github · jeongsoolee09 · Feb 2, 2023 · Jan 25, 2023 · Jan 25, 2023 · Jan 25, 2023
diff --git a/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql b/c/misra/src/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql
@@ -0,0 +1,33 @@
+/**
+ * @id c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type
+ * @name RULE-6-1: Bit-fields shall only be declared with an appropriate type
+ * @description Declaring bit-fields on types other than appropriate ones causes
+ *              implementation-specific or undefined behavior.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-6-1
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+
+predicate isAppropriatePrimitive(Type type) {
+  /* An appropriate primitive types to which a bit-field can be declared. */
+  type instanceof IntType and
+  (
+    type.(IntegralType).isExplicitlySigned() or
+    type.(IntegralType).isExplicitlyUnsigned()
+  )
+  or
+  type instanceof BoolType
+}
+
+from BitField bitField
+where
+  not isExcluded(bitField,
+    BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()) and
+  /* A violation would neither be an appropriate primitive type nor an appropriate typedef. */
+  not isAppropriatePrimitive(bitField.getType().resolveTypedefs())
+select bitField, "Bit-field " + bitField + " is declared on type " + bitField.getType() + "."
diff --git a/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql b/c/misra/src/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql
@@ -0,0 +1,34 @@
+/**
+ * @id c/misra/single-bit-named-bit-fields-of-a-signed-type
+ * @name RULE-6-2: Single-bit named bit fields shall not be of a signed type
+ * @description Single-bit named bit fields carry no useful information and therefore should not be
+ *              declared or used.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-6-2
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.c.misra
+
+/*
+ * Check if the DECLARED bit-fields is a single bit, because Rule 6.2 also intends to catch confusion on the programmers' part. Consider:
+ *
+ * struct S {
+ *  int32_t x: 1;
+ * }
+ *
+ * In this case, field x is essentially of 32 bits, but is declared as 1 bit and its type int32_t is signed. Therefore, it indicates confusion by the programmer, which is exactly what this rule intends to find.
+ */
+
+from BitField bitField
+where
+  not isExcluded(bitField, BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery()) and
+  bitField.getDeclaredNumBits() = 1 and // Single-bit,
+  not bitField.isAnonymous() and // named,
+  bitField.getType().(IntegralType).isSigned() // but its type is signed.
+select bitField,
+  "Single-bit bit-field named " + bitField.toString() + " has a signed type " + bitField.getType() +
+    "."
diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.expected
@@ -0,0 +1,4 @@
+| test.c:6:7:6:8 | x1 | Bit-field x1 is declared on type int. |
+| test.c:10:15:10:16 | x5 | Bit-field x5 is declared on type signed long. |
+| test.c:12:15:12:16 | x6 | Bit-field x6 is declared on type signed char. |
+| test.c:14:14:14:15 | x7 | Bit-field x7 is declared on type Color. |
diff --git a/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref b/c/misra/test/rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.qlref
@@ -0,0 +1 @@
+rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql
diff --git a/c/misra/test/rules/RULE-6-1/test.c b/c/misra/test/rules/RULE-6-1/test.c
@@ -0,0 +1,15 @@
+typedef unsigned int UINT16;
+
+enum Color { R, G, B };
+
+struct SampleStruct {
+  int x1 : 2;          // NON_COMPLIANT - not explicitly signed or unsigned
+  unsigned int x2 : 2; // COMPILANT - explicitly unsigned
+  signed int x3 : 2;   // COMPILANT - explicitly signed
+  UINT16 x4 : 2;       // COMPLIANT - type alias resolves to a compliant type
+  signed long x5 : 2; // NON_COMPLIANT - cannot declare bit field for long, even
+                      // if it's signed
+  signed char x6 : 2; // NON_COMPILANT - cannot declare bit field for char, even
+                      // if it's signed
+  enum Color x7 : 3;  // NON_COMPILANT - cannot declare bit field for enum
+} sample_struct;
diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.expected
@@ -0,0 +1,4 @@
+| test.c:4:7:4:8 | x1 | Single-bit bit-field named x1 has a signed type int. |
+| test.c:7:14:7:15 | x2 | Single-bit bit-field named x2 has a signed type signed int. |
+| test.c:9:7:9:8 | x3 | Single-bit bit-field named x3 has a signed type signed char. |
+| test.c:11:7:11:8 | x4 | Single-bit bit-field named x4 has a signed type signed short. |
diff --git a/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref b/c/misra/test/rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.qlref
@@ -0,0 +1 @@
+rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql
diff --git a/c/misra/test/rules/RULE-6-2/test.c b/c/misra/test/rules/RULE-6-2/test.c
@@ -0,0 +1,17 @@
+#include <stdint.h>
+
+struct SampleStruct {
+  int x1 : 1; // NON_COMPILANT: very likely be signed, but if it's not, the
+              // query will automatically handle it since we use signed(), not
+              // isExplicitlySigned().
+  signed int x2 : 1; // NON_COMPILANT: single-bit named field with a signed type
+  signed char
+      x3 : 1; // NON_COMPILANT: single-bit named field with a signed type
+  signed short
+      x4 : 1; // NON_COMPILANT: single-bit named field with a signed type
+  unsigned int
+      x5 : 1; // COMPILANT: single-bit named field but with an unsigned type
+  signed int x6 : 2; // COMPILANT: named field with a signed type but declared
+                     // to carry more than 1 bit
+  signed char : 1;   // COMPILANT: single-bit bit-field but unnamed
+} sample_struct;
diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/BitfieldTypes.qll
@@ -0,0 +1,44 @@
+//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY.  **/
+import cpp
+import RuleMetadata
+import codingstandards.cpp.exclusions.RuleMetadata
+
+newtype BitfieldTypesQuery =
+  TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() or
+  TSingleBitNamedBitFieldsOfASignedTypeQuery()
+
+predicate isBitfieldTypesQueryMetadata(Query query, string queryId, string ruleId, string category) {
+  query =
+    // `Query` instance for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query
+    BitfieldTypesPackage::bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() and
+  queryId =
+    // `@id` for the `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query
+    "c/misra/bit-fields-shall-only-be-declared-with-an-appropriate-type" and
+  ruleId = "RULE-6-1" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `singleBitNamedBitFieldsOfASignedType` query
+    BitfieldTypesPackage::singleBitNamedBitFieldsOfASignedTypeQuery() and
+  queryId =
+    // `@id` for the `singleBitNamedBitFieldsOfASignedType` query
+    "c/misra/single-bit-named-bit-fields-of-a-signed-type" and
+  ruleId = "RULE-6-2" and
+  category = "required"
+}
+
+module BitfieldTypesPackage {
+  Query bitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `bitFieldsShallOnlyBeDeclaredWithAnAppropriateType` query
+      TQueryC(TBitfieldTypesPackageQuery(TBitFieldsShallOnlyBeDeclaredWithAnAppropriateTypeQuery()))
+  }
+
+  Query singleBitNamedBitFieldsOfASignedTypeQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `singleBitNamedBitFieldsOfASignedType` query
+      TQueryC(TBitfieldTypesPackageQuery(TSingleBitNamedBitFieldsOfASignedTypeQuery()))
+  }
+}
diff --git a/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/c/RuleMetadata.qll
@@ -3,6 +3,7 @@ import cpp
 import codingstandards.cpp.exclusions.RuleMetadata
 //** Import packages for this language **/
 import Banned
+import BitfieldTypes
 import Concurrency1
 import Concurrency2
 import Concurrency3
@@ -47,6 +48,7 @@ import Syntax
 /** The TQuery type representing this language * */
 newtype TCQuery =
  TBannedPackageQuery(BannedQuery q) or
+  TBitfieldTypesPackageQuery(BitfieldTypesQuery q) or
  TConcurrency1PackageQuery(Concurrency1Query q) or
  TConcurrency2PackageQuery(Concurrency2Query q) or
  TConcurrency3PackageQuery(Concurrency3Query q) or
@@ -91,6 +93,7 @@ newtype TCQuery =
 /** The metadata predicate * */
 predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) {
  isBannedQueryMetadata(query, queryId, ruleId, category) or
+  isBitfieldTypesQueryMetadata(query, queryId, ruleId, category) or
  isConcurrency1QueryMetadata(query, queryId, ruleId, category) or
  isConcurrency2QueryMetadata(query, queryId, ruleId, category) or
  isConcurrency3QueryMetadata(query, queryId, ruleId, category) or
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		rules/RULE-6-1/BitFieldsShallOnlyBeDeclaredWithAnAppropriateType.ql
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		rules/RULE-6-2/SingleBitNamedBitFieldsOfASignedType.ql