Merge remote-tracking branch 'origin/next' into bump/master-next

Author: pavgust

cpp/ql/src/Critical/NotInitialised.ql

@@ -9,9 +9,7 @@
  */
 import cpp
 
-// This query is the JSF version
-//
-// (see also InitialisationNotRun.ql and GlobalUseBeforeInit.ql)
+// See also InitialisationNotRun.ql and GlobalUseBeforeInit.ql
 
 // Holds if s defines variable v (conservative)
 predicate defines(ControlFlowNode s, Variable lv) {

cpp/ql/src/META-INF/MANIFEST.MF

@@ -5,8 +5,12 @@
 
 
 <overview>
+
+<!-- Mention that this rule may not be applicable in projects that don't follow the JSF standard. -->
+<include src="cpp/jsfNote.qhelp" />
+
 <p>
-This rule finds calls to the standard library functions <code>abort, exit, getenv</code> and <code>system</code>.
+This query highlights calls to the standard library functions <code>abort, exit, getenv</code> and <code>system</code>.
 The functions <code>abort</code> and <code>exit</code> should not be called as they immediately terminate the program
 and will bypass all the normal error and exception handling routines in the software. This is especially important in
 software which is run on systems without an interactive OS, as restarting the software may require a complete reboot

cpp/ql/src/jsf/4.05 Libraries/AV Rule 24.qhelp

@@ -5,8 +5,12 @@
 
 
 <overview>
+
+<!-- Mention that this rule may not be applicable in projects that don't follow the JSF standard. -->
+<include src="cpp/jsfNote.qhelp" />
+
 <p>
-This rule ensures that all operators with opposites (e.g. == and !=) are both defined, and
+This query ensures that all operators with opposites (e.g. == and !=) are both defined, and
 that one of them is defined in terms of the other. This just enforces the consistency of meaning
 of the operators.
 </p>

cpp/ql/src/jsf/4.10 Classes/AV Rule 85.qhelp

@@ -19,23 +19,50 @@ predicate oppositeOperators(string op1, string op2) {
 /* this match is very syntactic: we simply check that op1 is defined as
    !op2(_, _) */
 predicate implementedAsNegationOf(Operator op1, Operator op2) {
-  exists(Block b, ReturnStmt r, NotExpr n, FunctionCall c |
+  exists(Block b, ReturnStmt r, NotExpr n, Expr o |
     b = op1.getBlock() and
     b.getNumStmt() = 1 and
     r = b.getStmt(0) and
     n = r.getExpr() and
-    c = n.getOperand() and
-    c.getTarget() = op2)
+    o = n.getOperand() and
+    (
+      o instanceof LTExpr and op2.hasName("operator<") or
+      o instanceof LEExpr and op2.hasName("operator<=") or
+      o instanceof GTExpr and op2.hasName("operator>") or
+      o instanceof GEExpr and op2.hasName("operator>=") or
+      o instanceof EQExpr and op2.hasName("operator==") or
+      o instanceof NEExpr and op2.hasName("operator!=") or
+      o.(FunctionCall).getTarget() = op2
+    )
+  )
+}
+
+predicate classIsCheckableFor(Class c, string op) {
+  oppositeOperators(op, _) and
+  // We check the template, not its instantiations
+  not c instanceof ClassTemplateInstantiation and
+  // Member functions of templates are not necessarily instantiated, so
+  // if the function we want to check exists, then make sure that its
+  // body also exists
+  ((c instanceof TemplateClass)
+   implies
+   forall(Function f | f = c.getAMember() and f.hasName(op)
+                     | exists(f.getEntryPoint())))
 }
 
 from Class c, string op, string opp, Operator rator
 where c.fromSource() and
       oppositeOperators(op, opp) and
+      classIsCheckableFor(c, op) and
+      classIsCheckableFor(c, opp) and
       rator = c.getAMember() and
       rator.hasName(op) and
-      not exists(Operator oprator | oprator = c.getAMember() and
-                                    oprator.hasName(opp) and
-                                    (   implementedAsNegationOf(rator, oprator)
-                                     or implementedAsNegationOf(oprator, rator)))
+      forex(Operator aRator |
+            aRator = c.getAMember() and aRator.hasName(op) |
+            not exists(Operator oprator |
+                       oprator = c.getAMember() and
+                       oprator.hasName(opp) and
+                       (   implementedAsNegationOf(aRator, oprator)
+                        or implementedAsNegationOf(oprator, aRator))))
 select c, "When two operators are opposites, both should be defined and one should be defined in terms of the other. Operator " + op +
           " is declared on line " + rator.getLocation().getStartLine().toString() + ", but it is not defined in terms of its opposite operator " + opp + "."

cpp/ql/src/jsf/4.10 Classes/AV Rule 85.ql

@@ -5,8 +5,12 @@
 
 
 <overview>
+
+<!-- Mention that this rule may not be applicable in projects that don't follow the JSF standard. -->
+<include src="cpp/jsfNote.qhelp" />
+
 <p>
-This rule finds return statements that return pointers to an object allocated on the stack. The lifetime
+This query highlights return statements that return pointers to an object allocated on the stack. The lifetime
 of a stack allocated memory location only lasts until the function returns, , and 
 the contents of that memory become undefined after that. Clearly, using a pointer to stack 
 memory after the function has already returned will have undefined results.

cpp/ql/src/jsf/4.13 Functions/AV Rule 111.qhelp

@@ -5,8 +5,12 @@
 
 
 <overview>
+
+<!-- Mention that this rule may not be applicable in projects that don't follow the JSF standard. -->
+<include src="cpp/jsfNote.qhelp" />
+
 <p>
-This rule finds identifiers in an inner scope that hide (have the same name as) an identifier in an outer scope.
+This query highlights identifiers in an inner scope that hide (have the same name as) an identifier in an outer scope.
 This should be avoided as it can cause confusion about the actual variable being used in an expression.
 </p>
 

cpp/ql/src/jsf/4.15 Declarations and Definitions/AV Rule 135.qhelp

@@ -5,8 +5,12 @@
 
 
 <overview>
+
+<!-- Mention that this rule may not be applicable in projects that don't follow the JSF standard. -->
+<include src="cpp/jsfNote.qhelp" />
+
 <p>
-This rule finds variables with the <code>register</code> storage class specifier. Modern compilers are now capable of
+This query highlights variables with the <code>register</code> storage class specifier. Modern compilers are now capable of
 optimal register placement, and overriding it could lead to worse performance.
 </p>
 

cpp/ql/src/jsf/4.15 Declarations and Definitions/AV Rule 140.qhelp

@@ -5,8 +5,12 @@
 
 
 <overview>
+
+<!-- Mention that this rule may not be applicable in projects that don't follow the JSF standard. -->
+<include src="cpp/jsfNote.qhelp" />
+
 <p>
-This rule finds portions of code that can expose the floating point implementation of the underlying
+This query highlights portions of code that can expose the floating point implementation of the underlying
 machine. Manually manipulating the bits in the float is prone to mistakes and is unportable. Floating point
 implementations can vary across architectures, and bit-field packing can differ across compilers,
 making manual bit-manipulation of floats inadvisable.

cpp/ql/src/jsf/4.17 Types/AV Rule 147.qhelp

@@ -5,8 +5,12 @@
 
 
 <overview>
+
+<!-- Mention that this rule may not be applicable in projects that don't follow the JSF standard. -->
+<include src="cpp/jsfNote.qhelp" />
+
 <p>
-This rule finds string literals that are assigned to a non-<code>const</code> variable. String literals
+This query highlights string literals that are assigned to a non-<code>const</code> variable. String literals
 should not be changed, since they are usually stored in the data section, and depending on the architecture, 
 writing to the data section will cause undefined behavior, such as memory corruption or memory write error.
 </p>