Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 62b030d

Browse files
zlaski-semmlezlaski-semmle
committed
[CPP-340] Add a fourth query, ArgumentsToImplicit.ql, to deal strictly with implicitly declared
 functions. TooManyArguments.ql will now deal with explicitly declared/prototyped functions.
1 parent 65130c4 commit 62b030d

7 files changed

Lines changed: 94 additions & 2 deletions

File tree

cpp/ql/src/Likely Bugs/Underspecified Functions/ArgumentsToImplicit.c

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
2+
void calls() {
3+
4+
undeclared(); // GOOD
5+
6+
undeclared(1); // BAD
7+
8+
undeclared(1, 2); // BAD
9+
}

cpp/ql/src/Likely Bugs/Underspecified Functions/ArgumentsToImplicit.qhelp

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
<!DOCTYPE qhelp PUBLIC
2+
"-//Semmle//qhelp//EN"
3+
"qhelp.dtd">
4+
<qhelp>
5+
6+
7+
<overview>
8+
<p>An implicitly-declared function is called with arguments.</p>
9+
10+
<p>This may indicate that an incorrect function is being called, or that the signature
11+
(parameter list) of the called function is not known to the author.</p>
12+
13+
<p>In C, an implicitly declared function is assumed to accept no arguments. Providing
14+
these arguments incurs an unneeded computational overhead, both
15+
in terms of time and of additional stack space.</p>
16+
17+
</overview>
18+
<recommendation>
19+
<p>Call the function without any arguments.</p>
20+
21+
</recommendation>
22+
<example><sample src="ArgumentsToImplicit.c" />
23+
24+
</example>
25+
26+
<references>
27+
<li>SEI CERT C Coding Standard: <a href="https://wiki.sei.cmu.edu/confluence/display/c/DCL20-C.+Explicitly+specify+void+when+a+function+accepts+no+arguments"> DCL20-C. Explicitly specify void when a function accepts no arguments </a></li>
28+
</references>
29+
</qhelp>

cpp/ql/src/Likely Bugs/Underspecified Functions/ArgumentsToImplicit.ql

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
/**
2+
* @name Call with arguments to an implicitly declared function
3+
* @description A function call passed arguments even though the
4+
* function in question is only implicitly declared (and
5+
* hence accepting no arguments). This may indicate
6+
* that the code does not follow the author's intent.
7+
* @kind problem
8+
* @problem.severity warning
9+
* @precision very-high
10+
* @id cpp/arguments-to-implicit
11+
* @tags correctness
12+
* maintainability
13+
*/
14+
15+
import cpp
16+
17+
// True if there is no explicit definition of the function
18+
predicate hasNoExplicitDecl(Function f) {
19+
not exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() |
20+
not fde.isImplicit()
21+
)
22+
}
23+
24+
// True if this file (or header) was compiled as a C file
25+
predicate isCompiledAsC(Function f) {
26+
exists(File file | file.compiledAsC() |
27+
file = f.getFile() or file.getAnIncludedFile+() = f.getFile()
28+
)
29+
}
30+
31+
predicate isWhitelisted(Function f) {
32+
f instanceof BuiltInFunction
33+
or
34+
// The following list can be expanded as the need arises
35+
exists(string name | name = f.getName() |
36+
name = "static_assert" or
37+
name = "_Static_assert" or
38+
name = "strptime"
39+
)
40+
}
41+
42+
from FunctionCall fc, Function f
43+
where
44+
f = fc.getTarget() and
45+
hasNoExplicitDecl(f) and
46+
isCompiledAsC(f) and
47+
not isWhitelisted(f) and
48+
fc.getNumberOfArguments() > 0
49+
select fc, "This call to an implicitly declared function $@ has arguments.", f, f.toString()

cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.ql

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,9 +14,13 @@
1414
import cpp
1515

1616
// True if function was ()-declared, but not (void)-declared or K&R-defined
17+
// or implicitly declared (i.e., lacking a prototype)
1718
predicate hasZeroParamDecl(Function f) {
1819
exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() |
19-
not fde.hasVoidParamList() and fde.getNumberOfParameters() = 0 and not fde.isDefinition()
20+
not fde.isImplicit() and
21+
not fde.hasVoidParamList() and
22+
fde.getNumberOfParameters() = 0 and
23+
not fde.isDefinition()
2024
)
2125
}
2226

cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/ArgumentsToImplicit.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
| test.c:28:3:28:12 | call to undeclared | This call to an implicitly declared function $@ has arguments. | test.c:27:3:27:3 | undeclared | undeclared |

cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/ArgumentsToImplicit.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Likely Bugs/Underspecified Functions/ArgumentsToImplicit.ql

cpp/ql/test/query-tests/Likely Bugs/Underspecified Functions/TooManyArguments.expected

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,4 @@
11
| test.c:23:3:23:16 | call to declared_empty | This call has more arguments than required by $@. | test.c:1:6:1:19 | declared_empty | declared_empty |
2-
| test.c:28:3:28:12 | call to undeclared | This call has more arguments than required by $@. | test.c:27:3:27:3 | undeclared | undeclared |
32
| test.c:30:3:30:19 | call to not_yet_declared1 | This call has more arguments than required by $@. | test.c:30:3:30:3 | not_yet_declared1 | not_yet_declared1 |
43
| test.c:30:3:30:19 | call to not_yet_declared1 | This call has more arguments than required by $@. | test.c:65:6:65:22 | not_yet_declared1 | not_yet_declared1 |
54
| test.c:40:3:40:29 | call to declared_empty_defined_with | This call has more arguments than required by $@. | test.c:67:6:67:32 | declared_empty_defined_with | declared_empty_defined_with |

0 commit comments

Comments
 (0)