You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
||[2023 Third Edition, Second Revision](https://misra.org.uk/product/misra-c2023/)| 221 | 210 | 207[^5]| Implemented |
74
-
| MISRA C++ |[2023](https://misra.org.uk/product/misra-cpp2023/)| 179 |175[^6]|- | Implemented |
74
+
| MISRA C++ |[2023](https://misra.org.uk/product/misra-cpp2023/)| 179 |176[^6]|175[^7]| Implemented |
75
75
76
76
Not all rules in these standards are amenable to static analysis by CodeQL - some rules require external or domain specific knowledge to validate, or refer to properties which are not present in our representation of the codebase under analysis. In addition, some rules are natively enforced by the supported compilers. As CodeQL requires that the program under analysis compiles, we are unable to implement queries for these rules, and doing so would be redundant.
77
77
@@ -90,7 +90,8 @@ The datasheet _"CodeQL Coding Standards: supported rules"_, provided with each r
90
90
[^3]: The unimplemented supportable MISRA C 2012 rules are `Rule 9.5`, `Rule 17.13`. `Rule 9.5` and `Rule 17.13` require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. Note: `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input.
91
91
[^4]: The unimplemented supportable MISRA C 2012 Amendment 4 rule is `Rule 9.6`. `Rule 9.6` requires additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of this rule.
92
92
[^5]: The unimplemented supportable MISRA C 2023 rules are `Rule 9.5`, `Rule 9.6`, `Rule 17.13`. `Rule 9.5`, `Rule 9.6` and `Rule 17.13` require additional support in the CodeQL CLI to ensure the required information is available in the CodeQL database to identify violations of these rules. Note: `Dir 4.14` is covered by the default CodeQL queries, which identify potential security vulnerabilities caused by not validating external input.
93
-
[^6]: The rules `5.13.7`, `19.0.1` and `19.1.2` are not planned to be implemented by CodeQL as they are compiler checked in all supported compilers. Our implementation does not support `Dir 0.3.2`, and for customers who wish to validate function preconditions we recommend they consider using [this open source CodeQL project](https://github.com/advanced-security/codeql-contracts-smt-z3) that can find and validate preconditions with SMT constraint solving.
93
+
[^6]: The rules `5.13.7`, `19.0.1` and `19.1.2` are not planned to be implemented by CodeQL as they are compiler checked in all supported compilers.
94
+
[^7]: The rule `Dir 0.3.2` is not supported by our implementation. For customers who wish to validate function preconditions we recommend they consider using [this open source CodeQL project](https://github.com/advanced-security/codeql-contracts-smt-z3) that can find and validate preconditions with SMT constraint solving.
94
95
95
96
## Supported environment
96
97
@@ -115,7 +116,7 @@ In addition, the machine which performs the analysis must be able to complete a
115
116
116
117
#### C++
117
118
118
-
For C++ the codebase under analysis must comply with C++14 and use one of the following supported compiler configurations:
119
+
For C++ the codebase under analysis must comply with C++14 or C++17 and use one of the following supported compiler configurations:
119
120
120
121
| Compiler | Version | Standard library | Target architecture | Language standard flag | Other required flags |
@@ -127,7 +128,7 @@ Use of the queries outside these scenarios is possible, but not validated for fu
127
128
128
129
- Use of the queries against codebases written with more recent versions of C++ (as supported by CodeQL) are not validated in the following circumstances:
129
130
- When new language features are used
130
-
- When language features are used which have a differing interpretation from C++14.
131
+
- When language features are used which have a differing interpretation from C++14 or C++17.
131
132
- Use of the queries against codebases which use other compilers or other compiler versions supported by CodeQL is not tested or validated for functional safety.
132
133
133
134
#### C
@@ -467,7 +468,7 @@ Note - considation should be taken to ensure the use of custom attributes for de
467
468
* Confirm that unknown attributes are ignored by the compiler.
468
469
* For MISRA C, add a project deviation against "Rule 1.2: Language extensions should not be used", if attribute support is a language extension in your language version.
469
470
470
-
**Use of attributes in C++ Coding Standards**: The C++ Standard supports attributes in C++14, however the handling of unknown attributes is implementation defined. From C++17 onwards, unknown attributes are mandated to be ignored. Unknown attributes will usually raise an "unknown attribute" warning. You should:
471
+
**Use of attributes in C++ Coding Standards**: The C++ Standard supports attributes in C++14 and C++17, however the handling of unknown attributes is implementation defined. From C++17 onwards, unknown attributes are mandated to be ignored. Unknown attributes will usually raise an "unknown attribute" warning. You should:
471
472
* If using C++14, confirm that your compiler ignores unknown attributes.
472
473
* If using AUTOSAR and a compiler which produces warnings on unknown attributes, the compiler warning should be disabled (as per `A1-1-2: A warning level of the compilation process shall be set in compliance with project policies`), to ensure compliance with `A1-4-3: All code should compiler free of compiler warnings`.
0 commit comments