Merge pull request #485 from geoffw0/limitedscopefunction

CPP: Fix Limitedscopefunction.ql
2026-04-30 19:26:02 +02:00 · 2018-11-19 14:51:20 +01:00
parent 6d17642240 a51b9847b2
commit 111df470c3
6 changed files with 57 additions and 2 deletions
--- a/cpp/ql/src/JPL_C/LOC-3/Rule
+++ b/cpp/ql/src/JPL_C/LOC-3/Rule
@@ -10,5 +10,7 @@ import cpp

 from GlobalVariable v, Function f
 where v.getAnAccess().getEnclosingFunction() = f and
-      strictcount(v.getAnAccess().getEnclosingFunction()) = 1
+      strictcount(v.getAnAccess().getEnclosingFunction()) = 1 and
+      forall(VariableAccess a | a = v.getAnAccess() | exists(a.getEnclosingFunction())) and
+      not v.getADeclarationEntry().getFile() instanceof HeaderFile // intended to be accessed elsewhere
 select v, "The variable " + v.getName() + " is only accessed in $@ and should be scoped accordingly.", f, f.getName()
--- a/6/VariableScopeTooLarge.ql
+++ b/6/VariableScopeTooLarge.ql
@@ -10,5 +10,7 @@ import cpp

 from GlobalVariable v, Function f
 where v.getAnAccess().getEnclosingFunction() = f and
-      strictcount(v.getAnAccess().getEnclosingFunction()) = 1
+      strictcount(v.getAnAccess().getEnclosingFunction()) = 1 and
+      forall(VariableAccess a | a = v.getAnAccess() | exists(a.getEnclosingFunction())) and
+      not v.getADeclarationEntry().getFile() instanceof HeaderFile // intended to be accessed elsewhere
 select v, "The variable " + v.getName() + " is only accessed in $@ and should be scoped accordingly.", f, f.getName()
--- a/13/LimitedScopeFunction/LimitedScopeFunction.expected
+++ b/13/LimitedScopeFunction/LimitedScopeFunction.expected
@@ -0,0 +1,3 @@
+| test.c:8:5:8:14 | globalInt4 | The variable globalInt4 is only accessed in $@ and should be scoped accordingly. | test.c:19:6:19:10 | func1 | func1 |
+| test.c:9:5:9:14 | globalInt5 | The variable globalInt5 is only accessed in $@ and should be scoped accordingly. | test.c:19:6:19:10 | func1 | func1 |
+| test.c:10:5:10:14 | globalInt6 | The variable globalInt6 is only accessed in $@ and should be scoped accordingly. | test.c:19:6:19:10 | func1 | func1 |
--- a/13/LimitedScopeFunction/LimitedScopeFunction.qlref
+++ b/13/LimitedScopeFunction/LimitedScopeFunction.qlref
@@ -0,0 +1 @@
+JPL_C/LOC-3/Rule 13/LimitedScopeFunction.ql
--- a/cpp/ql/test/query-tests/JPL_C/LOC-3/Rule
+++ b/cpp/ql/test/query-tests/JPL_C/LOC-3/Rule
@@ -0,0 +1,44 @@
+// test.c
+
+#include "test.h"
+
+int globalInt1; // GOOD [used in func1, func2]
+int globalInt2; // GOOD [used in func1, func2]
+int globalInt3; // GOOD [used in func1, func2]
+int globalInt4; // BAD [only used in func1]
+int globalInt5; // BAD [only used in func1]
+int globalInt6; // BAD [only used in func1]
+int globalInt7; // GOOD [not used, should be reported by another query]
+int globalInt8; // GOOD [used at file level]
+int *addrGlobalInt8 = &globalInt8; // GOOD [used in func1, func2]
+int globalInt9; // GOOD [used at file level and in func1]
+int *addrGlobalInt9 = &globalInt9; // GOOD [used in func1, func2]
+
+int externInt; // GOOD [extern'd so could be part of an interface]
+
+void func1()
+{
+	int *ptr3 = &globalInt3;
+	int *ptr6 = &globalInt6;
+	int i8 = *addrGlobalInt8;
+
+	globalInt1 = globalInt2;
+	globalInt4 = globalInt5;
+	externInt = globalInt9;
+}
+
+void func2()
+{
+	int *ptr1 = &globalInt3;
+	int i8 = *addrGlobalInt8;
+
+	globalInt1 = globalInt2;
+}
+
+void func3()
+{
+	static int staticInt; // GOOD [declared in local scope]
+	int i;
+
+	i = staticInt;
+}
--- a/cpp/ql/test/query-tests/JPL_C/LOC-3/Rule
+++ b/cpp/ql/test/query-tests/JPL_C/LOC-3/Rule
@@ -0,0 +1,3 @@
+// test.h
+
+extern int externInt;
				`@@ -0,0 +1 @@`
				`JPL_C/LOC-3/Rule 13/LimitedScopeFunction.ql`