Model getchar, Finalize query

jeongsoolee09 · jeongsoolee09 · commit 0aad1c638b01 · 2023-03-07T11:50:35.000-08:00
diff --git a/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql b/c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql
@@ -15,33 +15,22 @@ import codingstandards.c.misra
 import codingstandards.cpp.ReadErrorsAndEOF
 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
 
-//import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils
 class CtypeFunction extends Function {
   CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getBaseName() = "ctype.h" }
 }
 
-/* TODO Under construction */
 from FunctionCall ctypeCall
 where
   not isExcluded(ctypeCall,
-    StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery())
-//    and
-// not exists(CtypeFunction ctype, Expr ctypeCallArgument |
-//   ctype = ctypeCall.getTarget() and
-//   ctypeCallArgument = ctypeCall.getAnArgument().getExplicitlyConverted()
-// |
-//   /* Case 1: The argument's value should be in the `unsigned char` range. */
-//   // Use `.getExplicitlyConverted` to consider inline argument casts.
-//   -1 <= lowerBound(ctypeCallArgument) and
-//   upperBound(ctypeCallArgument) <= 255
-//   or
-//   /* Case 2: EOF flows to this argument without modifications. */
-//   exists(EOFInvocation eof |
-//     DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(ctypeCallArgument))
-//   )
-// )
-select ctypeCall.getAnArgument(), lowerBound(ctypeCall.getAnArgument()),
-  upperBound(ctypeCall.getAnArgument())
-// select ctypeCall,
-//   "The <ctype.h> function " + ctypeCall + " accepts an argument " +
-//     ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF."
+    StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and
+  not exists(CtypeFunction ctype, Expr ctypeCallArgument |
+    ctype = ctypeCall.getTarget() and
+    ctypeCallArgument = ctypeCall.getAnArgument().getExplicitlyConverted()
+  |
+    /* The argument's value should be in the EOF + `unsigned char` range. */
+    -1 <= lowerBound(ctypeCallArgument) and upperBound(ctypeCallArgument) <= 255
+  ) and
+  ctypeCall.getBasicBlock().isReachable()
+select ctypeCall,
+  "The <ctype.h> function " + ctypeCall + " accepts an argument " +
+    ctypeCall.getAnArgument().toString() + " that is not an unsigned char nor an EOF."
diff --git a/c/misra/test/rules/RULE-21-13/test.c b/c/misra/test/rules/RULE-21-13/test.c
@@ -5,33 +5,35 @@ void sample() {
   unsigned char c1 = 'c';
   int r1 = isalnum(
       c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255]
-  int r2 = isdigit(EOF); // COMPLIANT: EOF (-1)
+  int r2 = isalnum(EOF); // COMPLIANT: EOF (-1)
 
   int x3 = 256;
   int x4 = x3;
   int c3 = x4;
   int r3 =
-      islower(c3); // NON_COMPLIANT: is outside unsigned char range of [0, 255]
+      isalnum(c3); // NON_COMPLIANT: is outside unsigned char range of [0, 255]
 
   unsigned char x5 = EOF;
   unsigned char x6 = x5;
   int c4 = x6 + 10000;
   int r4 =
-      isdigit(c4); // NON_COMPLIANT: is outside unsigned char range of [0, 255]
+      isalnum(c4); // NON_COMPLIANT: is outside unsigned char range of [0, 255]
 
   int c5 = getchar();
-  int r5 = isdigit(c5); // COMPLIANT[FALSE_POSITIVE]: library functions like
+  int r5 = isalnum(c5); // COMPLIANT[FALSE_POSITIVE]: library functions like
                         // getchar needs to be modelled
 
-  unsigned char x7 = 1;
-  char c6;
+  unsigned char x7;
+  int c6;
   if (x7 == 1) {
     c6 = EOF;
   } else {
     c6 = 'c';
   }
   int r6 =
-      isdigit(c6); // COMPLIANT: either control branch make this call compliant.
+      isalnum(c6); // COMPLIANT: either control branch make this call compliant
+
+  int r7 = isalnum(EOF); // COMPLIANT: EOF (-1)
 }
 
 int main() { return 0; }
diff --git a/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll b/cpp/common/src/codingstandards/cpp/SimpleRangeAnalysisCustomizations.qll
@@ -159,7 +159,7 @@ private class CastEnumToIntegerSimpleRange extends SimpleRangeAnalysisExpr, Cast
  */
 private class CtypeGetcharFunctionsRange extends SimpleRangeAnalysisExpr, FunctionCall {
   CtypeGetcharFunctionsRange() {
-    this.getFile().(HeaderFile).getBaseName() = "stdio.h" and
+    this.getTarget().getFile().(HeaderFile).getBaseName() = "stdio.h" and
     this.getTarget().getName().regexpMatch("(fgetc|getc|getchar|)")
   }
 

Original file line number	Diff line number	Diff line change
`@@ -159,7 +159,7 @@ private class CastEnumToIntegerSimpleRange extends SimpleRangeAnalysisExpr, Cast`
`159`	`159`	`*/`
`160`	`160`	`private class CtypeGetcharFunctionsRange extends SimpleRangeAnalysisExpr, FunctionCall {`
`161`	`161`	`CtypeGetcharFunctionsRange() {`
`162`		`- this.getFile().(HeaderFile).getBaseName() = "stdio.h" and`
	`162`	`+ this.getTarget().getFile().(HeaderFile).getBaseName() = "stdio.h" and`
`163`	`163`	`this.getTarget().getName().regexpMatch("(fgetc\|getc\|getchar\|)")`
`164`	`164`	`}`
`165`	`165`