Add "Baseline" query suites for C/C++.

.codeqlmanifest.json

@@ -1,7 +1,9 @@
 {
   "provide": [
+    "cpp/baseline_suites/qlpack.yml",
     "cpp/*/src/qlpack.yml",
     "cpp/*/test/qlpack.yml",
+    "c/baseline_suites/qlpack.yml",
     "c/*/src/qlpack.yml",
     "c/*/test/qlpack.yml",
     "scripts/generate_modules/queries/qlpack.yml"

c/baseline_suites/codeql-pack.lock.yml

@@ -0,0 +1,24 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/cpp-all:
+    version: 4.0.3
+  codeql/dataflow:
+    version: 2.0.3
+  codeql/mad:
+    version: 1.0.19
+  codeql/rangeanalysis:
+    version: 1.0.19
+  codeql/ssa:
+    version: 1.0.19
+  codeql/tutorial:
+    version: 1.0.19
+  codeql/typeflow:
+    version: 1.0.19
+  codeql/typetracking:
+    version: 2.0.3
+  codeql/util:
+    version: 2.0.6
+  codeql/xml:
+    version: 1.0.19
+compiled: false

c/baseline_suites/codeql-suites/c-baseline-default.qls

@@ -0,0 +1,10 @@
+- description: C Baseline Coding Standards Queries
+- qlpack: codeql/cert-c-coding-standards
+- qlpack: codeql/misra-c-coding-standards
+- include:
+    kind:
+    - problem
+    - path-problem
+    tags contain:
+    - coding-standards/baseline/safety
+    - coding-standards/baseline/style

c/baseline_suites/codeql-suites/c-baseline-safety.qls

@@ -0,0 +1,8 @@
+- description: C Baseline Safety Coding Standards Queries
+- qlpack: codeql/misra-c-coding-standards
+- include:
+    kind:
+    - problem
+    - path-problem
+    tags contain:
+    - coding-standards/baseline/safety

c/baseline_suites/codeql-suites/c-baseline-style.qls

@@ -0,0 +1,8 @@
+- description: C Baseline Style Coding Standards Queries
+- qlpack: codeql/coding-standards-c-baseline
+- include:
+    kind:
+    - problem
+    - path-problem
+    tags contain:
+    - coding-standards/baseline/style

c/baseline_suites/qlpack.yml

@@ -0,0 +1,9 @@
+name: advanced-security/coding-standards-c-baseline
+version: 0.0.2
+description: A set of baseline coding standards for C projects, combining hand picked rules from MISRA C and CERT C.
+suites: codeql-suites
+license: MIT
+default-suite-file: codeql-suites/c-baseline-default.qls
+dependencies:
+  codeql/misra-c-coding-standards: 2.51.0
+  codeql/cert-c-coding-standards: 2.51.0

c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p6
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p8
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p8
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p2
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p2
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p6
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p8
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p2
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p6
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql

@@ -16,6 +16,7 @@
  *       external/cert/priority/p3
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/style
  */
 
 import cpp

c/cert/src/rules/DCL41-C/VariablesInsideSwitchStatement.ql

@@ -16,6 +16,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/style
  */
 
 import cpp

c/cert/src/rules/ENV30-C/DoNotModifyTheReturnValueOfCertainFunctions.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ENV31-C/EnvPointerIsInvalidAfterCertainOperations.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ENV32-C/ExitHandlersMustReturnNormally.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p12
  *       external/cert/level/l1
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvFunctions.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ENV34-C/DoNotStorePointersReturnedByEnvironmentFunWarn.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ERR30-C/ErrnoReadBeforeReturn.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p8
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ERR30-C/SetlocaleMightSetErrno.ql

@@ -13,6 +13,7 @@
  *       external/cert/priority/p8
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/ERR32-C/DoNotRelyOnIndeterminateValuesOfErrno.ql

@@ -13,6 +13,7 @@
  *       external/cert/priority/p3
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP32-C/DoNotAccessVolatileObjectWithNonVolatileReference.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p6
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP35-C/DoNotModifyObjectsWithTemporaryLifetime.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP37-C/DoNotCallFunctionPointerWithIncompatibleType.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP37-C/DoNotCallFunctionsWithIncompatibleArguments.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP40-C/DoNotModifyConstantObjects.ql

@@ -13,6 +13,7 @@
  *       external/cert/priority/p2
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP43-C/DoNotPassAliasedPointerToRestrictQualifiedParam.ql

@@ -13,6 +13,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP43-C/RestrictPointerReferencesOverlappingObject.ql

@@ -13,6 +13,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/EXP46-C/DoNotUseABitwiseOperatorWithABooleanLikeOperand.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p9
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/style
  */
 
 import cpp

c/cert/src/rules/FIO30-C/ExcludeUserInputFromFormatStrings.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p18
  *       external/cert/level/l1
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO37-C/SuccessfulFgetsOrFgetwsMayReturnAnEmptyString.ql

@@ -13,6 +13,7 @@
  *       external/cert/priority/p12
  *       external/cert/level/l1
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO38-C/DoNotCopyAFileObject.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO39-C/DoNotAlternatelyIOFromAStreamWithoutPositioning.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p6
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO40-C/ResetStringsOnFgetsOrFgetwsFailure.ql

@@ -15,6 +15,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO41-C/DoNotCallGetcAndPutcWithSideEffects.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p2
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO45-C/ToctouRaceConditionsWhileAccessingFiles.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p6
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO46-C/UndefinedBehaviorAccessingAClosedFile.ql

@@ -13,6 +13,7 @@
  *       external/cert/priority/p4
  *       external/cert/level/l3
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp

c/cert/src/rules/FIO47-C/UseValidSpecifiers.ql

@@ -14,6 +14,7 @@
  *       external/cert/priority/p6
  *       external/cert/level/l2
  *       external/cert/obligation/rule
+ *       coding-standards/baseline/safety
  */
 
 import cpp