diff --git a/cpp/ql/lib/change-notes/2024-11-18-throwing-functions.md b/cpp/ql/lib/change-notes/2024-11-18-throwing-functions.md new file mode 100644 index 000000000000..73b358a0e1fc --- /dev/null +++ b/cpp/ql/lib/change-notes/2024-11-18-throwing-functions.md @@ -0,0 +1,4 @@ +--- +category: deprecated +--- +* The `NonThrowing` class (`semmle.code.cpp.models.interfaces.NonThrowing`) has been deprecated. Please use the `NonCppThrowingFunction` class instead. \ No newline at end of file diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll index daa6bdaafcf6..2ddc55f91f5a 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll @@ -364,10 +364,14 @@ class TranslatedFunctionCall extends TranslatedCallExpr, TranslatedDirectCall { final override predicate mayThrowException() { expr.getTarget().(ThrowingFunction).mayThrowException(_) + or + expr.getTarget() instanceof AlwaysSehThrowingFunction } final override predicate mustThrowException() { expr.getTarget().(ThrowingFunction).mayThrowException(true) + or + expr.getTarget() instanceof AlwaysSehThrowingFunction } } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll index 0bf2dd31fe40..311847e8aec0 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll @@ -16,7 +16,7 @@ import semmle.code.cpp.models.interfaces.NonThrowing * `__builtin___memcpy_chk`. */ private class MemcpyFunction extends ArrayFunction, DataFlowFunction, SideEffectFunction, - AliasFunction, NonThrowingFunction + AliasFunction, NonCppThrowingFunction { MemcpyFunction() { // memcpy(dest, src, num) diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll index ab2e0af99f38..51234e50f94f 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll @@ -11,7 +11,7 @@ import semmle.code.cpp.models.interfaces.SideEffect import semmle.code.cpp.models.interfaces.NonThrowing private class MemsetFunctionModel extends ArrayFunction, DataFlowFunction, AliasFunction, - SideEffectFunction, NonThrowingFunction + SideEffectFunction, NonCppThrowingFunction { MemsetFunctionModel() { this.hasGlobalOrStdOrBslName("memset") diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/NoexceptFunction.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/NoexceptFunction.qll index b0f76ee6538a..22f860bc593f 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/NoexceptFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/NoexceptFunction.qll @@ -6,6 +6,6 @@ import semmle.code.cpp.models.interfaces.NonThrowing * * Note: The `throw` specifier was deprecated in C++11 and removed in C++17. */ -class NoexceptFunction extends NonThrowingFunction { +class NoexceptFunction extends NonCppThrowingFunction { NoexceptFunction() { this.isNoExcept() or this.isNoThrow() } } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll index 9c3bfb4f35ec..d4b054ea0b54 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll @@ -13,7 +13,7 @@ import semmle.code.cpp.models.interfaces.NonThrowing /** * The standard functions `printf`, `wprintf` and their glib variants. */ -private class Printf extends FormattingFunction, AliasFunction, NonThrowingFunction { +private class Printf extends FormattingFunction, AliasFunction, NonCppThrowingFunction { Printf() { this instanceof TopLevelFunction and ( @@ -37,7 +37,7 @@ private class Printf extends FormattingFunction, AliasFunction, NonThrowingFunct /** * The standard functions `fprintf`, `fwprintf` and their glib variants. */ -private class Fprintf extends FormattingFunction, NonThrowingFunction { +private class Fprintf extends FormattingFunction, NonCppThrowingFunction { Fprintf() { this instanceof TopLevelFunction and ( @@ -55,7 +55,7 @@ private class Fprintf extends FormattingFunction, NonThrowingFunction { /** * The standard function `sprintf` and its Microsoft and glib variants. */ -private class Sprintf extends FormattingFunction, NonThrowingFunction { +private class Sprintf extends FormattingFunction, NonCppThrowingFunction { Sprintf() { this instanceof TopLevelFunction and ( @@ -98,7 +98,9 @@ private class Sprintf extends FormattingFunction, NonThrowingFunction { /** * Implements `Snprintf`. */ -private class SnprintfImpl extends Snprintf, AliasFunction, SideEffectFunction, NonThrowingFunction { +private class SnprintfImpl extends Snprintf, AliasFunction, SideEffectFunction, + NonCppThrowingFunction +{ SnprintfImpl() { this instanceof TopLevelFunction and ( @@ -205,7 +207,7 @@ private class StringCchPrintf extends FormattingFunction { /** * The standard function `syslog`. */ -private class Syslog extends FormattingFunction, NonThrowingFunction { +private class Syslog extends FormattingFunction, NonCppThrowingFunction { Syslog() { this instanceof TopLevelFunction and this.hasGlobalName("syslog") and diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcat.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcat.qll index 9b11ed0af153..966c7425dc45 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcat.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcat.qll @@ -15,7 +15,7 @@ import semmle.code.cpp.models.interfaces.NonThrowing * Does not include `strlcat`, which is covered by `StrlcatFunction` */ class StrcatFunction extends TaintFunction, DataFlowFunction, ArrayFunction, SideEffectFunction, - NonThrowingFunction + NonCppThrowingFunction { StrcatFunction() { this.hasGlobalOrStdOrBslName([ diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcpy.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcpy.qll index b7f06f0cebf4..b7ed20f1bab3 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcpy.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strcpy.qll @@ -13,7 +13,7 @@ import semmle.code.cpp.models.interfaces.NonThrowing * The standard function `strcpy` and its wide, sized, and Microsoft variants. */ class StrcpyFunction extends ArrayFunction, DataFlowFunction, TaintFunction, SideEffectFunction, - NonThrowingFunction + NonCppThrowingFunction { StrcpyFunction() { this.hasGlobalOrStdOrBslName([ diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll index af8f3088f255..e561bfadee6b 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/StructuredExceptionHandling.qll @@ -1,9 +1,7 @@ import semmle.code.cpp.models.interfaces.Throwing -class WindowsDriverFunction extends ThrowingFunction { - WindowsDriverFunction() { +class WindowsDriverExceptionAnnotation extends AlwaysSehThrowingFunction { + WindowsDriverExceptionAnnotation() { this.hasGlobalName(["RaiseException", "ExRaiseAccessViolation", "ExRaiseDatatypeMisalignment"]) } - - final override predicate mayThrowException(boolean unconditional) { unconditional = true } } diff --git a/cpp/ql/lib/semmle/code/cpp/models/interfaces/NonThrowing.qll b/cpp/ql/lib/semmle/code/cpp/models/interfaces/NonThrowing.qll index 64901d39ad30..5ddf754f7456 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/interfaces/NonThrowing.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/interfaces/NonThrowing.qll @@ -5,7 +5,15 @@ import semmle.code.cpp.Function import semmle.code.cpp.models.Models +/** + * A function that is guaranteed to never throw a C++ exception + * (distinct from a structured exception handling, SEH, exception). + */ +abstract class NonCppThrowingFunction extends Function { } + /** * A function that is guaranteed to never throw. + * + * DEPRECATED: use `NonCppThrowingFunction` instead. */ -abstract class NonThrowingFunction extends Function { } +deprecated class NonThrowingFunction = NonCppThrowingFunction; diff --git a/cpp/ql/lib/semmle/code/cpp/models/interfaces/Throwing.qll b/cpp/ql/lib/semmle/code/cpp/models/interfaces/Throwing.qll index 79b7523f1d9f..044b30f7b702 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/interfaces/Throwing.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/interfaces/Throwing.qll @@ -11,12 +11,21 @@ import semmle.code.cpp.models.Models import semmle.code.cpp.models.interfaces.FunctionInputsAndOutputs /** - * A class that models the exceptional behavior of a function. + * A function that is known to raise an exception. */ abstract class ThrowingFunction extends Function { + ThrowingFunction() { any() } + /** * Holds if this function may throw an exception during evaluation. * If `unconditional` is `true` the function always throws an exception. */ abstract predicate mayThrowException(boolean unconditional); } + +/** + * A function that is known to raise an exception unconditionally. + * The only cases known where this happens is for SEH + * (structured exception handling) exceptions. + */ +abstract class AlwaysSehThrowingFunction extends Function { } diff --git a/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql b/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql index 92daf31b0570..d4d908f8474b 100644 --- a/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql +++ b/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql @@ -45,7 +45,7 @@ predicate deleteMayThrow(DeleteOrDeleteArrayExpr deleteExpr) { * like it might throw an exception, and the function does not have a `noexcept` or `throw()` specifier. */ predicate functionMayThrow(Function f) { - not f instanceof NonThrowingFunction and + not f instanceof NonCppThrowingFunction and (not exists(f.getBlock()) or stmtMayThrow(f.getBlock())) }