Implement Conversions2 rule package
#946
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Detects implicit and explicit conversions from type bool to other types, preventing potential confusion between bitwise and logical operators and ensuring clear type usage. [a]
- Simplify query implementation - Format test code
Detects implicit conversions to bool type from fundamental types, unscoped enumerations, and pointers that may lead to unintended behavior in conditional expressions.
Detects inappropriate assignments between numeric types that violate type compatibility requirements, including implicit conversions that may cause information loss or unexpected behavior changes. [a]
- Add additional test cases - Allow name qualifiers - Prohibit explicit casts (inc. parameters)
Reference types can be numeric types according to the rule. In addition to making NumericTypes reference types, we also add a helper predicate which gets the size of the real type (rather than the size of the reference).
Migrate conversion generic code to a shared library.
- Add extra testing - Support signed bitfields
- Exclude booleans and chars from our determination of numeric types. - Deduplicate integer types deduced for bitfields - identifying a canonical set of integer types.
The `getValue()` provided in the database applies the conversions, which can be unhelpful when trying to write rules the refer to conversions.
- Use IntegerConstantExpr to determine both the expressions which are constant, and the BigInt value of those constants (before final conversion). - Implement a BigInt type upper/lower bound to determine whether a constant assignment is valid.
- Support assignment to pointer to members - Support pointer-to-member function calls
Overload independence should consider what parameters are default.
Consider the conversion as the source, not the pre-conversion value.
Rule 7.0.4 is now in the Conversions package. Rules 8.x in the Conversions package are now moved to Conversions2. This is to avoid having too many complex queries in one package, and because 7.0.4 is more closely related to the other 7.x rules.
Detects inappropriate operands for bitwise and shift operators that violate type requirements. Identifies signed operands in bitwise operations and improper shift operand types that may cause undefined behavior. [a]
Preprocessor directives are not currently supported.
This shared implementation will be used for implementing MISRA C++ 2023 8.2.1.
MISRA C++ Rule 8.2.2 is similar, but not identical.
Nested macro invocations do not have getExpandedElements(), but do have getAffectedElements().
Detects C-style casts and functional notation casts that should be replaced with explicit cast operators. Prevents unsafe type conversions that lack clear intent and proper type checking constraints. [a]
Detects casts from integral, enumerated, or void pointer types to object pointer types that may lead to unspecified behavior. [a]
Detects casts that convert pointer types to integral types, which can make code harder to understand and may break pointer tracking in analysis tools. [a]
Detects pointer-to-integral casts that use types other than std::uintptr_t or std::intptr_t, which may not guarantee representation of all pointer values. [a]
Detects explicit type conversions using functional notation as standalone expression statements that create immediately-destroyed temporary objects. [a]
- Simplify the query implementation - Improve query message
- Remove redundant code - Use stripSpecifiers(..) to check for use of (u)intptr_t.
MichaelRFairhurst
requested changes
Aug 19, 2025
| Query getQuery() { result instanceof PointerToAVirtualBaseClassCastToAPointerSharedQuery } | ||
|
|
||
| query predicate problems(Cast cast, string message) { | ||
| exists(VirtualBaseClass castFrom, Class castTo | |
There was a problem hiding this comment.
Should also be non compliant when castFrom is a base class of a virtual base class
| not stripSpecifiers(targetType).(UserType).hasGlobalOrStdName(["uintptr_t", "intptr_t"]) | ||
| select cast, | ||
| "Cast of object pointer type to integral type '" + targetType + | ||
| "' instead of 'std::uintptr_t' or 'std::intptr_t'." |
There was a problem hiding this comment.
Unfortunately the rule has additional requirements not covered here related to templates. The rule states that the casted type must be "explicitly" uintptr_t or intptr_t, meaning that
template<typename T>
void foo(S* s) {
reinterpret_cast<T>(s);
}
is non compliant, which isn't covered here
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Follows on from #919.
Change request type
.ql,.qll,.qlsor unit tests)Rules with added or modified queries
RULE-8-2-1RULE-8-2-2RULE-8-2-6RULE-8-2-7RULE-8-2-8RULE-1-3RULE-23-3RULE-23-5RULE-23-6Release change checklist
A change note (development_handbook.md#change-notes) is required for any pull request which modifies:
If you are only adding new rule queries, a change note is not required.
Author: Is a change note required?
🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.
Reviewer: Confirm that either a change note is not required or the change note is required and has been added.
Query development review checklist
For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:
Author
As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
Reviewer
As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.