Merge pull request #635 from github/mabluda/fix576

STR34-C: Do not consider integer type aliases in templates

c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql

@@ -14,18 +14,11 @@
 
 import cpp
 import codingstandards.c.cert
-import semmle.code.cpp.commons.CommonType
+import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes
 
-from Cast c
-where
-  not isExcluded(c, Strings3Package::castCharBeforeConvertingToLargerSizesQuery()) and
-  // find cases where there is a conversion happening wherein the
-  // base type is a char
-  c.getExpr().getType() instanceof CharType and
-  not c.getExpr().getType() instanceof UnsignedCharType and
-  // it's a bigger type
-  c.getType().getSize() > c.getExpr().getType().getSize() and
-  // and it's some kind of integer type
-  c.getType() instanceof IntegralType
-select c.getExpr(),
-  "Expression not converted to `unsigned char` before converting to a larger integer type."
+class CastCharBeforeConvertingToLargerSizesQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery
+{
+  CastCharBeforeConvertingToLargerSizesQuery() {
+    this = Strings3Package::castCharBeforeConvertingToLargerSizesQuery()
+  }
+}

c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref

@@ -0,0 +1 @@
+c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql

c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected

@@ -0,0 +1,21 @@
+| test.c:9:7:9:14 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:11:30:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:31:3:31:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:31:11:31:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:33:11:33:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:34:11:34:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:35:3:35:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:35:11:35:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:36:3:36:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:36:11:36:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:37:3:37:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:37:11:37:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:38:3:38:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:38:11:38:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:39:11:39:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:11:40:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:11:41:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:12:42:13 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:11:44:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:45:11:45:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |

c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.clang → c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.clang

@@ -1,15 +1,15 @@
-| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:11:44:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:45:11:45:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |

c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.gcc → c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.gcc

@@ -1,15 +1,15 @@
-| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:11:44:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |

c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected.qcc → c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.qcc

@@ -1,15 +1,15 @@
-| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:42:3:42:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:43:3:43:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:3:44:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:45:3:45:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |

c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql

@@ -0,0 +1,4 @@
+// GENERATED FILE - DO NOT MODIFY
+import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes
+
+class TestFileQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery, TestQuery { }

c/cert/test/rules/STR34-C/test.c → c/common/test/rules/castcharbeforeconvertingtolargersizes/test.c

@@ -1,3 +1,5 @@
+// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C++ TEST CASE AND
+// CHANGES SHOULD BE REFLECTED THERE AS WELL.
 #include <ctype.h>
 #include <stdio.h>
 

change_notes/2024-07-05-fix-fp-576-STR34-C.md

@@ -0,0 +1,2 @@
+- `STR34-C` - `CastCharBeforeConvertingToLargerSizes.ql`:
+  - Fixes #576. Do not consider integer type aliases in templates.

cpp/common/src/codingstandards/cpp/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.qll

@@ -0,0 +1,26 @@
+/**
+ * Provides a library which includes a `problems` predicate for reporting....
+ */
+
+import cpp
+import codingstandards.cpp.Customizations
+import codingstandards.cpp.Exclusions
+
+abstract class CastCharBeforeConvertingToLargerSizesSharedQuery extends Query { }
+
+Query getQuery() { result instanceof CastCharBeforeConvertingToLargerSizesSharedQuery }
+
+query predicate problems(Cast c, string message) {
+  not isExcluded(c, getQuery()) and
+  // find cases where there is a conversion happening wherein the
+  // base type is a char
+  c.getExpr().getType() instanceof CharType and
+  not c.getExpr().getType() instanceof UnsignedCharType and
+  // it's a bigger type
+  c.getType().getSize() > c.getExpr().getType().getSize() and
+  // and it's some kind of integer type
+  c.getType().getUnderlyingType() instanceof IntegralType and
+  not c.isFromTemplateInstantiation(_) and
+  message =
+    "Expression not converted to `unsigned char` before converting to a larger integer type."
+}

cpp/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected

@@ -0,0 +1,2 @@
+| test.cpp:11:9:11:9 | (int32_t)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.cpp:12:41:12:41 | (signed int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |

cpp/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql

@@ -0,0 +1,4 @@
+// GENERATED FILE - DO NOT MODIFY
+import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes
+
+class TestFileQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery, TestQuery { }

cpp/common/test/rules/castcharbeforeconvertingtolargersizes/test.cpp

@@ -0,0 +1,17 @@
+// NOTICE: THE TEST CASES BELOW ARE ALSO INCLUDED IN THE C TEST CASE AND
+// CHANGES SHOULD BE REFLECTED THERE AS WELL.
+#include <cstdint>
+
+template <typename S, typename T> S get(T t) {
+  S s = t; // COMPLIANT
+  return s;
+}
+
+void test(std::int32_t i32, std::int8_t i8, char c) {
+  i32 = c;                                   // NON_COMPLIANT
+  i32 = get<std::int32_t, std::int32_t>(c);  // NON_COMPLIANT
+  i32 = get<std::int32_t, std::int8_t>(c);   // COMPLIANT
+  i32 = i8;                                  // COMPLIANT
+  i32 = get<std::int32_t, std::int32_t>(i8); // COMPLIANT
+  i32 = get<std::int32_t, std::int8_t>(i8);  // COMPLIANT
+}

rule_packages/c/Strings3.json

@@ -12,6 +12,7 @@
           "precision": "very-high",
           "severity": "error",
           "short_name": "CastCharBeforeConvertingToLargerSizes",
+          "shared_implementation_short_name": "CastCharBeforeConvertingToLargerSizes",
           "tags": [
             "correctness",
             "security"