diff --git a/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql b/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql index 6fc974c39e..58a9c8db79 100644 --- a/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql +++ b/c/cert/src/rules/ENV33-C/DoNotCallSystem.ql @@ -7,7 +7,7 @@ * @problem.severity error * @tags external/cert/id/env33-c * security - * external/cert/obligtion/rule + * external/cert/obligation/rule */ import cpp diff --git a/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.md b/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.md index b6663872bf..830243c0f9 100644 --- a/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.md +++ b/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.md @@ -1,4 +1,4 @@ -# EXP37-C: Pass the correct number of arguments to the POSIX open function. +# EXP37-C: Pass the correct number of arguments to the POSIX open function This query implements the CERT-C rule EXP37-C: diff --git a/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql b/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql index 275e4759d7..ad8520e321 100644 --- a/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql +++ b/c/cert/src/rules/EXP37-C/CallPOSIXOpenWithCorrectArgumentCount.ql @@ -1,6 +1,6 @@ /** * @id c/cert/call-posix-open-with-correct-argument-count - * @name EXP37-C: Pass the correct number of arguments to the POSIX open function. + * @name EXP37-C: Pass the correct number of arguments to the POSIX open function * @description A third argument should be passed to the POSIX function open() when and only when * creating a new file. * @kind problem diff --git a/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.md b/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.md index 337095447e..df330f09d2 100644 --- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.md +++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.md @@ -1,4 +1,4 @@ -# EXP37-C: Do not pass arguments with an incompatible count or type to a function. +# EXP37-C: Do not pass arguments with an incompatible count or type to a function This query implements the CERT-C rule EXP37-C: diff --git a/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql b/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql index 8285f1d36a..e76c62ee2d 100644 --- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql +++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql @@ -1,6 +1,6 @@ /** * @id c/cert/do-not-call-functions-with-incompatible-arguments - * @name EXP37-C: Do not pass arguments with an incompatible count or type to a function. + * @name EXP37-C: Do not pass arguments with an incompatible count or type to a function * @description The arguments passed to a function must be compatible with the function's * parameters. * @kind problem diff --git a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql index bb1cef3259..4983e3a69a 100644 --- a/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql +++ b/c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql @@ -1,7 +1,8 @@ /** * @id c/cert/do-not-alternately-io-from-a-stream-without-positioning * @name FIO39-C: Do not alternately input and output from a stream without an intervening flush or positioning call - * @description + * @description Do not alternately input and output from a stream without an intervening flush or + * positioning call. This may result in undefined behavior. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql index 28f7d6eb58..2c7959f38e 100644 --- a/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql +++ b/c/cert/src/rules/FIO42-C/CloseFilesWhenTheyAreNoLongerNeeded.ql @@ -1,7 +1,8 @@ /** * @id c/cert/close-files-when-they-are-no-longer-needed * @name FIO42-C: Close files when they are no longer needed - * @description + * @description Open files must be closed before the lifetime of the last pointer to the file-object + * has ended to prevent resource exhaustion and data loss issues. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql index 81ae3a229a..6bc284c2c7 100644 --- a/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql +++ b/c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql @@ -1,7 +1,7 @@ /** * @id c/cert/undefined-behavior-accessing-a-closed-file * @name FIO46-C: Do not access a closed file - * @description Do not access a closed file + * @description Do not access a closed file. * @kind problem * @precision high * @problem.severity error diff --git a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql index 808aa1ba7c..3dd03120c8 100644 --- a/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql +++ b/c/misra/src/rules/RULE-13-3/SideEffectAndCrementInFullExpression.ql @@ -3,7 +3,7 @@ * @name RULE-13-3: A full expression containing an increment (++) or decrement (--) operator should have no other * @description A full expression containing an increment (++) or decrement (--) operator should * have no other potential side effects other than that caused by the increment or - * decrement operator + * decrement operator. * @kind problem * @precision very-high * @problem.severity warning diff --git a/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql b/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql index 3a4be49925..78c5063ddd 100644 --- a/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql +++ b/c/misra/src/rules/RULE-22-6/FileUsedAfterClosed.ql @@ -1,7 +1,7 @@ /** * @id c/misra/file-used-after-closed * @name RULE-22-6: The value of a pointer to a FILE shall not be used after the associated stream has been closed - * @description A closed FILE is accessed + * @description A closed FILE is accessed. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql index 457084f35c..22499946a0 100644 --- a/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql +++ b/c/misra/src/rules/RULE-22-7/EofShallBeComparedWithUnmodifiedReturnValues.ql @@ -2,7 +2,7 @@ * @id c/misra/eof-shall-be-compared-with-unmodified-return-values * @name RULE-22-7: The macro EOF shall only be compared with the unmodified return value from any Standard Library * @description The macro EOF shall only be compared with the unmodified return value from any - * Standard Library function capable of returning EOF + * Standard Library function capable of returning EOF. * @kind problem * @precision high * @problem.severity error diff --git a/c/misra/src/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql b/c/misra/src/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql index a4aa183acf..84055145e3 100644 --- a/c/misra/src/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql +++ b/c/misra/src/rules/RULE-4-12/StdLibDynamicMemoryAllocationUsed.ql @@ -3,7 +3,7 @@ * @name RULE-4-12: Dynamic memory allocation shall not be used * @description Using dynamic memory allocation and deallocation can result to undefined behavior. * This query is for the Standard Library Implementation. Any implementation outside it - * will require a separate query under the same directive + * will require a separate query under the same directive. * @kind problem * @precision very-high * @problem.severity error diff --git a/c/misra/src/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql b/c/misra/src/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql index 20f91dca78..1521b9602a 100644 --- a/c/misra/src/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql +++ b/c/misra/src/rules/RULE-4-8/ObjectWithNoPointerDereferenceShouldBeOpaque.ql @@ -10,7 +10,6 @@ * @tags external/misra/id/rule-4-8 * readability * maintainability - * readability * external/misra/obligation/advisory */ diff --git a/rule_packages/c/Banned.json b/rule_packages/c/Banned.json index a39b9ead7d..46032e3a68 100644 --- a/rule_packages/c/Banned.json +++ b/rule_packages/c/Banned.json @@ -2,7 +2,7 @@ "CERT-C": { "ENV33-C": { "properties": { - "obligtion": "rule" + "obligation": "rule" }, "queries": [ { @@ -310,7 +310,7 @@ }, "queries": [ { - "description": "Using dynamic memory allocation and deallocation can result to undefined behavior. This query is for the Standard Library Implementation. Any implementation outside it will require a separate query under the same directive", + "description": "Using dynamic memory allocation and deallocation can result to undefined behavior. This query is for the Standard Library Implementation. Any implementation outside it will require a separate query under the same directive.", "kind": "problem", "name": "Dynamic memory allocation shall not be used", "precision": "very-high", diff --git a/rule_packages/c/Expressions.json b/rule_packages/c/Expressions.json index 6ed56610af..9d1f8b16a7 100644 --- a/rule_packages/c/Expressions.json +++ b/rule_packages/c/Expressions.json @@ -22,7 +22,7 @@ { "description": "The arguments passed to a function must be compatible with the function's parameters.", "kind": "problem", - "name": "Do not pass arguments with an incompatible count or type to a function.", + "name": "Do not pass arguments with an incompatible count or type to a function", "precision": "high", "severity": "error", "short_name": "DoNotCallFunctionsWithIncompatibleArguments", @@ -33,7 +33,7 @@ { "description": "A third argument should be passed to the POSIX function open() when and only when creating a new file.", "kind": "problem", - "name": "Pass the correct number of arguments to the POSIX open function.", + "name": "Pass the correct number of arguments to the POSIX open function", "precision": "high", "severity": "error", "short_name": "CallPOSIXOpenWithCorrectArgumentCount", diff --git a/rule_packages/c/IO1.json b/rule_packages/c/IO1.json index f772d6c4ee..7d7ae66645 100644 --- a/rule_packages/c/IO1.json +++ b/rule_packages/c/IO1.json @@ -65,7 +65,7 @@ }, "queries": [ { - "description": "", + "description": "Do not alternately input and output from a stream without an intervening flush or positioning call. This may result in undefined behavior.", "kind": "problem", "name": "Do not alternately input and output from a stream without an intervening flush or positioning call", "precision": "very-high", @@ -88,7 +88,7 @@ }, "queries": [ { - "description": "", + "description": "Open files must be closed before the lifetime of the last pointer to the file-object has ended to prevent resource exhaustion and data loss issues.", "kind": "problem", "name": "Close files when they are no longer needed", "precision": "very-high", @@ -111,7 +111,7 @@ }, "queries": [ { - "description": "Do not access a closed file", + "description": "Do not access a closed file.", "kind": "problem", "name": "Do not access a closed file", "precision": "high", @@ -136,7 +136,7 @@ }, "queries": [ { - "description": "A closed FILE is accessed", + "description": "A closed FILE is accessed.", "kind": "problem", "name": "The value of a pointer to a FILE shall not be used after the associated stream has been closed", "precision": "very-high", diff --git a/rule_packages/c/IO3.json b/rule_packages/c/IO3.json index 88062fbf7e..8d1c250eda 100644 --- a/rule_packages/c/IO3.json +++ b/rule_packages/c/IO3.json @@ -113,7 +113,7 @@ }, "queries": [ { - "description": "The macro EOF shall only be compared with the unmodified return value from any Standard Library function capable of returning EOF", + "description": "The macro EOF shall only be compared with the unmodified return value from any Standard Library function capable of returning EOF.", "kind": "problem", "name": "The macro EOF shall only be compared with the unmodified return value from any Standard Library", "precision": "high", diff --git a/rule_packages/c/Pointers1.json b/rule_packages/c/Pointers1.json index 2ec0775644..991838e34f 100644 --- a/rule_packages/c/Pointers1.json +++ b/rule_packages/c/Pointers1.json @@ -308,8 +308,7 @@ "short_name": "ObjectWithNoPointerDereferenceShouldBeOpaque", "tags": [ "readability", - "maintainability", - "readability" + "maintainability" ], "implementation_scope": { "description": "This rule considers all cases where a structure or union is referenced as a pointer but has no FieldAccess within a translation unit. Further excluded from this rule are translation units in which the structure or union is declared as a non-pointer variable." diff --git a/rule_packages/c/SideEffects2.json b/rule_packages/c/SideEffects2.json index 9c8c3b71ec..42467c2852 100644 --- a/rule_packages/c/SideEffects2.json +++ b/rule_packages/c/SideEffects2.json @@ -6,7 +6,7 @@ }, "queries": [ { - "description": "A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator", + "description": "A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than that caused by the increment or decrement operator.", "kind": "problem", "name": "A full expression containing an increment (++) or decrement (--) operator should have no other", "precision": "very-high", diff --git a/schemas/rule-package.schema.json b/schemas/rule-package.schema.json index 913f10bcfd..2e8b6298d1 100644 --- a/schemas/rule-package.schema.json +++ b/schemas/rule-package.schema.json @@ -45,7 +45,6 @@ "type": "string", "enum": [ "required", - "rule", "advisory" ] } @@ -67,6 +66,7 @@ "type": "string" } }, + "additionalProperties": false, "required": [ "properties", "queries", @@ -85,6 +85,100 @@ "type": "object", "patternProperties": { "^\\w+\\d+-CPP": { + "description": "A coding standard rule", + "type": "object", + "properties": { + "properties": { + "type": "object", + "properties": { + "obligation": { + "type": "string", + "enum": [ + "rule" + ] + } + }, + "required": [ + "obligation" + ] + }, + "queries": { + "type": "array", + "uniqueItems": true, + "items": { + "$ref": "#/$defs/query" + } + }, + "title": { + "type": "string" + } + }, + "required": [ + "properties", + "queries", + "title" + ], + "additionalProperties": false + } + }, + "minProperties": 1 + } + } + }, + { + "properties": { + "CERT-C": { + "description": "Rules part of the CERT-C standard", + "type": "object", + "patternProperties": { + "^\\w+\\d+-C": { + "description": "A coding standard rule", + "type": "object", + "properties": { + "properties": { + "type": "object", + "properties": { + "obligation": { + "type": "string", + "enum": [ + "rule" + ] + } + }, + "required": [ + "obligation" + ] + }, + "queries": { + "type": "array", + "uniqueItems": true, + "items": { + "$ref": "#/$defs/query" + } + }, + "title": { + "type": "string" + } + }, + "required": [ + "properties", + "queries", + "title" + ], + "additionalProperties": false + } + }, + "minProperties": 1 + } + } + }, + { + "properties": { + "MISRA-C-2012": { + "description": "Rules part of the MISRA C 2012 standard", + "type": "object", + "patternProperties": { + "^RULE-\\d+-\\d+": { "description": "A coding standard rule", "type": "object", "properties": { @@ -95,8 +189,8 @@ "type": "string", "enum": [ "required", - "rule", - "advisory" + "advisory", + "mandatory" ] } }, @@ -119,7 +213,8 @@ "properties", "queries", "title" - ] + ], + "additionalProperties": false } }, "minProperties": 1 @@ -128,7 +223,7 @@ } ], "minProperties": 1, - "maxProperties": 2, + "maxProperties": 4, "$defs": { "query": { "$id": "/schemas/query", diff --git a/scripts/requirements.txt b/scripts/requirements.txt index f9152768fc..56682f6332 100644 --- a/scripts/requirements.txt +++ b/scripts/requirements.txt @@ -12,5 +12,5 @@ soupsieve==2.0.1 urllib3==1.26.5 pyyaml==5.4 wheel==0.37.0 -jsonschema==3.2.0 +jsonschema==4.9.1 marko==1.2.1 \ No newline at end of file