Merge pull request #1081 from github/michaelrfairhurst/undefined-behavior-modifying-string-literal

Reuse A2-13-4 as an audit query for undefined behavior.

Author: MichaelRFairhurst

change_notes/2026-03-13-make-string-literal-query-shared.md

@@ -0,0 +1,2 @@
+ - `A2-13-4` - `StringLiteralsAssignedToNonConstantPointers.ql`:
+   - Refactored query logic into a shared module (`StringLiteralsAssignedToNonConstantPointersShared`) to enable reuse by MISRA C++ `RULE-4-1-3`. The query logic is unchanged. No visible changes to results or performance are expected.

cpp/autosar/src/rules/A2-13-4/StringLiteralsAssignedToNonConstantPointers.ql

@@ -17,11 +17,12 @@
 
 import cpp
 import codingstandards.cpp.autosar
+import codingstandards.cpp.rules.stringliteralsassignedtononconstantpointersshared.StringLiteralsAssignedToNonConstantPointersShared
 
-from ArrayToPointerConversion apc
-where
-  not isExcluded(apc, StringsPackage::stringLiteralsAssignedToNonConstantPointersQuery()) and
-  apc.getExpr() instanceof StringLiteral and
-  apc.getExpr().getUnderlyingType().(ArrayType).getBaseType().isConst() and
-  not apc.getFullyConverted().getType().getUnderlyingType().(PointerType).getBaseType().isConst()
-select apc, "String literal assigned to non-const pointer."
+module StringLiteralsAssignedToNonConstantPointersConfig implements
+  StringLiteralsAssignedToNonConstantPointersSharedConfigSig
+{
+  Query getQuery() { result = StringsPackage::stringLiteralsAssignedToNonConstantPointersQuery() }
+}
+
+import StringLiteralsAssignedToNonConstantPointersShared<StringLiteralsAssignedToNonConstantPointersConfig>

cpp/autosar/test/rules/A2-13-4/StringLiteralsAssignedToNonConstantPointers.qlref

@@ -0,0 +1 @@
+cpp/common/test/rules/stringliteralsassignedtononconstantpointersshared/StringLiteralsAssignedToNonConstantPointersShared.ql

cpp/autosar/test/rules/A2-13-4/StringLiteralsAssignedToNonConstantPointers.testref

@@ -8,7 +8,8 @@ newtype UndefinedQuery =
   TCriticalUnspecifiedBehaviorQuery() or
   TUndefinedBehaviorAuditQuery() or
   TCriticalUnspecifiedBehaviorAuditQuery() or
-  TPossibleDataRaceBetweenThreadsQuery()
+  TPossibleDataRaceBetweenThreadsQuery() or
+  TStringLiteralPossiblyModifiedAuditQuery()
 
 predicate isUndefinedQueryMetadata(Query query, string queryId, string ruleId, string category) {
   query =
@@ -55,6 +56,15 @@ predicate isUndefinedQueryMetadata(Query query, string queryId, string ruleId, s
     "cpp/misra/possible-data-race-between-threads" and
   ruleId = "RULE-4-1-3" and
   category = "required"
+  or
+  query =
+    // `Query` instance for the `stringLiteralPossiblyModifiedAudit` query
+    UndefinedPackage::stringLiteralPossiblyModifiedAuditQuery() and
+  queryId =
+    // `@id` for the `stringLiteralPossiblyModifiedAudit` query
+    "cpp/misra/string-literal-possibly-modified-audit" and
+  ruleId = "RULE-4-1-3" and
+  category = "required"
 }
 
 module UndefinedPackage {
@@ -92,4 +102,11 @@ module UndefinedPackage {
       // `Query` type for `possibleDataRaceBetweenThreads` query
       TQueryCPP(TUndefinedPackageQuery(TPossibleDataRaceBetweenThreadsQuery()))
   }
+
+  Query stringLiteralPossiblyModifiedAuditQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `stringLiteralPossiblyModifiedAudit` query
+      TQueryCPP(TUndefinedPackageQuery(TStringLiteralPossiblyModifiedAuditQuery()))
+  }
 }

cpp/common/src/codingstandards/cpp/exclusions/cpp/Undefined.qll

@@ -0,0 +1,27 @@
+/**
+ * Provides a configurable module StringLiteralsAssignedToNonConstantPointersShared with a `problems` predicate
+ * for the following issue:
+ * The type of string literal as of C++0x was changed from 'array of char' to array of
+ * const char and therefore assignment to a non-const pointer is considered an error,
+ * which is reported as a warning by some compilers.
+ */
+
+import cpp
+import codingstandards.cpp.Customizations
+import codingstandards.cpp.Exclusions
+
+signature module StringLiteralsAssignedToNonConstantPointersSharedConfigSig {
+  Query getQuery();
+}
+
+module StringLiteralsAssignedToNonConstantPointersShared<
+  StringLiteralsAssignedToNonConstantPointersSharedConfigSig Config>
+{
+  query predicate problems(ArrayToPointerConversion apc, string message) {
+    not isExcluded(apc, Config::getQuery()) and
+    apc.getExpr() instanceof StringLiteral and
+    apc.getExpr().getUnderlyingType().(ArrayType).getBaseType().isConst() and
+    not apc.getFullyConverted().getType().getUnderlyingType().(PointerType).getBaseType().isConst() and
+    message = "String literal assigned to non-const pointer."
+  }
+}

cpp/common/src/codingstandards/cpp/rules/stringliteralsassignedtononconstantpointersshared/StringLiteralsAssignedToNonConstantPointersShared.qll

@@ -1,4 +1,4 @@
 | test.cpp:2:12:2:19 | array to pointer conversion | String literal assigned to non-const pointer. |
 | test.cpp:10:15:10:22 | array to pointer conversion | String literal assigned to non-const pointer. |
 | test.cpp:20:14:20:22 | array to pointer conversion | String literal assigned to non-const pointer. |
-| test.cpp:21:8:21:16 | array to pointer conversion | String literal assigned to non-const pointer. |
+| test.cpp:21:8:21:16 | array to pointer conversion | String literal assigned to non-const pointer. |

…lsAssignedToNonConstantPointers.expected …gnedToNonConstantPointersShared.expectedcpp/autosar/test/rules/A2-13-4/StringLiteralsAssignedToNonConstantPointers.expected renamed to cpp/common/test/rules/stringliteralsassignedtononconstantpointersshared/StringLiteralsAssignedToNonConstantPointersShared.expected cpp/autosar/test/rules/A2-13-4/StringLiteralsAssignedToNonConstantPointers.expected renamed to cpp/common/test/rules/stringliteralsassignedtononconstantpointersshared/StringLiteralsAssignedToNonConstantPointersShared.expected

@@ -0,0 +1,8 @@
+// GENERATED FILE - DO NOT MODIFY
+import codingstandards.cpp.rules.stringliteralsassignedtononconstantpointersshared.StringLiteralsAssignedToNonConstantPointersShared
+
+module TestFileConfig implements StringLiteralsAssignedToNonConstantPointersSharedConfigSig {
+  Query getQuery() { result instanceof TestQuery }
+}
+
+import StringLiteralsAssignedToNonConstantPointersShared<TestFileConfig>

cpp/common/test/rules/stringliteralsassignedtononconstantpointersshared/StringLiteralsAssignedToNonConstantPointersShared.ql

@@ -0,0 +1,27 @@
+/**
+ * @id cpp/misra/string-literal-possibly-modified-audit
+ * @name RULE-4-1-3: Audit: string literal possibly modified through non-const pointer
+ * @description Assigning a string literal to a non-const pointer may lead to undefined behaviour if
+ *              the string is modified through that pointer.
+ * @kind problem
+ * @precision low
+ * @problem.severity error
+ * @tags external/misra/id/rule-4-1-3
+ *       correctness
+ *       scope/system
+ *       external/misra/audit
+ *       external/misra/enforcement/undecidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+import codingstandards.cpp.rules.stringliteralsassignedtononconstantpointersshared.StringLiteralsAssignedToNonConstantPointersShared
+
+module StringLiteralPossiblyModifiedAuditConfig implements
+  StringLiteralsAssignedToNonConstantPointersSharedConfigSig
+{
+  Query getQuery() { result = UndefinedPackage::stringLiteralPossiblyModifiedAuditQuery() }
+}
+
+import StringLiteralsAssignedToNonConstantPointersShared<StringLiteralPossiblyModifiedAuditConfig>