Implement RULE-21-13

Author: jeongsoolee09

c/misra/src/rules/RULE-21-13/CtypeFunctionArgNotUnsignedCharOrEof.ql

@@ -15,34 +15,36 @@ import codingstandards.c.misra
 import codingstandards.cpp.ReadErrorsAndEOF
 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
 import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils
-import semmle.code.cpp.dataflow.DataFlow // TODO use this...
 
-query predicate isCtypeFunction(Function function) {
-  function.getADeclaration().getAFile().(HeaderFile).getShortName() = "_ctype" // TODO: change it back to `ctype`
+class CtypeFunction extends Function {
+  CtypeFunction() { this.getADeclaration().getAFile().(HeaderFile).getShortName() = "_ctype" }
 }
 
-query predicate isInUnsignedCharRange(Expr var) {
-  // TODO: shouldn't be an Expr, instead get it as an argument from a FunctionCall that isCtypeFunction
+predicate unsignedCharRange(int lower, int upper, EOFInvocation eof) {
   exists(UnsignedCharType unsignedChar |
-    // Consider cases where the argument's value is cast to some smaller type, clipping the range.
-    typeLowerBound(unsignedChar) <= lowerBound(var.getFullyConverted()) and
-    upperBound(var.getFullyConverted()) <= typeUpperBound(unsignedChar)
+    lower = typeLowerBound(unsignedChar) and
+    upper = upperBound(eof.getExpr()) and
+    typeLowerBound(unsignedChar) <= lowerBound(eof.getExpr()) and
+    upperBound(eof.getExpr()) <= typeUpperBound(unsignedChar)
   )
 }
 
-// Uh oh, this is empty
-query predicate isEOFInvocation(EOFInvocation eof) {
-  any()
+predicate isEquivToEOF(Expr expr) {
+  exists(EOFInvocation eof | DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(expr)))
 }
 
-/* very early draft */
-query predicate equivToEOF(FunctionCall fc, EOFInvocation eof) {
-  // var is a param of ctypefunctioncall
-  isCtypeFunction(fc.getTarget()) and
-  DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(fc.getArgument(0)))
-}
-from Element x
+from FunctionCall ctypeCall
 where
-  not isExcluded(x, StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and
-  any()
-select 1
+  not isExcluded(ctypeCall,
+    StandardLibraryFunctionTypesPackage::ctypeFunctionArgNotUnsignedCharOrEofQuery()) and
+  exists(CtypeFunction ctype, UnsignedCharType unsignedChar |
+    ctypeCall = ctype.getACallToThisFunction()
+  |
+  /* The argument's value should be in the `unsigned char` range. */
+    typeLowerBound(unsignedChar) <= lowerBound(ctypeCall.getAnArgument().getExplicitlyConverted()) and // consider casts
+    upperBound(ctypeCall.getAnArgument().getExplicitlyConverted()) <= typeUpperBound(unsignedChar)
+    or
+  /* The argument's value is reachable from EOF. */
+    exists(EOFInvocation eof | DataFlow::localFlow(DataFlow::exprNode(eof.getExpr()), DataFlow::exprNode(ctypeCall.getAnArgument())))
+  )
+select ctypeCall, ctypeCall.getAnArgument()

c/misra/test/rules/RULE-21-13/test.c

@@ -3,9 +3,16 @@
 
 void sample() {
   unsigned char c1 = 'c';
-  int r1 = isalnum(c1); // compliant
-  unsigned char c2 = EOF;
-  int r2 = isalnum(c2); // compliant
+  int r1 = isalnum(c1); // COMPLIANT: ASCII 99 is within unsigned char range of [0, 255]
+  unsigned char x1 = EOF;
+  unsigned char x2 = x1;
+  unsigned char c2 = x2 + 1;
+  int r2 = isdigit(c2); // COMPLIANT: EOF (-1)
+
+  int x3 = 256;
+  int x4 = x3;
+  int c3 = x4;
+  int r3 = islower(c3); // NON_COMPLIANT: is outside unsigned char range of[0, 255]
 }
 
-int main() { return 0; }
+int main() { return 0; }