From 394a864b0a23e5ebd2833de856b04de9ba04e704 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 13 Jan 2020 11:44:58 +0100 Subject: [PATCH] C++: Factored the body of TooManyArguments.ql out into a library file --- .../TooManyArguments.ql | 31 +-------------- .../TooManyArguments.qll | 38 +++++++++++++++++++ 2 files changed, 40 insertions(+), 29 deletions(-) create mode 100644 cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.qll diff --git a/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.ql b/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.ql index 59368236bbd..4e7f85097b8 100644 --- a/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.ql +++ b/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.ql @@ -12,35 +12,8 @@ */ import cpp - -// True if function was ()-declared, but not (void)-declared or K&R-defined -// or implicitly declared (i.e., lacking a prototype) -predicate hasZeroParamDecl(Function f) { - exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() | - not fde.isImplicit() and - not fde.hasVoidParamList() and - fde.getNumberOfParameters() = 0 and - not fde.isDefinition() - ) -} - -// True if this file (or header) was compiled as a C file -predicate isCompiledAsC(File f) { - f.compiledAsC() - or - exists(File src | isCompiledAsC(src) | src.getAnIncludedFile() = f) -} +import TooManyArguments from FunctionCall fc, Function f -where - f = fc.getTarget() and - not f.isVarargs() and - hasZeroParamDecl(f) and - isCompiledAsC(f.getFile()) and - exists(f.getBlock()) and - // There must not exist a declaration with the number of parameters - // at least as large as the number of call arguments - not exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() | - fde.getNumberOfParameters() >= fc.getNumberOfArguments() - ) +where tooManyArguments(fc, f) select fc, "This call has more arguments than required by $@.", f, f.toString() diff --git a/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.qll b/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.qll new file mode 100644 index 00000000000..7fba78b5550 --- /dev/null +++ b/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.qll @@ -0,0 +1,38 @@ +/** + * Provides the implementation of the TooManyArguments query. The + * query is implemented as a library, so that we can avoid producing + * duplicate results in other similar queries. + */ + +import cpp + +// True if function was ()-declared, but not (void)-declared or K&R-defined +// or implicitly declared (i.e., lacking a prototype) +private predicate hasZeroParamDecl(Function f) { + exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() | + not fde.isImplicit() and + not fde.hasVoidParamList() and + fde.getNumberOfParameters() = 0 and + not fde.isDefinition() + ) +} + +// True if this file (or header) was compiled as a C file +private predicate isCompiledAsC(File f) { + f.compiledAsC() + or + exists(File src | isCompiledAsC(src) | src.getAnIncludedFile() = f) +} + +predicate tooManyArguments(FunctionCall fc, Function f) { + f = fc.getTarget() and + not f.isVarargs() and + hasZeroParamDecl(f) and + isCompiledAsC(f.getFile()) and + exists(f.getBlock()) and + // There must not exist a declaration with the number of parameters + // at least as large as the number of call arguments + not exists(FunctionDeclarationEntry fde | fde = f.getADeclarationEntry() | + fde.getNumberOfParameters() >= fc.getNumberOfArguments() + ) +}