-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathAV Rule 210.ql
More file actions
70 lines (64 loc) · 2.28 KB
/
AV Rule 210.ql
File metadata and controls
70 lines (64 loc) · 2.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
/**
* @name AV Rule 210
* @description Algorithms shall not make assumptions concerning how
* data is represented in memory.
* @kind problem
* @id cpp/jsf/av-rule-210
* @problem.severity error
* @precision low
* @tags correctness
* portability
* external/jsf
*/
import cpp
/*
* The standard lists three things that are disallowed in particular:
* - relying on big vs. little endian representation
* - relying on base class subobject ordering in derived classes
* - relying on nonstatic data member ordering across access specifiers
*
* We currently only check for violations of the first one, in a similar way
* to AV Rule 147: No casts from pointers to/arrays of integrals to pointers to
* integrals of a different size, no unions that both contain an integral and
* an array of smaller integrals.
*/
class PointerOrArrayType extends DerivedType {
PointerOrArrayType() { this instanceof PointerType or this instanceof ArrayType }
}
// cast from pointer to integral type to pointer to a different integral type
class ExposingIntegralCastExpr extends Expr {
ExposingIntegralCastExpr() {
exists(
PointerOrArrayType src, PointerOrArrayType dst, IntegralType srcbase, IntegralType dstbase
|
src = this.getUnderlyingType() and
srcbase = src.getBaseType().getUnderlyingType() and
dst = this.getActualType() and
dstbase = dst.getBaseType().getUnderlyingType() and
srcbase != dstbase
)
}
}
class ExposingIntegralUnion extends Union {
ExposingIntegralUnion() {
exists(MemberVariable mv1, MemberVariable mv2, IntegralType mv1tp, IntegralType mv2tp |
mv1 = this.getAMemberVariable() and
mv2 = this.getAMemberVariable() and
mv1tp = mv1.getUnderlyingType() and
(
mv2tp = mv2.getUnderlyingType()
or
mv2tp = mv2.getUnderlyingType().(ArrayType).getBaseType().getUnderlyingType()
) and
mv1tp.getSize() > mv2tp.getSize()
)
}
}
from Element e, string message
where
e instanceof ExposingIntegralCastExpr and
message = "AV Rule 210: This cast makes assumptions concerning data representation in memory."
or
e instanceof ExposingIntegralUnion and
message = "AV Rule 210: This union may make assumptions concerning data representation in memory."
select e, message