sqc 0.4.13

Software Code Quality - CERT C compliance checker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163

//! MSC32-C: Properly seed pseudorandom number generators
//!
//! This rule detects calls to random number generation functions (rand, random)
//! without a prior call to seed functions (srand, srandom) in the same function scope.
//!
//! ## Examples:
//!
//! **Non-compliant:**
//! ```c
//! void func(void) {
//!     printf("%d\n", rand());  // VIOLATION: rand() called without srand()
//! }
//! ```
//!
//! **Compliant:**
//! ```c
//! void func(void) {
//!     srand(time(NULL));       // OK: srand() called before rand()
//!     printf("%d\n", rand());
//! }
//! ```
//!
//! ## Detection Strategy:
//! - Find function definitions
//! - Track calls to seed functions (srand, srandom)
//! - Track calls to RNG functions (rand, random, rand_r)
//! - Report violations if RNG called without prior seed

use super::super::{CertRule, RuleViolation};
use crate::manifest::{RuleCategory, Severity};
use tree_sitter::Node;

pub struct Msc32C;

impl CertRule for Msc32C {
    fn rule_id(&self) -> &'static str {
        "MSC32-C"
    }

    fn description(&self) -> &'static str {
        "Properly seed pseudorandom number generators"
    }

    fn severity(&self) -> Severity {
        Severity::Medium
    }

    fn category(&self) -> RuleCategory {
        RuleCategory::Rule
    }

    fn cert_id(&self) -> &'static str {
        "MSC32-C"
    }

    fn check(&self, node: &Node, source: &str) -> Vec<RuleViolation> {
        let mut violations = Vec::new();
        self.check_node(node, source, &mut violations);
        violations
    }
}

impl Msc32C {
    fn check_node(&self, node: &Node, source: &str, violations: &mut Vec<RuleViolation>) {
        // Check function definitions
        if node.kind() == "function_definition" {
            self.check_function(node, source, violations);
        }

        // Recurse
        for i in 0..node.child_count() {
            if let Some(child) = node.child(i) {
                self.check_node(&child, source, violations);
            }
        }
    }

    fn check_function(&self, func: &Node, source: &str, violations: &mut Vec<RuleViolation>) {
        // Get function body
        let body = match func.child_by_field_name("body") {
            Some(b) => b,
            None => return,
        };

        // Track whether we've seen a seed call
        let mut has_seed = false;

        // Track all function calls in order
        let mut calls = Vec::new();
        self.collect_calls(&body, source, &mut calls);

        // Check each call
        for call in &calls {
            if self.is_seed_function(&call.func_name) {
                has_seed = true;
            } else if self.is_rng_function(&call.func_name) {
                if !has_seed {
                    // RNG called without prior seed
                    self.report_violation_at(call.line, call.column, &call.func_name, violations);
                }
            }
        }
    }

    fn collect_calls(&self, node: &Node, source: &str, calls: &mut Vec<FunctionCall>) {
        if node.kind() == "call_expression" {
            if let Some(function) = node.child_by_field_name("function") {
                let func_name = &source[function.start_byte()..function.end_byte()];
                calls.push(FunctionCall {
                    line: node.start_position().row + 1,
                    column: node.start_position().column + 1,
                    func_name: func_name.to_string(),
                });
            }
        }

        // Recurse
        for i in 0..node.child_count() {
            if let Some(child) = node.child(i) {
                self.collect_calls(&child, source, calls);
            }
        }
    }

    fn is_seed_function(&self, name: &str) -> bool {
        matches!(name, "srand" | "srandom" | "seed_r")
    }

    fn is_rng_function(&self, name: &str) -> bool {
        matches!(name, "rand" | "random" | "rand_r")
    }

    fn report_violation_at(
        &self,
        line: usize,
        column: usize,
        func_name: &str,
        violations: &mut Vec<RuleViolation>,
    ) {
        violations.push(RuleViolation {
            rule_id: self.rule_id().to_string(),
            severity: Severity::Medium,
            message: format!(
                "Pseudorandom number generator '{}()' called without proper seeding - will produce predictable sequences",
                func_name
            ),
            file_path: String::new(),
            line,
            column,
            suggestion: Some(format!(
                "Call srand() or srandom() with a non-deterministic seed (e.g., from time() or /dev/urandom) before calling {}()",
                func_name
            )),
            ..Default::default()
        });
    }
}

struct FunctionCall {
    line: usize,
    column: usize,
    func_name: String,
}