) __builtin_va_end(v)
-#define va_start(v,l)  __builtin_va_start(v,l)
+#endif // _GHLIBCPP_CSTDARG

cpp/common/test/includes/standard-library/cstdint

@@ -1,6 +1,20 @@
-#ifndef _CPP_CSTDINT
-#define _CPP_CSTDINT
-
-#define MAX_INT
-#include <cstdint.h>
-#endif
+#ifndef _GHLIBCPP_CSTDINT
+#define _GHLIBCPP_CSTDINT
+#include "stdint.h"
+namespace std {
+using ::int16_t;
+using ::int32_t;
+using ::int64_t;
+using ::int8_t;
+using ::intmax_t;
+using ::uint16_t;
+using ::uint32_t;
+using ::uint64_t;
+using ::uint8_t;
+using ::uint_fast16_t;
+using ::uint_fast32_t;
+using ::uint_fast64_t;
+using ::uint_fast8_t;
+using ::uintmax_t;
+} // namespace std
+#endif // _GHLIBCPP_CSTDINT