Merge remote-tracking branch 'origin/main' into michaelrfairhurst/concurrency6-package

2025-01-24 19:36:08 -08:00 · 2025-01-24 19:36:08 -08:00 · 8f5e02c35c
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,8 @@
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      # Check for updates to GitHub Actions every week
+      interval: "weekly"
--- a/.github/workflows/code-scanning-pack-gen.yml
+++ b/.github/workflows/code-scanning-pack-gen.yml
@ -46,7 +46,7 @@ jobs:

      - name: Cache CodeQL
        id: cache-codeql
-        uses: actions/cache@v2.1.3
+        uses: actions/cache@v4
        with:
          path: ${{ github.workspace }}/codeql_home
          key: codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }}
@ -68,16 +68,20 @@ jobs:
      - name: Determine ref for external help files
        id: determine-ref
        run: |
-          if [[ $GITHUB_EVENT_NAME == "pull_request" || $GITHUB_EVENT_NAME == "merge_group" ]]; then
-            echo "EXTERNAL_HELP_REF=$GITHUB_HEAD_REF" >> "$GITHUB_ENV"
+          if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then
+            EXTERNAL_HELP_REF="${{ github.event.pull_request.base.ref }}"
+          elif [[ $GITHUB_EVENT_NAME == "merge_group" ]]; then
+            EXTERNAL_HELP_REF="${{ github.event.merge_group.base_ref }}"
          else
-            echo "EXTERNAL_HELP_REF=$GITHUB_REF" >> "$GITHUB_ENV"
+            EXTERNAL_HELP_REF="$GITHUB_REF"
          fi
+          echo "EXTERNAL_HELP_REF=$EXTERNAL_HELP_REF" >> "$GITHUB_ENV"
          echo "Using ref $EXTERNAL_HELP_REF for external help files."

      - name: Checkout external help files
-        continue-on-error: true
        id: checkout-external-help-files
+        # PRs from forks and dependabot do not have access to an appropriate token for cloning the help files repos
+        if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }}
        uses: actions/checkout@v4
        with:
          ssh-key: ${{ secrets.CODEQL_CODING_STANDARDS_HELP_KEY }}
@ -86,7 +90,7 @@ jobs:
          path: external-help-files

      - name: Include external help files
-        if: steps.checkout-external-help-files.outcome == 'success'
+        if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]'&& steps.checkout-external-help-files.outcome == 'success' }}
        run: |
          pushd external-help-files
          find . -name '*.md' -exec rsync -av --relative {} "$GITHUB_WORKSPACE" \;
--- a/.github/workflows/codeql_unit_tests.yml
+++ b/.github/workflows/codeql_unit_tests.yml
@ -48,7 +48,7 @@ jobs:
        uses: actions/checkout@v4

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

@ -57,7 +57,7 @@ jobs:

      - name: Cache CodeQL
        id: cache-codeql
-        uses: actions/cache@v3
+        uses: actions/cache@v4
        with:
          # A list of files, directories, and wildcard patterns to cache and restore
          path: ${{github.workspace}}/codeql_home
@ -166,7 +166,7 @@ jobs:
    steps:
      - name: Check if run-test-suites job failed to complete, if so fail
        if: ${{ needs.run-test-suites.result == 'failure' }}
-        uses: actions/github-script@v3
+        uses: actions/github-script@v7
        with:
          script: |
            core.setFailed('Test run job failed')
--- a/.github/workflows/dispatch-matrix-test-on-comment.yml
+++ b/.github/workflows/dispatch-matrix-test-on-comment.yml
@ -40,7 +40,7 @@ jobs:
          --json \
            -R github/codeql-coding-standards-release-engineering

-      - uses: actions/github-script@v6
+      - uses: actions/github-script@v7
        if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }}
        with:
          script: |
--- a/.github/workflows/dispatch-release-performance-check.yml
+++ b/.github/workflows/dispatch-release-performance-check.yml
@ -40,7 +40,7 @@ jobs:
          --json \
          -R github/codeql-coding-standards-release-engineering

-      - uses: actions/github-script@v6
+      - uses: actions/github-script@v7
        if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }}
        with:
          script: |
--- a/.github/workflows/extra-rule-validation.yml
+++ b/.github/workflows/extra-rule-validation.yml
@ -21,7 +21,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Check Rules 
        shell: pwsh
@ -33,7 +33,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Ensure CPP Shared Rules Have Valid Structure  
        shell: pwsh
@ -44,13 +44,13 @@ jobs:
        run: scripts/util/Test-SharedImplementationsHaveTestCases.ps1 -Language c -CIMode

        
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
        if: failure()
        with:
          name: missing-test-report.csv
          path: MissingTestReport*.csv

-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
        if: failure()
        with:
          name: test-report.csv
--- a/.github/workflows/finalize-release.yml
+++ b/.github/workflows/finalize-release.yml
@ -52,7 +52,7 @@ jobs:
          path: tooling 
      
      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

--- a/.github/workflows/generate-html-docs.yml
+++ b/.github/workflows/generate-html-docs.yml
@ -20,10 +20,10 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

@ -35,7 +35,7 @@ jobs:
          python scripts/documentation/generate_iso26262_docs.py coding-standards-html-docs

      - name: Upload HTML documentation
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: coding-standards-docs-${{ github.sha }}
          path: coding-standards-html-docs/
--- a/.github/workflows/prepare-release.yml
+++ b/.github/workflows/prepare-release.yml
@ -34,12 +34,12 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          ref: ${{ inputs.ref }}

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

--- a/.github/workflows/standard_library_upgrade_tests.yml
+++ b/.github/workflows/standard_library_upgrade_tests.yml
@ -19,7 +19,7 @@ jobs:
      matrix: ${{ steps.export-unit-test-matrix.outputs.matrix }}
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Export unit test matrix
        id: export-unit-test-matrix
@ -41,16 +41,16 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Setup Python 3
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
        with:
          python-version: "3.x"

      - name: Cache CodeQL
        id: cache-codeql
-        uses: actions/cache@v2.1.3
+        uses: actions/cache@v4
        with:
          # A list of files, directories, and wildcard patterns to cache and restore
          path: ${{github.workspace}}/codeql_home
@ -157,7 +157,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

--- a/.github/workflows/tooling-unit-tests.yml
+++ b/.github/workflows/tooling-unit-tests.yml
@ -22,7 +22,7 @@ jobs:
      matrix: ${{ steps.export-supported-codeql-env-matrix.outputs.matrix }}
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Export supported CodeQL environment matrix
        id: export-supported-codeql-env-matrix
@ -40,10 +40,10 @@ jobs:
      matrix: ${{ fromJSON(needs.prepare-supported-codeql-env-matrix.outputs.matrix) }}
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

@ -52,7 +52,7 @@ jobs:

      - name: Cache CodeQL
        id: cache-codeql
-        uses: actions/cache@v2.1.3
+        uses: actions/cache@v4
        with:
          path: ${{ github.workspace }}/codeql_home
          key: codeql-home-${{ matrix.os }}-${{ matrix.codeql_cli }}-${{ matrix.codeql_standard_library }}
@ -83,10 +83,10 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

@ -102,10 +102,10 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

--- a/.github/workflows/update-release.yml
+++ b/.github/workflows/update-release.yml
@ -34,7 +34,7 @@ jobs:
          ref: ${{ inputs.head-sha }}

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

--- a/.github/workflows/upgrade_codeql_dependencies.yml
+++ b/.github/workflows/upgrade_codeql_dependencies.yml
@ -53,7 +53,7 @@ jobs:
          find c \( -name '*.ql' -or -name '*.qll' \) -print0 | xargs -0 --max-procs "$XARGS_MAX_PROCS" codeql query format --in-place

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
+        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
        with:
          title: "Upgrade `github/codeql` dependency to ${{ github.event.inputs.codeql_cli_version }}"
          body: |
--- a/.github/workflows/validate-package-files.yml
+++ b/.github/workflows/validate-package-files.yml
@ -16,12 +16,12 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          ref: ${{ inputs.ref }}

      - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

--- a/.github/workflows/validate-query-formatting.yml
+++ b/.github/workflows/validate-query-formatting.yml
@ -19,7 +19,7 @@ jobs:
      runs-on: ubuntu-22.04
      steps:
        - name: Checkout
-          uses: actions/checkout@v3
+          uses: actions/checkout@v4
          with:
            ref: ${{ inputs.ref }}

--- a/.github/workflows/validate-query-help.yml
+++ b/.github/workflows/validate-query-help.yml
@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          ref: ${{ inputs.ref }}

--- a/.github/workflows/validate-query-test-case-formatting.yml
+++ b/.github/workflows/validate-query-test-case-formatting.yml
@ -20,7 +20,7 @@ jobs:
      fail-fast: false
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          ref: ${{ inputs.ref }}

--- a/.github/workflows/verify-standard-library-dependencies.yml
+++ b/.github/workflows/verify-standard-library-dependencies.yml
@ -22,7 +22,7 @@ jobs:
      matrix: ${{ steps.export-matrix.outputs.matrix }}
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Export unit test matrix
        id: export-matrix
@ -44,16 +44,16 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4

      - name: Setup Python 3
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.9"

      - name: Cache CodeQL
        id: cache-codeql
-        uses: actions/cache@v2.1.3
+        uses: actions/cache@v4
        with:
          # A list of files, directories, and wildcard patterns to cache and restore
          path: ${{github.workspace}}/codeql_home
--- a/amendments.csv
+++ b/amendments.csv
@ -15,7 +15,7 @@ c,MISRA-C-2012,Amendment4,RULE-11-3,Yes,Expand,No,Easy
 c,MISRA-C-2012,Amendment4,RULE-11-8,Yes,Expand,No,Easy
 c,MISRA-C-2012,Amendment4,RULE-13-2,Yes,Expand,No,Very Hard
 c,MISRA-C-2012,Amendment4,RULE-18-6,Yes,Expand,No,Medium
-c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,No,Easy
+c,MISRA-C-2012,Amendment4,RULE-18-8,Yes,Split,Yes,Easy
 c,MISRA-C-2012,Corrigendum2,RULE-2-2,Yes,Clarification,No,Import
 c,MISRA-C-2012,Corrigendum2,RULE-2-7,Yes,Clarification,No,Import
 c,MISRA-C-2012,Corrigendum2,RULE-3-1,Yes,Refine,No,Easy
--- a/c/cert/src/codeql-pack.lock.yml
+++ b/c/cert/src/codeql-pack.lock.yml
@ -2,17 +2,23 @@
 lockVersion: 1.0.0
 dependencies:
  codeql/cpp-all:
-    version: 0.12.9
+    version: 1.4.2
  codeql/dataflow:
-    version: 0.2.3
+    version: 1.1.1
+  codeql/mad:
+    version: 1.0.7
  codeql/rangeanalysis:
-    version: 0.0.11
+    version: 1.0.7
  codeql/ssa:
-    version: 0.2.12
+    version: 1.0.7
  codeql/tutorial:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/typeflow:
+    version: 1.0.7
  codeql/typetracking:
-    version: 0.2.12
+    version: 1.0.7
  codeql/util:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/xml:
+    version: 1.0.7
 compiled: false
--- a/c/cert/src/qlpack.yml
+++ b/c/cert/src/qlpack.yml
@ -1,8 +1,8 @@
 name: codeql/cert-c-coding-standards
-version: 2.38.0-dev
+version: 2.41.0-dev
 description: CERT C 2016
 suites: codeql-suites
 license: MIT
 dependencies:
  codeql/common-c-coding-standards: '*'
-  codeql/cpp-all: 0.12.9
+  codeql/cpp-all: 1.4.2
--- a/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql
+++ b/c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql
@ -13,7 +13,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import NonArrayPointerToArrayIndexingExprFlow::PathGraph

 /**
--- a/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql
+++ b/c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql
@ -14,7 +14,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Pointers
-import codingstandards.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.TaintTracking
 import ScaledIntegerPointerArithmeticFlow::PathGraph

 /**
--- a/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql
+++ b/c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql
@ -15,8 +15,8 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Concurrency
-import codingstandards.cpp.dataflow.TaintTracking
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.DataFlow

 module TssCreateToTssDeleteConfig implements DataFlow::ConfigSig {
  predicate isSource(DataFlow::Node node) {
--- a/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql
+++ b/c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql
@ -15,8 +15,8 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Concurrency
-import codingstandards.cpp.dataflow.TaintTracking
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.commons.Alloc

 from C11ThreadCreateCall tcc, StackVariable sv, Expr arg, Expr acc
--- a/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql
+++ b/c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql
@ -16,8 +16,8 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Concurrency
-import codingstandards.cpp.dataflow.TaintTracking
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.DataFlow

 from TSSGetFunctionCall tsg, ThreadedFunction tf
 where
--- a/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql
+++ b/c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql
@ -13,7 +13,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 class Source extends StackVariable {
  Source() { not this instanceof Parameter }
--- a/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql
+++ b/c/cert/src/rules/ERR30-C/FunctionCallBeforeErrnoCheck.ql
@ -14,7 +14,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.c.Errno
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 /**
 * A call to an `OutOfBandErrnoSettingFunction`
--- a/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql
+++ b/c/cert/src/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.ql
@ -14,8 +14,8 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.SideEffect
-import codingstandards.cpp.dataflow.DataFlow
-import codingstandards.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.TaintTracking
 import semmle.code.cpp.valuenumbering.GlobalValueNumbering

 /** Holds if the function's return value is derived from the `AliasParamter` p. */
--- a/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql
+++ b/c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql
@ -13,18 +13,7 @@

 import cpp
 import codingstandards.c.cert
-
-/**
- * A struct or union type that contains an array type
- */
-class StructOrUnionTypeWithArrayField extends Struct {
-  StructOrUnionTypeWithArrayField() {
-    this.getAField().getUnspecifiedType() instanceof ArrayType
-    or
-    // nested struct or union containing an array type
-    this.getAField().getUnspecifiedType().(Struct) instanceof StructOrUnionTypeWithArrayField
-  }
-}
+import codingstandards.cpp.lifetimes.CLifetimes

 // Note: Undefined behavior is possible regardless of whether the accessed field from the returned
 // struct is an array or a scalar (i.e. arithmetic and pointer types) member, according to the standard.
--- a/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql
+++ b/c/cert/src/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.ql
@ -14,7 +14,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Alignment
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
 import ExprWithAlignmentToCStyleCastFlow::PathGraph

--- a/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql
+++ b/c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql
@ -13,7 +13,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import SuspectFunctionPointerToCallFlow::PathGraph

 /**
--- a/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql
+++ b/c/cert/src/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.ql
@ -13,7 +13,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.controlflow.Dominance
 import IndirectCastFlow::PathGraph

--- a/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql
+++ b/c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql
@ -12,7 +12,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import CastFlow::PathGraph
 import codingstandards.cpp.SideEffect

--- a/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql
+++ b/c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql
@ -11,7 +11,7 @@
 */

 import cpp
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.controlflow.Dominance
 import codingstandards.c.cert
 import codingstandards.cpp.Variable
--- a/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql
+++ b/c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql
@ -14,7 +14,7 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.FgetsErrorManagement
 import codingstandards.cpp.Dereferenced
-import codingstandards.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.TaintTracking

 /*
 * CFG nodes that follows a successful call to `fgets`
--- a/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql
+++ b/c/cert/src/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql
@ -12,7 +12,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 class FgetposCall extends FunctionCall {
  FgetposCall() { this.getTarget().hasGlobalOrStdName("fgetpos") }
--- a/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql
+++ b/c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql
@ -14,7 +14,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.standardlibrary.FileAccess
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.valuenumbering.GlobalValueNumbering

 /**
--- a/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md
+++ b/c/cert/src/rules/FLP32-C/UncheckedRangeDomainPoleErrors.md
@ -345,7 +345,7 @@ Independent( INT34-C, FLP32-C, INT33-C) CWE-682 = Union( FLP32-C, list) where li

 ## Implementation notes

-None
+This query identifies possible domain, pole and range errors on a selection of C standard library fuctions from math.h.

 ## References

--- a/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql
+++ b/c/cert/src/rules/MEM35-C/InsufficientMemoryAllocatedForObject.ql
@ -16,7 +16,7 @@ import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Overflow
 import semmle.code.cpp.controlflow.Guards
-import codingstandards.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.TaintTracking
 import semmle.code.cpp.models.Models

 /**
--- a/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql
+++ b/c/cert/src/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.ql
@ -15,7 +15,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Alignment
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import AlignedAllocToReallocFlow::PathGraph

 int getStatedValue(Expr e) {
--- a/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql
+++ b/c/cert/src/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.ql
@ -14,7 +14,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 /**
 * The argument of a call to `asctime`
--- a/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql
+++ b/c/cert/src/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql
@ -13,7 +13,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Macro
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 abstract class VaAccess extends Expr { }

--- a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md
+++ b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.md
@ -0,0 +1,210 @@
+# MSC40-C: Do not violate inline linkage constraints
+
+This query implements the CERT-C rule MSC40-C:
+
+> Do not violate constraints
+
+
+## Description
+
+According to the C Standard, 3.8 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\], a constraint is a "restriction, either syntactic or semantic, by which the exposition of language elements is to be interpreted." Despite the similarity of the terms, a runtime constraint is not a kind of constraint.
+
+Violating any *shall* statement within a constraint clause in the C Standard requires an [implementation](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-implementation) to issue a diagnostic message, the C Standard, 5.1.1.3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\] states
+
+> A conforming implementation shall produce at least one diagnostic message (identified in an implementation-defined manner) if a preprocessing translation unit or translation unit contains a violation of any syntax rule or constraint, even if the behavior is also explicitly specified as undefined or implementation-defined. Diagnostic messages need not be produced in other circumstances.
+
+
+The C Standard further explains in a footnote
+
+> The intent is that an implementation should identify the nature of, and where possible localize, each violation. Of course, an implementation is free to produce any number of diagnostics as long as a valid program is still correctly translated. It may also successfully translate an invalid program.
+
+
+Any constraint violation is a violation of this rule because it can result in an invalid program.
+
+## Noncompliant Code Example (Inline, Internal Linkage)
+
+The C Standard, 6.7.4, paragraph 3 \[[ISO/IEC 9899:2011](https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliography#AA.Bibliography-ISO%2FIEC9899-2011)\], states
+
+> An inline definition of a function with external linkage shall not contain a definition of a modifiable object with static or thread storage duration, and shall not contain a reference to an identifier with internal linkage.
+
+
+The motivation behind this constraint lies in the semantics of inline definitions. Paragraph 7 of subclause 6.7.4 reads, in part:
+
+> An inline definition provides an alternative to an external definition, which a translator may use to implement any call to the function in the same translation unit. It is unspecified whether a call to the function uses the inline definition or the external definition.
+
+
+That is, if a function has an external and inline definition, implementations are free to choose which definition to invoke (two distinct invocations of the function may call different definitions, one the external definition, the other the inline definition). Therefore, issues can arise when these definitions reference internally linked objects or mutable objects with static or thread storage duration.
+
+This noncompliant code example refers to a static variable with file scope and internal linkage from within an external inline function:
+
+```cpp
+static int I = 12;
+extern inline void func(int a) {
+  int b = a * I;
+  /* ... */
+}
+
+```
+
+## Compliant Solution (Inline, Internal Linkage)
+
+This compliant solution omits the `static` qualifier; consequently, the variable `I` has external linkage by default:
+
+```cpp
+int I = 12;
+extern inline void func(int a) {
+  int b = a * I;
+  /* ... */
+}
+
+```
+
+## Noncompliant Code Example (inline, Modifiable Static)
+
+This noncompliant code example defines a modifiable `static` variable within an `extern inline` function.
+
+```cpp
+extern inline void func(void) {
+  static int I = 12;
+  /* Perform calculations which may modify I */
+}
+
+```
+
+## Compliant Solution (Inline, Modifiable Static)
+
+This compliant solution removes the `static` keyword from the local variable definition. If the modifications to `I` must be retained between invocations of `func()`, it must be declared at file scope so that it will be defined with external linkage.
+
+```cpp
+extern inline void func(void) {
+  int I = 12;
+  /* Perform calculations which may modify I */
+}
+```
+
+## Noncompliant Code Example (Inline, Modifiable static)
+
+This noncompliant code example includes two translation units: `file1.c` and `file2.c`. The first file, `file1.c`, defines a pseudorandom number generation function:
+
+```cpp
+/* file1.c */
+
+/* Externally linked definition of the function get_random() */
+extern unsigned int get_random(void) {
+  /* Initialize the seeds */
+  static unsigned int m_z = 0xdeadbeef;
+  static unsigned int m_w = 0xbaddecaf;
+
+  /* Compute the next pseudorandom value and update the seeds */
+  m_z = 36969 * (m_z & 65535) + (m_z >> 16);
+  m_w = 18000 * (m_w & 65535) + (m_w >> 16);
+  return (m_z << 16) + m_w;
+}
+
+```
+The left-shift operation in the last line may wrap, but this is permitted by exception INT30-C-EX3 to rule [INT30-C. Ensure that unsigned integer operations do not wrap](https://wiki.sei.cmu.edu/confluence/display/c/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap).
+
+The second file, `file2.c`, defines an `inline` version of this function that references mutable `static` objects—namely, objects that maintain the state of the pseudorandom number generator. Separate invocations of the `get_random()` function can call different definitions, each operating on separate static objects, resulting in a faulty pseudorandom number generator.
+
+```cpp
+/* file2.c */
+
+/* Inline definition of get_random function */
+inline unsigned int get_random(void) {
+  /* 
+   * Initialize the seeds 
+   * Constraint violation: static duration storage referenced
+   * in non-static inline definition
+   */
+  static unsigned int m_z = 0xdeadbeef;
+  static unsigned int m_w = 0xbaddecaf;
+
+  /* Compute the next pseudorandom value and update the seeds */
+  m_z = 36969 * (m_z & 65535) + (m_z >> 16);
+  m_w = 18000 * (m_w & 65535) + (m_w >> 16);
+  return (m_z << 16) + m_w;
+}
+
+int main(void) {
+  unsigned int rand_no;
+  for (int ii = 0; ii < 100; ii++) {
+    /* 
+     * Get a pseudorandom number. Implementation defined whether the
+     * inline definition in this file or the external definition  
+     * in file2.c is called. 
+     */
+    rand_no = get_random();
+    /* Use rand_no... */
+  }
+
+  /* ... */
+
+  /* 
+   * Get another pseudorandom number. Behavior is
+   * implementation defined.
+   */
+  rand_no = get_random();
+  /* Use rand_no... */
+  return 0;
+}
+
+```
+
+## Compliant Solution (Inline, Modifiable static)
+
+This compliant solution adds the `static` modifier to the `inline` function definition in `file2.c`, giving it internal linkage. All references to `get_random()` in `file.2.c` will now reference the internally linked definition. The first file, which was not changed, is not shown here.
+
+```cpp
+/* file2.c */
+
+/* Static inline definition of get_random function */
+static inline unsigned int get_random(void) {
+  /* 
+   * Initialize the seeds. 
+   * No more constraint violation; the inline function is now 
+   * internally linked. 
+   */
+  static unsigned int m_z = 0xdeadbeef;
+  static unsigned int m_w = 0xbaddecaf;
+
+  /* Compute the next pseudorandom value and update the seeds  */
+  m_z = 36969 * (m_z & 65535) + (m_z >> 16);
+  m_w = 18000 * (m_w & 65535) + (m_w >> 16);
+  return (m_z << 16) + m_w;
+}
+
+int main(void) {
+  /* Generate pseudorandom numbers using get_random()... */
+  return 0;
+}
+
+```
+
+## Risk Assessment
+
+Constraint violations are a broad category of error that can result in unexpected control flow and corrupted data.
+
+<table> <tbody> <tr> <th> Rule </th> <th> Severity </th> <th> Likelihood </th> <th> Remediation Cost </th> <th> Priority </th> <th> Level </th> </tr> <tr> <td> MSC40-C </td> <td> Low </td> <td> Unlikely </td> <td> Medium </td> <td> <strong>P2</strong> </td> <td> <strong>L3</strong> </td> </tr> </tbody> </table>
+
+
+## Automated Detection
+
+<table> <tbody> <tr> <th> Tool </th> <th> Version </th> <th> Checker </th> <th> Description </th> </tr> <tr> <td> <a> Astrée </a> </td> <td> 23.04 </td> <td> <strong>alignas-extended</strong> <strong>assignment-to-non-modifiable-lvalue</strong> <strong>cast-pointer-void-arithmetic-implicit</strong> <strong>element-type-incomplete</strong> <strong>function-pointer-integer-cast-implicit</strong> <strong>function-return-type</strong> <strong>inappropriate-pointer-cast-implicit</strong> <strong>incompatible-function-pointer-conversion</strong> <strong>incompatible-object-pointer-conversion</strong> <strong>initializer-excess</strong> <strong>invalid-array-size</strong> <strong>non-constant-static-assert</strong> <strong>parameter-match-type</strong> <strong>pointer-integral-cast-implicit</strong> <strong>pointer-qualifier-cast-const-implicit</strong> <strong>pointer-qualifier-cast-volatile-implicit</strong> <strong>redeclaration</strong> <strong>return-empty</strong> <strong>return-non-empty</strong> <strong>static-assert</strong> <strong>type-compatibility</strong> <strong>type-compatibility-link</strong> <strong>type-specifier</strong> <strong>undeclared-parameter</strong> <strong>unnamed-parameter</strong> </td> <td> Partially checked </td> </tr> <tr> <td> <a> Helix QAC </a> </td> <td> 2023.4 </td> <td> <strong>C0232, C0233, C0244, C0268, C0321, C0322, C0338, C0422, C0423, C0426, C0427, C0429, C0430, C0431, C0432, C0435, C0436, C0437, C0446, C0447, C0448, C0449, C0451, C0452, C0453, C0454, C0456, C0457, C0458, C0460, C0461, C0462, C0463, C0466, C0467, C0468, C0469, C0476, C0477, C0478, C0481, C0482, C0483, C0484, C0485, C0486, C0487, C0493, C0494, C0495, C0496, C0497, C0513, C0514, C0515, C0536, C0537, C0540, C0541, C0542, C0546, C0547, C0550, C0554, C0555, C0556, C0557, C0558, C0559, C0560, C0561, C0562, C0563, C0564, C0565, C0580, C0588, C0589, C0590, C0591, C0605, C0616, C0619, C0620, C0621, C0622, C0627, C0628, C0629, C0631, C0638, C0640, C0641, C0642, C0643, C0644, C0645, C0646, C0649, C0650, C0651, C0653, C0655, C0656, C0657, C0659, C0664, C0665, C0669, C0671, C0673, C0674, C0675, C0677, C0682, C0683, C0684, C0685, C0690, C0698, C0699, C0708, C0709, C0736, C0737, C0738, C0746, C0747, C0755, C0756, C0757, C0758, C0766, C0767, C0768, C0774, C0775, C0801, C0802, C0803, C0804, C0811, C0821, C0834, C0835, C0844, C0845, C0851, C0852, C0866, C0873, C0877, C0940, C0941, C0943, C0944, C1023, C1024, C1025, C1033, C1047, C1048, C1050, C1061, C1062, C3236, C3237, C3238, C3244</strong> <strong>C++4122</strong> </td> <td> </td> </tr> <tr> <td> <a> Klocwork </a> </td> <td> 2023.4 </td> <td> <strong>MISRA.FUNC.STATIC.REDECL</strong> </td> <td> </td> </tr> <tr> <td> <a> LDRA tool suite </a> </td> <td> 9.7.1 </td> <td> <strong>21 S, 145 S, 323 S, 345 S, 387 S, 404 S, 481 S, 580 S, 612 S, 615 S, 646 S</strong> </td> <td> </td> </tr> <tr> <td> <a> Parasoft C/C++test </a> </td> <td> 2023.1 </td> <td> <strong>CERT_C-MSC40-a</strong> </td> <td> An inline definition of a function with external linkage shall not contain definitions and uses of static objects </td> </tr> <tr> <td> <a> Polyspace Bug Finder </a> </td> <td> </td> <td> <a> CERT C: Rule MSC40-C </a> </td> <td> Checks for inline constraint not respected (rule partially covered) </td> </tr> <tr> <td> <a> RuleChecker </a> </td> <td> 23.04 </td> <td> <strong>alignas-extended</strong> <strong>assignment-to-non-modifiable-lvalue</strong> <strong>cast-pointer-void-arithmetic-implicit</strong> <strong>element-type-incomplete</strong> <strong>function-pointer-integer-cast-implicit</strong> <strong>function-return-type</strong> <strong>inappropriate-pointer-cast-implicit</strong> <strong>incompatible-function-pointer-conversion</strong> <strong>incompatible-object-pointer-conversion</strong> <strong>initializer-excess</strong> <strong>invalid-array-size</strong> <strong>non-constant-static-assert</strong> <strong>parameter-match-type</strong> <strong>pointer-integral-cast-implicit</strong> <strong>pointer-qualifier-cast-const-implicit</strong> <strong>pointer-qualifier-cast-volatile-implicit</strong> <strong>redeclaration</strong> <strong>return-empty</strong> <strong>return-non-empty</strong> <strong>static-assert</strong> <strong>type-compatibility</strong> <strong>type-compatibility-link</strong> <strong>type-specifier</strong> <strong>undeclared-parameter</strong> <strong>unnamed-parameter</strong> </td> <td> Partially checked </td> </tr> </tbody> </table>
+
+
+## Related Vulnerabilities
+
+Search for [vulnerabilities](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-vulnerability) resulting from the violation of this rule on the [CERT website](https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+MSC40-C).
+
+## Bibliography
+
+<table> <tbody> <tr> <td> \[ <a> ISO/IEC 9899:2011 </a> \] </td> <td> 4, "Conformance" 5.1.1.3, "Diagnostics" 6.7.4, "Function Specifiers" </td> </tr> </tbody> </table>
+
+
+## Implementation notes
+
+This query only considers the constraints related to inline extern functions.
+
+## References
+
+* CERT-C: [MSC40-C: Do not violate constraints](https://wiki.sei.cmu.edu/confluence/display/c)
--- a/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql
+++ b/c/cert/src/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql
@ -0,0 +1,59 @@
+/**
+ * @id c/cert/do-not-violate-in-line-linkage-constraints
+ * @name MSC40-C: Do not violate inline linkage constraints
+ * @description Inlined external functions are prohibited by the language standard from defining
+ *              modifiable static or thread storage objects, or referencing identifiers with
+ *              internal linkage.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/cert/id/msc40-c
+ *       correctness
+ *       external/cert/obligation/rule
+ */
+
+import cpp
+import codingstandards.c.cert
+import codingstandards.cpp.Linkage
+
+/*
+ * This is C specific, because in C++ all extern function definitions must be identical.
+ * Only in C is it permitted for an extern function to be defined in multiple translation
+ * units with different implementations, when using the inline keyword.
+ */
+
+from Element accessOrDecl, Variable v, Function f, string message
+where
+  not isExcluded(f, ContractsPackage::doNotViolateInLineLinkageConstraintsQuery()) and
+  f.isInline() and
+  hasExternalLinkage(f) and
+  // Pre-emptively exclude compiler generated functions
+  not f.isCompilerGenerated() and
+  // This rule does not apply to C++, but exclude C++ specific cases anyway
+  not f instanceof MemberFunction and
+  not f.isFromUninstantiatedTemplate(_) and
+  (
+    // There exists a modifiable local variable which is static or thread local
+    exists(LocalVariable lsv, string storageModifier |
+      lsv.isStatic() and storageModifier = "Static"
+      or
+      lsv.isThreadLocal() and storageModifier = "Thread-local"
+    |
+      lsv.getFunction() = f and
+      not lsv.isConst() and
+      accessOrDecl = lsv and
+      message = storageModifier + " local variable $@ declared" and
+      v = lsv
+    )
+    or
+    // References an identifier with internal linkage
+    exists(GlobalOrNamespaceVariable gv |
+      accessOrDecl = v.getAnAccess() and
+      accessOrDecl.(VariableAccess).getEnclosingFunction() = f and
+      hasInternalLinkage(v) and
+      message = "Identifier $@ with internal linkage referenced" and
+      v = gv
+    )
+  )
+select accessOrDecl, message + " in the extern inlined function $@.", v, v.getName(), f,
+  f.getQualifiedName()
--- a/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql
+++ b/c/cert/src/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql
@ -14,7 +14,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.c.Signal
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 /**
 * Does not access an external variable except
--- a/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql
+++ b/c/cert/src/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.ql
@ -14,7 +14,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.c.Signal
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 /**
 * CFG nodes preceeding a `ReturnStmt`
--- a/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql
+++ b/c/cert/src/rules/STR30-C/DoNotAttemptToModifyStringLiterals.ql
@ -14,7 +14,7 @@
 import cpp
 import codingstandards.c.cert
 import semmle.code.cpp.security.BufferWrite
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 /**
 * Class that includes into `BufferWrite` functions that will modify their
--- a/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql
+++ b/c/cert/src/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.ql
@ -15,7 +15,7 @@

 import cpp
 import codingstandards.c.cert
-import codingstandards.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.TaintTracking
 import codingstandards.cpp.PossiblyUnsafeStringOperation

 /**
--- a/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql
+++ b/c/cert/src/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.ql
@ -15,7 +15,7 @@
 import cpp
 import codingstandards.c.cert
 import codingstandards.cpp.Naming
-import codingstandards.cpp.dataflow.TaintTracking
+import semmle.code.cpp.dataflow.TaintTracking
 import codingstandards.cpp.PossiblyUnsafeStringOperation
 import semmle.code.cpp.valuenumbering.GlobalValueNumbering

--- a/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql
+++ b/c/cert/src/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql
@ -14,18 +14,11 @@

 import cpp
 import codingstandards.c.cert
-import semmle.code.cpp.commons.CommonType
+import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes

-from Cast c
-where
-  not isExcluded(c, Strings3Package::castCharBeforeConvertingToLargerSizesQuery()) and
-  // find cases where there is a conversion happening wherein the
-  // base type is a char
-  c.getExpr().getType() instanceof CharType and
-  not c.getExpr().getType() instanceof UnsignedCharType and
-  // it's a bigger type
-  c.getType().getSize() > c.getExpr().getType().getSize() and
-  // and it's some kind of integer type
-  c.getType() instanceof IntegralType
-select c.getExpr(),
-  "Expression not converted to `unsigned char` before converting to a larger integer type."
+class CastCharBeforeConvertingToLargerSizesQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery
+{
+  CastCharBeforeConvertingToLargerSizesQuery() {
+    this = Strings3Package::castCharBeforeConvertingToLargerSizesQuery()
+  }
+}
--- a/c/cert/test/codeql-pack.lock.yml
+++ b/c/cert/test/codeql-pack.lock.yml
@ -2,17 +2,23 @@
 lockVersion: 1.0.0
 dependencies:
  codeql/cpp-all:
-    version: 0.12.9
+    version: 1.4.2
  codeql/dataflow:
-    version: 0.2.3
+    version: 1.1.1
+  codeql/mad:
+    version: 1.0.7
  codeql/rangeanalysis:
-    version: 0.0.11
+    version: 1.0.7
  codeql/ssa:
-    version: 0.2.12
+    version: 1.0.7
  codeql/tutorial:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/typeflow:
+    version: 1.0.7
  codeql/typetracking:
-    version: 0.2.12
+    version: 1.0.7
  codeql/util:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/xml:
+    version: 1.0.7
 compiled: false
--- a/c/cert/test/qlpack.yml
+++ b/c/cert/test/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/cert-c-coding-standards-tests
-version: 2.38.0-dev
+version: 2.41.0-dev
 extractor: cpp
 license: MIT
 dependencies:
--- a/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected
+++ b/c/cert/test/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.expected
@ -1,3 +1,5 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:104,11-19)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (VariableLengthArraySizeNotInValidRange.ql:87,5-18)
 | test.c:14:8:14:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. |
 | test.c:15:8:15:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. |
 | test.c:16:8:16:8 | VLA declaration | Variable-length array dimension size may be in an invalid range. |
--- a/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected
+++ b/c/cert/test/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.expected
@ -1,3 +1,8 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:23,60-68)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:24,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:36,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:44,26-34)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql:65,3-11)
 edges
 | test.c:14:38:14:39 | p1 | test.c:18:10:18:11 | v1 | provenance |  |
 | test.c:14:38:14:39 | p1 | test.c:19:10:19:11 | v2 | provenance |  |
--- a/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected
+++ b/c/cert/test/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.expected
@ -1,3 +1,7 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:72,56-64)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:73,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:75,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAddOrSubtractAScaledIntegerToAPointer.ql:84,45-53)
 edges
 | test.c:7:13:7:14 | p1 | test.c:9:9:9:10 | p1 | provenance |  |
 | test.c:16:19:16:41 | ... - ... | test.c:18:26:18:31 | offset | provenance |  |
--- a/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected
+++ b/c/cert/test/rules/CON30-C/CleanUpThreadSpecificStorage.expected
@ -1,3 +1,9 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:21,46-54)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:22,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:31,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:41,35-43)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:49,36-44)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CleanUpThreadSpecificStorage.ql:51,36-44)
 | test.c:27:3:27:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. |
 | test.c:49:3:49:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. |
 | test.c:71:3:71:12 | call to tss_create | Resources used by thread specific storage may not be cleaned up. |
--- a/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected
+++ b/c/cert/test/rules/CON34-C/AppropriateThreadObjectStorageDurations.expected
@ -1,3 +1,11 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,29-37)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,54-62)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:35,62-70)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,5-13)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:40,30-38)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,5-13)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:41,30-38)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (AppropriateThreadObjectStorageDurations.ql:28,3-16)
 | test.c:23:3:23:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:23:24:23:29 | & ... | Shared object |
 | test.c:74:3:74:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:74:24:74:24 | p | Shared object |
 | test.c:85:3:85:13 | call to thrd_create | $@ not declared with appropriate storage duration | test.c:85:24:85:24 | p | Shared object |
--- a/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected
+++ b/c/cert/test/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.expected
@ -1 +1,6 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:28,38-46)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,5-13)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:31,30-38)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,5-13)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ThreadObjectStorageDurationsNotInitialized.ql:32,30-38)
 | test.c:14:7:14:13 | call to tss_get | Call to a thread specific storage function from within a threaded context on an object that may not be owned by this thread. |
--- a/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected
+++ b/c/cert/test/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.expected
@ -1,2 +1,7 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:22,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:26,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,6-14)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:39,26-34)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (AppropriateStorageDurationsFunctionReturn.ql:45,3-11)
 | test.c:3:10:3:10 | a | $@ with automatic storage may be accessible outside of its lifetime. | test.c:3:10:3:10 | a | a |
 | test.c:15:4:15:8 | param [inner post update] | $@ with automatic storage may be accessible outside of its lifetime. | test.c:15:12:15:13 | a2 | a2 |
--- a/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected
+++ b/c/cert/test/rules/ERR30-C/ErrnoReadBeforeReturn.expected
@ -1,3 +1,4 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ErrnoReadBeforeReturn.ql:40,7-15)
 | test.c:69:7:69:11 | * ... | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell |
 | test.c:69:7:69:11 | call to __errno_location | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell |
 | test.c:70:5:70:10 | call to perror | Do not read `errno` before checking the return value of function $@. | test.c:68:3:68:7 | call to ftell | call to ftell |
--- a/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected
+++ b/c/cert/test/rules/ERR30-C/SetlocaleMightSetErrno.expected
@ -1,2 +1,3 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (SetlocaleMightSetErrno.ql:64,7-15)
 | test.c:98:3:98:11 | call to setlocale | Do not read `errno` before checking the return value of a call to `setlocale`. |
 | test.c:104:7:104:15 | call to setlocale | The value of `errno` may be different than `0` when `setlocale` is called. The following `errno` check might be invalid. |
--- a/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected
+++ b/c/cert/test/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.expected
@ -1,3 +1,7 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,7-15)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:50,27-35)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:51,9-17)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotRelyOnIndeterminateValuesOfErrno.ql:54,9-17)
 | test.c:12:5:12:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:10:21:10:26 | call to signal | call to signal |
 | test.c:30:5:30:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:26:21:26:26 | call to signal | call to signal |
 | test.c:49:5:49:10 | call to perror | `errno` has indeterminate value after this $@. | test.c:45:21:45:26 | call to signal | call to signal |
--- a/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected
+++ b/c/cert/test/rules/ERR33-C/DetectAndHandleStandardLibraryErrors.expected
@ -1,3 +1,4 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DetectAndHandleStandardLibraryErrors.ql:453,5-13)
 | test.c:18:3:18:11 | call to setlocale | Missing error detection for the call to function `setlocale`. |
 | test.c:24:23:24:31 | call to setlocale | Missing error detection for the call to function `setlocale`. |
 | test.c:29:22:29:27 | call to calloc | Missing error detection for the call to function `calloc`. |
--- a/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected
+++ b/c/cert/test/rules/EXP30-C/DependenceOnOrderOfFunctionArgumentsForSideEffects.expected
@ -1 +1,25 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,59-67)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,33-41)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,57-65)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,33-41)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,59-67)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,5-13)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,25-33)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:40,53-61)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,57-65)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,55-63)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,57-65)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,55-63)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:24,5-18)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:27,7-20)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:31,7-20)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:43,5-18)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:52,5-18)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:59,5-18)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (DependenceOnOrderOfFunctionArgumentsForSideEffects.ql:71,5-18)
 | test.c:20:3:20:4 | call to f1 | Depending on the order of evaluation for the arguments $@ and $@ for side effects on shared state is unspecified and can result in unexpected behavior. | test.c:20:6:20:7 | call to f2 | call to f2 | test.c:20:12:20:13 | call to f3 | call to f3 |
--- a/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected
+++ b/c/cert/test/rules/EXP36-C/DoNotCastPointerToMoreStrictlyAlignedPointerType.expected
@ -1,3 +1,13 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:98,86-94)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:120,3-11)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:122,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:127,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:133,3-11)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:139,55-63)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:140,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:142,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:149,26-34)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCastPointerToMoreStrictlyAlignedPointerType.ql:164,44-52)
 edges
 | test.c:75:14:75:16 | & ... | test.c:76:11:76:12 | v1 | provenance |  |
 | test.c:75:14:75:16 | & ... | test.c:77:12:77:13 | v1 | provenance |  |
--- a/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected
+++ b/c/cert/test/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.expected
@ -1,3 +1,7 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:40,54-62)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:41,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:45,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallFunctionPointerWithIncompatibleType.ql:50,43-51)
 edges
 | test.c:48:68:48:70 | fns [f1] | test.c:49:3:49:5 | fns [f1] | provenance |  |
 | test.c:49:3:49:5 | fns [f1] | test.c:49:8:49:9 | f1 | provenance |  |
--- a/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected
+++ b/c/cert/test/rules/EXP39-C/DoNotAccessVariableViaPointerOfIncompatibleType.expected
@ -1,3 +1,10 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:61,38-46)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:64,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:69,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:102,23-31)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,5-13)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:111,45-53)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAccessVariableViaPointerOfIncompatibleType.ql:133,27-35)
 edges
 | test.c:49:8:49:9 | s3 | test.c:50:8:50:9 | s1 | provenance |  |
 | test.c:60:16:60:18 | E1A | test.c:61:16:61:17 | e1 | provenance |  |
@ -9,7 +16,7 @@ edges
 | test.c:97:32:97:37 | call to malloc | test.c:98:40:98:41 | s2 | provenance |  |
 | test.c:98:32:98:38 | call to realloc | test.c:99:3:99:4 | s3 | provenance |  |
 | test.c:98:32:98:38 | call to realloc | test.c:100:10:100:11 | s3 | provenance |  |
-| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | provenance |  |
+| test.c:98:40:98:41 | s2 | test.c:98:32:98:38 | call to realloc | provenance | Config |
 nodes
 | test.c:6:19:6:20 | & ... | semmle.label | & ... |
 | test.c:11:10:11:11 | & ... | semmle.label | & ... |
--- a/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected
+++ b/c/cert/test/rules/EXP40-C/DoNotModifyConstantObjects.expected
@ -1,3 +1,7 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:35,30-38)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:36,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:42,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyConstantObjects.ql:47,19-27)
 edges
 | test.c:5:8:5:9 | & ... | test.c:6:4:6:5 | aa | provenance |  |
 | test.c:26:15:26:15 | a | test.c:27:4:27:4 | a | provenance |  |
--- a/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected
+++ b/c/cert/test/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.expected
@ -1,3 +1,10 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:42,57-65)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:43,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:47,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:53,3-11)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:56,58-66)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:72,64-72)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (RestrictPointerReferencesOverlappingObject.ql:73,64-72)
 | test.c:18:22:18:23 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:18:17:18:18 | i3 | i3 | test.c:18:22:18:23 | i2 | the object pointed to by i2 |
 | test.c:19:8:19:9 | g2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:5:15:5:16 | g1 | g1 | test.c:19:8:19:9 | g2 | the object pointed to by g2 |
 | test.c:20:8:20:9 | i2 | Assignment to restrict-qualified pointer $@ results in pointers aliasing $@. | test.c:16:17:16:18 | i1 | i1 | test.c:20:8:20:9 | i2 | the object pointed to by i2 |
--- a/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected
+++ b/c/cert/test/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.expected
@ -1,3 +1,6 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,11-19)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:42,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ResetStringsOnFgetsOrFgetwsFailure.ql:43,13-21)
 | test.c:20:10:20:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:15:7:15:11 | call to fgets | call to fgets |
 | test.c:57:10:57:12 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:52:7:52:11 | call to fgets | call to fgets |
 | test.c:66:18:66:20 | buf | The buffer is not reset before being referenced following a failed $@. | test.c:61:7:61:11 | call to fgets | call to fgets |
--- a/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected
+++ b/c/cert/test/rules/FIO44-C/OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.expected
@ -1,2 +1,7 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:25,32-40)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:26,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:28,14-22)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:31,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (OnlyUseValuesForFsetposThatAreReturnedFromFgetpos.ql:37,21-29)
 | test.c:7:24:7:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. |
 | test.c:33:24:33:30 | & ... | The position argument of a call to `fsetpos()` should be obtained from a call to `fgetpos()`. |
--- a/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected
+++ b/c/cert/test/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.expected
@ -1,2 +1,3 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (ToctouRaceConditionsWhileAccessingFiles.ql:27,35-43)
 | test.c:4:13:4:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:11:9:11:13 | call to fopen | another call |
 | test.c:88:13:88:17 | call to fopen | This call is trying to prevent an existing file from being overwritten by $@. An attacker might be able to exploit the race window between the two calls. | test.c:95:9:95:13 | call to fopen | another call |
--- a/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected
+++ b/c/cert/test/rules/MEM35-C/InsufficientMemoryAllocatedForObject.expected
@ -1,3 +1,5 @@
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:85,5-18)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (InsufficientMemoryAllocatedForObject.ql:143,5-18)
 | test.c:12:19:12:24 | call to malloc | Allocation size (32 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:12:26:12:32 | 32 |  |
 | test.c:15:19:15:24 | call to malloc | Allocation size calculated from the size of a different type ($@). | test.c:15:26:15:35 | sizeof(<expr>) | sizeof(S1 *) |
 | test.c:20:19:20:24 | call to malloc | Allocation size (128 bytes) is not a multiple of the size of 'S1' (36 bytes). | test.c:20:26:20:36 | ... * ... |  |
--- a/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected
+++ b/c/cert/test/rules/MEM36-C/DoNotModifyAlignmentOfMemoryWithRealloc.expected
@ -1,3 +1,8 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:26,36-44)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:40,47-55)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:41,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:45,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotModifyAlignmentOfMemoryWithRealloc.ql:50,36-44)
 edges
 | test.c:5:10:5:22 | call to aligned_alloc | test.c:15:8:15:28 | call to aligned_alloc_wrapper | provenance |  |
 | test.c:8:29:8:31 | ptr | test.c:8:64:8:66 | ptr | provenance |  |
--- a/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected
+++ b/c/cert/test/rules/MSC33-C/DoNotPassInvalidDataToTheAsctimeFunction.expected
@ -1 +1,5 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:33,38-46)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:34,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:41,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotPassInvalidDataToTheAsctimeFunction.ql:44,27-35)
 | test.c:6:24:6:30 | time_tm | The function `asctime` and `asctime_r` should be discouraged. Unsanitized input can overflow the output buffer. |
--- a/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected
+++ b/c/cert/test/rules/MSC39-C/DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.expected
@ -1,3 +1,10 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:38,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:39,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:44,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:47,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:68,10-18)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:69,29-37)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotCallVaArgOnAVaListThatHasAnIndeterminateValue.ql:70,29-37)
 | test.c:23:32:23:33 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero |
 | test.c:26:10:26:11 | ap | The value of ap is indeterminate after the $@. | test.c:17:7:17:19 | call to contains_zero | call to contains_zero |
 | test.c:39:12:39:13 | ap | The value of ap is indeterminate after the $@. | test.c:35:7:35:19 | call to contains_zero | call to contains_zero |
--- a/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.expected
+++ b/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.expected
@ -0,0 +1,6 @@
+| test.c:6:14:6:14 | i | Static local variable $@ declared in the extern inlined function $@. | test.c:6:14:6:14 | i | i | test.c:5:20:5:24 | test1 | test1 |
+| test.c:7:3:7:4 | g1 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:1:12:1:13 | g1 | g1 | test.c:5:20:5:24 | test1 | test1 |
+| test.c:9:3:9:4 | g3 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:3:11:3:12 | g3 | g3 | test.c:5:20:5:24 | test1 | test1 |
+| test.c:27:14:27:14 | i | Static local variable $@ declared in the extern inlined function $@. | test.c:27:14:27:14 | i | i | test.c:26:13:26:17 | test4 | test4 |
+| test.c:28:3:28:4 | g1 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:1:12:1:13 | g1 | g1 | test.c:26:13:26:17 | test4 | test4 |
+| test.c:30:3:30:4 | g3 | Identifier $@ with internal linkage referenced in the extern inlined function $@. | test.c:3:11:3:12 | g3 | g3 | test.c:26:13:26:17 | test4 | test4 |
--- a/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.qlref
+++ b/c/cert/test/rules/MSC40-C/DoNotViolateInLineLinkageConstraints.qlref
@ -0,0 +1 @@
+rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql
--- a/c/cert/test/rules/MSC40-C/test.c
+++ b/c/cert/test/rules/MSC40-C/test.c
@ -0,0 +1,31 @@
+static int g1 = 0;
+extern int g2 = 1;
+const int g3 = 1; // defaults to internal linkage
+
+extern inline void test1() {
+  static int i = 0; // NON_COMPLIANT
+  g1++;             // NON_COMPLIANT
+  g2++;             // COMPLIANT
+  g3;               // NON_COMPLIANT
+}
+
+extern void test2() {
+  static int i = 0; // COMPLIANT
+  g1++;             // COMPLIANT
+  g2++;             // COMPLIANT
+  g3;               // COMPLIANT
+}
+
+void test3() {
+  static int i = 0; // COMPLIANT
+  g1++;             // COMPLIANT
+  g2++;             // COMPLIANT
+  g3;               // COMPLIANT
+}
+
+inline void test4() {
+  static int i = 0; // NON_COMPLIANT
+  g1++;             // NON_COMPLIANT
+  g2++;             // COMPLIANT
+  g3;               // NON_COMPLIANT
+}
--- a/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected
+++ b/c/cert/test/rules/SIG30-C/CallOnlyAsyncSafeFunctionsWithinSignalHandlers.expected
@ -1,3 +1,6 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,11-19)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:105,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (CallOnlyAsyncSafeFunctionsWithinSignalHandlers.ql:106,9-17)
 | test.c:10:3:10:18 | call to log_local_unsafe | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler |
 | test.c:11:3:11:6 | call to free | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:16:7:16:12 | call to signal | signal handler |
 | test.c:46:3:46:9 | call to longjmp | Asyncronous-unsafe function calls within a $@ can lead to undefined behavior. | test.c:50:7:50:12 | call to signal | signal handler |
--- a/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected
+++ b/c/cert/test/rules/SIG35-C/DoNotReturnFromAComputationalExceptionHandler.expected
@ -1 +1,2 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotReturnFromAComputationalExceptionHandler.ql:39,5-13)
 | test.c:10:1:10:1 | return ... | Do not return from a $@ signal handler. | test.c:13:10:13:15 | SIGFPE | computational exception |
--- a/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected
+++ b/c/cert/test/rules/STR30-C/DoNotAttemptToModifyStringLiterals.expected
@ -1,3 +1,18 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:42,65-73)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:43,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:64,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:77,3-11)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,11-19)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:101,55-63)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,11-19)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:106,57-65)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,11-19)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:139,55-63)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:150,53-61)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (DoNotAttemptToModifyStringLiterals.ql:151,5-13)
 | test.c:7:3:7:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:6:13:6:20 | codeql | created here |
 | test.c:30:3:30:3 | a | This operation may write to a string that may be a string literal that was $@. | test.c:29:13:29:18 | call to strchr | created here |
 | test.c:36:3:36:3 | b | This operation may write to a string that may be a string literal that was $@. | test.c:35:13:35:18 | call to strchr | created here |
--- a/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected
+++ b/c/cert/test/rules/STR31-C/StringsHasSufficientSpaceForTheNullTerminator.expected
@ -1,3 +1,9 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,55-63)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,54-62)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:57,5-18)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (StringsHasSufficientSpaceForTheNullTerminator.ql:63,5-18)
 | test.c:10:20:10:24 | Cod | Expression produces or consumes a string that may not have sufficient space for a null-terminator. |
 | test.c:16:3:16:9 | call to strncpy | Expression produces or consumes a string that may not have sufficient space for a null-terminator. |
 | test.c:26:3:26:10 | call to snprintf | Expression produces or consumes a string that may not have sufficient space for a null-terminator. |
--- a/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected
+++ b/c/cert/test/rules/STR32-C/NonNullTerminatedToFunctionThatExpectsAString.expected
@ -1,3 +1,13 @@
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:64,31-39)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:66,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:74,39-47)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:75,20-28)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:81,22-30)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,34-42)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:83,57-65)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,3-11)
+WARNING: module 'DataFlow' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:123,26-34)
+WARNING: module 'TaintTracking' has been deprecated and may be removed in future (NonNullTerminatedToFunctionThatExpectsAString.ql:120,17-30)
 | test.c:20:3:20:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression |
 | test.c:21:3:21:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:8:20:8:24 | Cod | this expression |
 | test.c:23:3:23:8 | call to printf | String modified by $@ is passed to function expecting a null-terminated string. | test.c:14:3:14:9 | call to strncpy | this expression |
--- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected
+++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.expected
@ -1,21 +0,0 @@
-| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:28:11:28:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:11:29:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:31:11:31:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:32:11:32:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:33:11:33:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:34:11:34:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:35:11:35:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:36:3:36:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:36:11:36:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:37:11:37:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:38:11:38:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:39:11:39:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:40:12:40:13 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
--- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.qlref
+++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.qlref
@ -1 +0,0 @@
-rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql
--- a/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref
+++ b/c/cert/test/rules/STR34-C/CastCharBeforeConvertingToLargerSizes.testref
@ -0,0 +1 @@
+c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql
--- a/c/common/src/codeql-pack.lock.yml
+++ b/c/common/src/codeql-pack.lock.yml
@ -2,17 +2,23 @@
 lockVersion: 1.0.0
 dependencies:
  codeql/cpp-all:
-    version: 0.12.9
+    version: 1.4.2
  codeql/dataflow:
-    version: 0.2.3
+    version: 1.1.1
+  codeql/mad:
+    version: 1.0.7
  codeql/rangeanalysis:
-    version: 0.0.11
+    version: 1.0.7
  codeql/ssa:
-    version: 0.2.12
+    version: 1.0.7
  codeql/tutorial:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/typeflow:
+    version: 1.0.7
  codeql/typetracking:
-    version: 0.2.12
+    version: 1.0.7
  codeql/util:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/xml:
+    version: 1.0.7
 compiled: false
--- a/c/common/src/codingstandards/c/Errno.qll
+++ b/c/common/src/codingstandards/c/Errno.qll
@ -1,7 +1,7 @@
 /** Provides a library for errno-setting functions. */

 import cpp
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 /**
 * An errno-setting function
--- a/c/common/src/codingstandards/c/OutOfBounds.qll
+++ b/c/common/src/codingstandards/c/OutOfBounds.qll
@ -11,7 +11,7 @@ import codingstandards.cpp.Allocations
 import codingstandards.cpp.Overflow
 import codingstandards.cpp.PossiblyUnsafeStringOperation
 import codingstandards.cpp.SimpleRangeAnalysisCustomizations
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow
 import semmle.code.cpp.valuenumbering.GlobalValueNumbering

 module OOB {
--- a/c/common/src/codingstandards/c/Signal.qll
+++ b/c/common/src/codingstandards/c/Signal.qll
@ -1,5 +1,5 @@
 import cpp
-import codingstandards.cpp.dataflow.DataFlow
+import semmle.code.cpp.dataflow.DataFlow

 /**
 * A signal corresponding to a computational exception
--- a/c/common/src/qlpack.yml
+++ b/c/common/src/qlpack.yml
@ -1,6 +1,6 @@
 name: codeql/common-c-coding-standards
-version: 2.38.0-dev
+version: 2.41.0-dev
 license: MIT
 dependencies:
  codeql/common-cpp-coding-standards: '*'
-  codeql/cpp-all: 0.12.9
+  codeql/cpp-all: 1.4.2
--- a/c/common/test/codeql-pack.lock.yml
+++ b/c/common/test/codeql-pack.lock.yml
@ -2,17 +2,23 @@
 lockVersion: 1.0.0
 dependencies:
  codeql/cpp-all:
-    version: 0.12.9
+    version: 1.4.2
  codeql/dataflow:
-    version: 0.2.3
+    version: 1.1.1
+  codeql/mad:
+    version: 1.0.7
  codeql/rangeanalysis:
-    version: 0.0.11
+    version: 1.0.7
  codeql/ssa:
-    version: 0.2.12
+    version: 1.0.7
  codeql/tutorial:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/typeflow:
+    version: 1.0.7
  codeql/typetracking:
-    version: 0.2.12
+    version: 1.0.7
  codeql/util:
-    version: 0.2.12
+    version: 1.0.7
+  codeql/xml:
+    version: 1.0.7
 compiled: false
--- a/c/common/test/qlpack.yml
+++ b/c/common/test/qlpack.yml
@ -1,5 +1,5 @@
 name: codeql/common-c-coding-standards-tests
-version: 2.38.0-dev
+version: 2.41.0-dev
 extractor: cpp
 license: MIT
 dependencies:
--- a/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected
+++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected
@ -0,0 +1,21 @@
+| test.c:9:7:9:14 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:11:30:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:31:3:31:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:31:11:31:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:33:11:33:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:34:11:34:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:35:3:35:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:35:11:35:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:36:3:36:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:36:11:36:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:37:3:37:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:37:11:37:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:38:3:38:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:38:11:38:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:39:11:39:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:11:40:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (unsigned int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:11:41:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:12:42:13 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:11:44:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:45:11:45:12 | (int)... | Expression not converted to `unsigned char` before converting to a larger integer type. |
--- a/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.clang
+++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.clang
@ -1,8 +1,6 @@
-| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
@ -10,6 +8,8 @@
 | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:11:44:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:45:11:45:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
--- a/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.gcc
+++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.gcc
@ -1,8 +1,6 @@
-| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
@ -10,6 +8,8 @@
 | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:42:11:42:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:43:11:43:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:11:44:12 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
--- a/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.qcc
+++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.expected.qcc
@ -1,8 +1,6 @@
-| test.c:7:7:7:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:28:3:28:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:29:3:29:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:9:7:9:14 | * ... | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:30:3:30:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:31:3:31:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:32:3:32:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:33:3:33:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:34:3:34:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:35:3:35:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
@ -10,6 +8,8 @@
 | test.c:37:3:37:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:38:3:38:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
 | test.c:39:3:39:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:40:3:40:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:42:3:42:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
-| test.c:43:3:43:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:40:3:40:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:41:3:41:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:42:3:42:14 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:44:3:44:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
+| test.c:45:3:45:13 | (...) | Expression not converted to `unsigned char` before converting to a larger integer type. |
--- a/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql
+++ b/c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql
@ -0,0 +1,4 @@
+// GENERATED FILE - DO NOT MODIFY
+import codingstandards.cpp.rules.castcharbeforeconvertingtolargersizes.CastCharBeforeConvertingToLargerSizes
+
+class TestFileQuery extends CastCharBeforeConvertingToLargerSizesSharedQuery, TestQuery { }
--- a/Показать больше
+++ b/Показать больше
				`@ -0,0 +1 @@`
				`rules/MSC40-C/DoNotViolateInLineLinkageConstraints.ql`
				`@ -1 +0,0 @@`
				`rules/STR34-C/CastCharBeforeConvertingToLargerSizes.ql`
				`@ -0,0 +1 @@`
				`c/common/test/rules/castcharbeforeconvertingtolargersizes/CastCharBeforeConvertingToLargerSizes.ql`