Merge branch 'main' into redsun82/rust-qltest-proc-macro

Author: redsun82

cpp/ql/lib/change-notes/2025-06-17-arraytype-typedefs.md

@@ -0,0 +1,4 @@
+---
+category: fix
+---
+* `resolveTypedefs` now properly resolves typedefs for `ArrayType`s.

cpp/ql/lib/semmle/code/cpp/Type.qll

@@ -1589,6 +1589,11 @@ class ArrayType extends DerivedType {
    * Holds if this array is a variable-length array (VLA).
    */
   predicate isVla() { type_is_vla(underlyingElement(this)) }
+
+  override Type resolveTypedefs() {
+    result.(ArrayType).getBaseType() = this.getBaseType().resolveTypedefs() and
+    result.(ArrayType).getArraySize() = this.getArraySize()
+  }
 }
 
 /**

cpp/ql/test/library-tests/resolve_typedefs/ArrayTypedefs.cpp

@@ -0,0 +1,7 @@
+typedef int int_t;
+int_t g1[10];
+int_t g2[2][4];
+
+typedef float float_t;
+float_t arr1[5];
+float_t (*a_pointer)[10];

cpp/ql/test/library-tests/resolve_typedefs/ArrayTypedefs.expected

@@ -0,0 +1,5 @@
+| file://:0:0:0:0 | float_t[5] | file://:0:0:0:0 | float[5] | ArrayTypedefs.cpp:6:9:6:12 | definition of arr1 |
+| file://:0:0:0:0 | float_t[10] | file://:0:0:0:0 | float[10] | ArrayTypedefs.cpp:7:11:7:19 | definition of a_pointer |
+| file://:0:0:0:0 | int_t[2][4] | file://:0:0:0:0 | int[2][4] | ArrayTypedefs.cpp:3:7:3:8 | definition of g2 |
+| file://:0:0:0:0 | int_t[4] | file://:0:0:0:0 | int[4] | ArrayTypedefs.cpp:3:7:3:8 | definition of g2 |
+| file://:0:0:0:0 | int_t[10] | file://:0:0:0:0 | int[10] | ArrayTypedefs.cpp:2:7:2:8 | definition of g1 |

cpp/ql/test/library-tests/resolve_typedefs/ArrayTypedefs.ql

@@ -0,0 +1,4 @@
+import cpp
+
+from ArrayType type
+select type, type.resolveTypedefs(), type.getATypeNameUse()

csharp/ql/integration-tests/posix/query-suite/csharp-code-quality.qls.expected

@@ -1,20 +1,72 @@
 ql/csharp/ql/src/API Abuse/CallToGCCollect.ql
+ql/csharp/ql/src/API Abuse/CallToObsoleteMethod.ql
+ql/csharp/ql/src/API Abuse/ClassImplementsICloneable.ql
 ql/csharp/ql/src/API Abuse/FormatInvalid.ql
 ql/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql
+ql/csharp/ql/src/API Abuse/NullArgumentToEquals.ql
+ql/csharp/ql/src/ASP/BlockCodeResponseWrite.ql
+ql/csharp/ql/src/Bad Practices/CallsUnmanagedCode.ql
+ql/csharp/ql/src/Bad Practices/CatchOfNullReferenceException.ql
 ql/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
+ql/csharp/ql/src/Bad Practices/Declarations/LocalScopeVariableShadowsMember.ql
+ql/csharp/ql/src/Bad Practices/EmptyCatchBlock.ql
+ql/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql
+ql/csharp/ql/src/Bad Practices/Naming Conventions/FieldMasksSuperField.ql
+ql/csharp/ql/src/Bad Practices/Naming Conventions/SameNameAsSuper.ql
+ql/csharp/ql/src/Bad Practices/PathCombine.ql
+ql/csharp/ql/src/Bad Practices/UnmanagedCodeCheck.ql
+ql/csharp/ql/src/CSI/CompareIdenticalValues.ql
 ql/csharp/ql/src/CSI/NullAlways.ql
 ql/csharp/ql/src/CSI/NullMaybe.ql
+ql/csharp/ql/src/Concurrency/FutileSyncOnField.ql
+ql/csharp/ql/src/Concurrency/LockOrder.ql
+ql/csharp/ql/src/Concurrency/LockThis.ql
+ql/csharp/ql/src/Concurrency/LockedWait.ql
 ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
+ql/csharp/ql/src/Documentation/XmldocMissingSummary.ql
+ql/csharp/ql/src/Language Abuse/CastThisToTypeParameter.ql
+ql/csharp/ql/src/Language Abuse/CatchOfGenericException.ql
+ql/csharp/ql/src/Language Abuse/DubiousDowncastOfThis.ql
+ql/csharp/ql/src/Language Abuse/DubiousTypeTestOfThis.ql
 ql/csharp/ql/src/Language Abuse/MissedReadonlyOpportunity.ql
+ql/csharp/ql/src/Language Abuse/MissedTernaryOpportunity.ql
+ql/csharp/ql/src/Language Abuse/MissedUsingOpportunity.ql
+ql/csharp/ql/src/Language Abuse/NestedIf.ql
+ql/csharp/ql/src/Language Abuse/RethrowException.ql
+ql/csharp/ql/src/Language Abuse/SimplifyBoolExpr.ql
+ql/csharp/ql/src/Language Abuse/UnusedPropertyValue.ql
 ql/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql
 ql/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql
+ql/csharp/ql/src/Likely Bugs/Collections/ReadOnlyContainer.ql
+ql/csharp/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql
+ql/csharp/ql/src/Likely Bugs/ConstantComparison.ql
 ql/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql
 ql/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql
+ql/csharp/ql/src/Likely Bugs/EqualsArray.ql
 ql/csharp/ql/src/Likely Bugs/HashedButNoHash.ql
+ql/csharp/ql/src/Likely Bugs/ImpossibleArrayCast.ql
+ql/csharp/ql/src/Likely Bugs/IncomparableEquals.ql
+ql/csharp/ql/src/Likely Bugs/NestedLoopsSameVariable.ql
+ql/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql
+ql/csharp/ql/src/Likely Bugs/RecursiveEquals.ql
 ql/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql
 ql/csharp/ql/src/Likely Bugs/SelfAssignment.ql
+ql/csharp/ql/src/Likely Bugs/Statements/EmptyBlock.ql
+ql/csharp/ql/src/Likely Bugs/Statements/EmptyLockStatement.ql
+ql/csharp/ql/src/Likely Bugs/StaticFieldWrittenByInstance.ql
+ql/csharp/ql/src/Likely Bugs/StringBuilderCharInit.ql
 ql/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql
+ql/csharp/ql/src/Linq/MissedAllOpportunity.ql
+ql/csharp/ql/src/Linq/MissedCastOpportunity.ql
+ql/csharp/ql/src/Linq/MissedOfTypeOpportunity.ql
+ql/csharp/ql/src/Linq/MissedSelectOpportunity.ql
+ql/csharp/ql/src/Linq/MissedWhereOpportunity.ql
+ql/csharp/ql/src/Linq/RedundantSelect.ql
+ql/csharp/ql/src/Performance/StringBuilderInLoop.ql
 ql/csharp/ql/src/Performance/StringConcatenationInLoop.ql
 ql/csharp/ql/src/Performance/UseTryGetValue.ql
 ql/csharp/ql/src/Useless code/DefaultToString.ql
+ql/csharp/ql/src/Useless code/FutileConditional.ql
 ql/csharp/ql/src/Useless code/IntGetHashCode.ql
+ql/csharp/ql/src/Useless code/RedundantToStringCall.ql
+ql/csharp/ql/src/Useless code/UnusedLabel.ql

csharp/ql/src/API Abuse/CallToGCCollect.ql

@@ -5,9 +5,9 @@
  * @problem.severity warning
  * @precision very-high
  * @id cs/call-to-gc
- * @tags efficiency
- *       maintainability
- *       quality
+ * @tags quality
+ *       reliability
+ *       performance
  */
 
 import csharp

csharp/ql/src/API Abuse/CallToObsoleteMethod.ql

@@ -6,8 +6,9 @@
  * @problem.severity warning
  * @precision very-high
  * @id cs/call-to-obsolete-method
- * @tags changeability
+ * @tags quality
  *       maintainability
+ *       changeability
  *       external/cwe/cwe-477
  */
 

csharp/ql/src/API Abuse/ClassImplementsICloneable.ql

@@ -6,7 +6,7 @@
  * @problem.severity recommendation
  * @precision very-high
  * @id cs/class-implements-icloneable
- * @tags reliability
+ * @tags quality
  *       maintainability
  */
 

csharp/ql/src/API Abuse/FormatInvalid.ql

@@ -6,9 +6,9 @@
  * @problem.severity error
  * @precision high
  * @id cs/invalid-string-formatting
- * @tags reliability
- *       maintainability
- *       quality
+ * @tags quality
+ *       reliability
+ *       correctness
  */
 
 import csharp

csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql

@@ -6,9 +6,10 @@
  * @problem.severity warning
  * @precision high
  * @id cs/local-not-disposed
- * @tags efficiency
- *       maintainability
- *       quality
+ * @tags quality
+ *       reliability
+ *       correctness
+ *       efficiency
  *       external/cwe/cwe-404
  *       external/cwe/cwe-459
  *       external/cwe/cwe-460

csharp/ql/src/API Abuse/NullArgumentToEquals.ql

@@ -6,7 +6,8 @@
  * @problem.severity warning
  * @precision high
  * @id cs/null-argument-to-equals
- * @tags reliability
+ * @tags quality
+ *       reliability
  *       correctness
  */
 

csharp/ql/src/ASP/BlockCodeResponseWrite.ql

@@ -5,7 +5,9 @@
  * @problem.severity recommendation
  * @precision high
  * @id cs/asp/response-write
- * @tags maintainability
+ * @tags quality
+ *       maintainability
+ *       readability
  *       frameworks/asp.net
  */
 

csharp/ql/src/Architecture/Refactoring Opportunities/InappropriateIntimacy.ql

@@ -7,6 +7,7 @@
  * @precision high
  * @id cs/coupled-types
  * @tags maintainability
+ *       complexity
  *       modularity
  */
 

csharp/ql/src/Bad Practices/CallsUnmanagedCode.ql

@@ -5,8 +5,9 @@
  * @problem.severity recommendation
  * @precision high
  * @id cs/call-to-unmanaged-code
- * @tags reliability
- *       maintainability
+ * @tags quality
+ *       reliability
+ *       correctness
  */
 
 import csharp

csharp/ql/src/Bad Practices/CatchOfNullReferenceException.ql

@@ -5,8 +5,10 @@
  * @problem.severity warning
  * @precision very-high
  * @id cs/catch-nullreferenceexception
- * @tags reliability
+ * @tags quality
+ *       reliability
  *       correctness
+ *       error-handling
  *       external/cwe/cwe-395
  */
 

csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql

@@ -7,9 +7,9 @@
  * @problem.severity warning
  * @precision very-high
  * @id cs/constant-condition
- * @tags maintainability
+ * @tags quality
+ *       maintainability
  *       readability
- *       quality
  *       external/cwe/cwe-835
  */
 

csharp/ql/src/Bad Practices/Declarations/LocalScopeVariableShadowsMember.ql

@@ -6,7 +6,8 @@
  * @problem.severity recommendation
  * @precision high
  * @id cs/local-shadows-member
- * @tags maintainability
+ * @tags quality
+ *       maintainability
  *       readability
  */
 

csharp/ql/src/Bad Practices/Declarations/TooManyRefParameters.ql

@@ -6,8 +6,9 @@
  * @problem.severity recommendation
  * @precision very-high
  * @id cs/too-many-ref-parameters
- * @tags testability
+ * @tags maintainability
  *       readability
+ *       testability
  */
 
 import csharp

csharp/ql/src/Bad Practices/EmptyCatchBlock.ql

@@ -5,8 +5,9 @@
  * @problem.severity recommendation
  * @precision very-high
  * @id cs/empty-catch-block
- * @tags reliability
- *       readability
+ * @tags quality
+ *       reliability
+ *       error-handling
  *       exceptions
  *       external/cwe/cwe-390
  *       external/cwe/cwe-391

csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql

@@ -6,7 +6,9 @@
  * @problem.severity recommendation
  * @precision high
  * @id cs/expose-implementation
- * @tags reliability
+ * @tags quality
+ *       reliability
+ *       correctness
  *       external/cwe/cwe-485
  */
 

csharp/ql/src/Bad Practices/Naming Conventions/FieldMasksSuperField.ql

@@ -7,7 +7,8 @@
  * @problem.severity warning
  * @precision high
  * @id cs/field-masks-base-field
- * @tags reliability
+ * @tags quality
+ *       maintainability
  *       readability
  *       naming
  */

csharp/ql/src/Bad Practices/Naming Conventions/SameNameAsSuper.ql

@@ -5,7 +5,8 @@
  * @problem.severity recommendation
  * @precision high
  * @id cs/class-name-matches-base-class
- * @tags maintainability
+ * @tags quality
+ *       maintainability
  *       readability
  *       naming
  */

csharp/ql/src/Bad Practices/PathCombine.ql

@@ -5,7 +5,9 @@
  * @problem.severity recommendation
  * @precision very-high
  * @id cs/path-combine
- * @tags reliability
+ * @tags quality
+ *       reliability
+ *       correctness
  */
 
 import csharp

csharp/ql/src/Bad Practices/UnmanagedCodeCheck.ql

@@ -5,8 +5,9 @@
  * @problem.severity recommendation
  * @precision high
  * @id cs/unmanaged-code
- * @tags reliability
- *       maintainability
+ * @tags quality
+ *       reliability
+ *       correctness
  */
 
 import csharp

csharp/ql/src/CSI/CompareIdenticalValues.ql

@@ -7,7 +7,9 @@
  * @problem.severity warning
  * @precision high
  * @id cs/comparison-of-identical-expressions
- * @tags reliability
+ * @tags quality
+ *       reliability
+ *       correctness
  */
 
 import csharp

csharp/ql/src/CSI/NullAlways.ql

@@ -5,11 +5,11 @@
  * @problem.severity error
  * @precision very-high
  * @id cs/dereferenced-value-is-always-null
- * @tags reliability
+ * @tags quality
+ *       reliability
  *       correctness
  *       exceptions
  *       external/cwe/cwe-476
- *       quality
  */
 
 import csharp

csharp/ql/src/CSI/NullMaybe.ql

@@ -6,11 +6,11 @@
  * @problem.severity warning
  * @precision high
  * @id cs/dereferenced-value-may-be-null
- * @tags reliability
+ * @tags quality
+ *       reliability
  *       correctness
  *       exceptions
  *       external/cwe/cwe-476
- *       quality
  */
 
 import csharp

csharp/ql/src/Complexity/BlockWithTooManyStatements.ql

@@ -8,8 +8,8 @@
  * @precision high
  * @id cs/complex-block
  * @tags maintainability
- *       testability
  *       complexity
+ *       testability
  */
 
 import csharp

csharp/ql/src/Complexity/ComplexCondition.ql

@@ -5,8 +5,9 @@
  * @problem.severity recommendation
  * @precision high
  * @id cs/complex-condition
- * @tags testability
+ * @tags maintainability
  *       readability
+ *       testability
  */
 
 import csharp

csharp/ql/src/Concurrency/FutileSyncOnField.ql

@@ -6,9 +6,10 @@
  * @problem.severity error
  * @precision high
  * @id cs/unsafe-sync-on-field
- * @tags reliability
- *       correctness
+ * @tags quality
+ *       reliability
  *       concurrency
+ *       correctness
  *       external/cwe/cwe-662
  *       external/cwe/cwe-366
  */