sqc 0.4.13

Software Code Quality - CERT C compliance checker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180

// SPDX-License-Identifier: Apache-2.0
// Copyright (c) 2024 Ryan Urchick

use super::super::{CertRule, RuleViolation};
use crate::manifest::{RuleCategory, Severity};
use tree_sitter::Node;

pub struct Int02C;

impl CertRule for Int02C {
    fn rule_id(&self) -> &'static str {
        "INT02-C"
    }
    fn description(&self) -> &'static str {
        "Understand integer conversion rules"
    }
    fn severity(&self) -> Severity {
        Severity::Medium
    }
    fn category(&self) -> RuleCategory {
        RuleCategory::Rule
    }
    fn cert_id(&self) -> &'static str {
        "INT02-C"
    }

    fn check(&self, node: &Node, source: &str) -> Vec<RuleViolation> {
        let mut violations = Vec::new();
        self.check_node(node, source, &mut violations);
        violations
    }
}

impl Int02C {
    fn check_node(&self, node: &Node, source: &str, violations: &mut Vec<RuleViolation>) {
        // Look for binary comparisons between signed and unsigned integers
        if node.kind() == "binary_expression" {
            let text = node.utf8_text(source.as_bytes()).unwrap_or("");

            // Check for comparison operators
            if text.contains("<")
                || text.contains(">")
                || text.contains("<=")
                || text.contains(">=")
                || text.contains("==")
                || text.contains("!=")
            {
                // Look for patterns where one operand might be signed and other unsigned
                let has_signed_pattern = text.contains("si ") || text.contains(" si");
                let has_unsigned_pattern = text.contains("ui ") || text.contains(" ui");

                let has_cast = text.contains("(int)") || text.contains("(unsigned");

                if has_signed_pattern && has_unsigned_pattern && !has_cast {
                    violations.push(RuleViolation {
                        rule_id: self.rule_id().to_string(),
                        severity: self.severity(),
                        line: node.start_position().row + 1,
                        column: node.start_position().column + 1,
                        file_path: String::new(),
                        message: "Comparison between signed and unsigned integers without cast"
                            .to_string(),
                        suggestion: Some("Cast one operand to match signedness".to_string()),
                        requires_manual_review: None,
                    });
                }
            }
        }

        // Check declarations with bitwise NOT on small types
        if node.kind() == "declaration" {
            let text = node.utf8_text(source.as_bytes()).unwrap_or("");

            // Pattern: uint8_t result = ( ~value ) >> shift WITHOUT explicit cast
            if (text.contains("uint8_t") || text.contains("int8_t")) && text.contains("~") {
                // Check if there's NO explicit cast to uint8_t/int8_t after the ~
                if !text.contains("(uint8_t)") && !text.contains("(int8_t)") {
                    violations.push(RuleViolation {
                        rule_id: self.rule_id().to_string(),
                        severity: self.severity(),
                        line: node.start_position().row + 1,
                        column: node.start_position().column + 1,
                        file_path: String::new(),
                        message:
                            "Bitwise operation on small integer type subject to integer promotion"
                                .to_string(),
                        suggestion: Some("Cast result explicitly to intended type".to_string()),
                        requires_manual_review: None,
                    });
                }
            }

            // Check for unsigned short multiplication
            if text.contains("unsigned short")
                && text.contains("*")
                && !text.contains("(unsigned int)")
            {
                violations.push(RuleViolation {
                    rule_id: self.rule_id().to_string(),
                    severity: self.severity(),
                    line: node.start_position().row + 1,
                    column: node.start_position().column + 1,
                    file_path: String::new(),
                    message: "Multiplication of unsigned short undergoes integer promotion; result may overflow".to_string(),
                    suggestion: Some("Cast operands to unsigned int before multiplication".to_string()),
                    requires_manual_review: None,
                });
            }
        }

        // Check for loops comparing char with unsigned char
        if node.kind() == "for_statement" {
            let text = node.utf8_text(source.as_bytes()).unwrap_or("");

            // Get lines before the loop to check declarations
            let lines_before = source
                .lines()
                .take(node.start_position().row)
                .collect::<Vec<_>>()
                .join("\n");

            // Pattern: char i (signed) compared with unsigned char max (unsigned)
            // NOT: unsigned char i with unsigned char max (both unsigned - OK)
            if text.contains("char i")
                && !text.contains("unsigned char i")
                && lines_before.contains("unsigned char max")
                && text.contains("<")
            {
                violations.push(RuleViolation {
                    rule_id: self.rule_id().to_string(),
                    severity: self.severity(),
                    line: node.start_position().row + 1,
                    column: node.start_position().column + 1,
                    file_path: String::new(),
                    message: "Loop compares signed char with unsigned char; signedness mismatch"
                        .to_string(),
                    suggestion: Some(
                        "Use consistent signedness for loop variable and limit".to_string(),
                    ),
                    requires_manual_review: None,
                });
            }
        }

        // Check for assignments with unsigned short multiplication
        if node.kind() == "assignment_expression" || node.kind() == "init_declarator" {
            let text = node.utf8_text(source.as_bytes()).unwrap_or("");

            // Pattern: unsigned int z = x * y where x, y are unsigned short WITHOUT cast
            let lines_before = source
                .lines()
                .take(node.start_position().row)
                .collect::<Vec<_>>()
                .join("\n");

            if text.contains("*")
                && lines_before.contains("unsigned short")
                && !text.contains("(unsigned int)")
                && !text.contains("(unsigned long)")
            {
                violations.push(RuleViolation {
                    rule_id: self.rule_id().to_string(),
                    severity: self.severity(),
                    line: node.start_position().row + 1,
                    column: node.start_position().column + 1,
                    file_path: String::new(),
                    message: "Multiplication of unsigned short values; result may overflow due to integer promotion".to_string(),
                    suggestion: Some("Cast operands to unsigned int before multiplication".to_string()),
                    requires_manual_review: None,
                });
            }
        }

        // Recursively check children
        let mut cursor = node.walk();
        for child in node.children(&mut cursor) {
            self.check_node(&child, source, violations);
        }
    }
}