Adjusted package_method to allow package names with whitespace in the middle

.CFVERSION

@@ -0,0 +1 @@
+3.24.0

.clang-format

@@ -0,0 +1,40 @@
+---
+BasedOnStyle: Google
+---
+Language: Cpp
+ColumnLimit: 79
+IndentWidth: 4
+TabWidth: 4
+UseTab: Never
+MaxEmptyLinesToKeep: 3
+AlignTrailingComments: true
+SpacesBeforeTrailingComments: 1
+SortIncludes: false
+DerivePointerAlignment: false
+PointerAlignment: Right
+AlignConsecutiveAssignments: false
+AlignConsecutiveDeclarations: false
+SpaceAfterCStyleCast: true
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeParens: ControlStatements
+BreakStringLiterals: false
+BinPackArguments: false
+BinPackParameters: false
+AlignAfterOpenBracket: AlwaysBreak
+AllowAllParametersOfDeclarationOnNextLine: true
+IndentCaseLabels: false
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortIfStatementsOnASingleLine: false
+AllowShortFunctionsOnASingleLine: None
+BreakBeforeBraces: Custom
+BraceWrapping:
+  AfterCaseLabel: true
+  AfterControlStatement: true
+  AfterEnum: true
+  AfterFunction: true
+  AfterStruct: true
+  AfterUnion: true
+  BeforeElse: true
+  SplitEmptyFunction: true
+BreakBeforeBinaryOperators: NonAssignment
+---

.github/codeql/codeql-config.yml

@@ -0,0 +1,5 @@
+name: "CFEngine cpp CodeQL config"
+
+queries:
+  - uses: cfengine/core/.github/codeql/cpp-queries/bool-type-mismatch-return.ql@master
+  - uses: cfengine/core/.github/codeql/cpp-queries/missing-argument-null-check.ql@master

.github/codeql/cpp-queries/bool-type-mismatch-return.c

@@ -0,0 +1,62 @@
+#include <stdbool.h>
+
+int good_int()
+{
+    return 0;
+}
+
+int bad_int()
+{
+    return false;
+}
+
+bool good_with_variable()
+{
+    bool r = true;
+    return r;
+}
+
+bool bad_with_variable()
+{
+    int r = true;
+    return r;
+}
+
+bool good_with_constant()
+{
+    return false;
+}
+
+bool bad_with_constant()
+{
+    return 0;
+}
+
+bool good_with_function()
+{
+    return good_with_constant();
+}
+
+bool bad_with_function()
+{
+    return good_int();
+}
+
+bool good_with_comparison()
+{
+    return good_int() != 0;
+}
+
+int main(void)
+{
+    good_int();
+    bad_int();
+    good_with_variable();
+    bad_with_variable();
+    good_with_constant();
+    bad_with_constant();
+    good_with_function();
+    bad_with_function();
+    good_with_comparison();
+    return 0;
+}

.github/codeql/cpp-queries/bool-type-mismatch-return.qhelp

@@ -0,0 +1,66 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+
+<overview>
+
+<p>
+Boolean type mismatch between function type and return value.
+This can be the result of copy-pasted code, which should have been modified.
+</p>
+
+<p>
+In C, most things we think of as boolean are actually int (0 or 1).
+We prefer to use <code>bool</code> return type for functions which have 2 return values (<code>true</code> or <code>false</code>).
+We consider some different things boolean:
+</p>
+
+<ul>
+<li>
+A variable with type <code>bool</code>
+</li>
+<li>
+A function call with return type <code>bool</code>
+</li>
+<li>
+A boolean macro - <code>true</code> or <code>false</code>
+</li>
+<li>
+A comparison - <code>==</code> or <code>!=</code> (or less than / greater than variants).
+</li>
+<li>
+A logical operation - AND or OR.
+</li>
+</ul>
+
+<p>
+The reason why this query was added was to catch cases like <a href="https://github.com/cfengine/core/pull/3635">a boolean function returning -1</a>.
+<code>int</code> functions typically return <code>0</code> for success and <code>-1</code> for failure.
+This means that if you copied the error handling of an int function to a <code>bool</code> function, it would return <code>true</code> (success) in case of error.
+Error handling is the main reason to have this strict type checking for <code>bool</code>.
+</p>
+
+</overview>
+<recommendation>
+
+<p>
+Change the returned value to something boolean, or change the function return type to <code>bool</code>.
+Sometimes this means adding an an explicit comparison in the return statement.
+(Typecasting is almost never the right answer).
+</p>
+
+</recommendation>
+<example>
+
+<sample src="bool-type-mismatch-return.c" />
+
+</example>
+<references>
+
+<li>
+CFEngine Contribution guidelines: <a href="https://github.com/cfengine/core/blob/master/CONTRIBUTING.md">CONTRIBUTING.md</a>
+</li>
+
+</references>
+</qhelp>

.github/codeql/cpp-queries/bool-type-mismatch-return.ql

@@ -0,0 +1,76 @@
+/**
+ * @name Boolean type mismatch between function type and return value
+ * @description Strict boolean type-checking for return statements.
+ *              Boolean functions must return something boolean.
+ *              Non-boolean functions must not return something boolean.
+ *              Comparisons, logical AND/OR, and true/false macros are bool.
+ * @kind problem
+ * @problem.severity warning
+ * @id cpp/bool-type-mismatch-return
+ * @tags readability
+ *       correctness
+ * @precision very-high
+ */
+
+import cpp
+
+predicate isBoolExpr(Expr expression){
+  // Not bool if there is an explicit cast to something else:
+  not exists(CStyleCast cast |
+    cast.getType().getName() != "bool"
+    and
+    cast.getExplicitlyConverted() = expression.getExplicitlyConverted()
+  )
+  and
+  // One of these imply boolean:
+  (
+    // variable of type bool:
+    expression.getType().getName() = "bool"
+    // true or false macro:
+    or exists(MacroInvocation m |
+           m.getExpr() = expression
+           and (m.getMacroName() = "true" or m.getMacroName() = "false"))
+    // && or || operator
+    or exists(BinaryLogicalOperation b |
+              b = expression)
+    // == or != or > or < or >= or <= operator:
+    or exists(ComparisonOperation cmp |
+              cmp = expression)
+    // ! operator:
+    or exists(NotExpr n |
+              n = expression
+              and isBoolExpr(n.getOperand()))
+    // Recursively check both branches of ternary operator:
+    or exists(ConditionalExpr c |
+              c = expression
+              and isBoolExpr(c.getThen())
+              and isBoolExpr(c.getElse()))
+  )
+}
+
+string showMacroExpr(Expr e){
+  not e.isInMacroExpansion()
+  and result = e.toString()
+or
+  e.isInMacroExpansion()                     // Show true=1/false=0 in alert
+  and result = e.findRootCause()
+                  .toString()
+                  .replaceAll("#define ", "")
+                  .replaceAll(" ", "=")
+}
+
+from Function f, ReturnStmt r, string rt
+where r.getEnclosingFunction() = f
+  and (
+      f.getType().getName() = "bool"
+      and not isBoolExpr(r.getExpr())
+      and rt = "non-bool"
+    or
+      f.getType().getName() != "bool"
+      and isBoolExpr(r.getExpr())
+      and rt = "bool"
+  )
+select r, "Function " + f.getName() +
+          " has return type " + f.getType().getName() +
+          " and returns " + rt +
+          "(" + showMacroExpr(r.getExpr()) + ")"

.github/codeql/cpp-queries/missing-argument-null-check.c

@@ -0,0 +1,39 @@
+#include <assert.h>
+
+typedef struct {
+    char *string;
+} StructWithString;
+
+void good_with_assert(StructWithString *data)
+{
+    assert(data != NULL);
+    char *string = data->string;
+}
+
+void good_with_no_deref(StructWithString *data)
+{
+    good_with_assert(data);
+}
+
+void good_with_if(StructWithString *data)
+{
+    if (data != NULL)
+    {
+        char *string = data->string;
+    }
+}
+
+void bad_deref(StructWithString *data)
+{
+    char *string = data->string;
+}
+
+int main(void)
+{
+    StructWithString *data = NULL;
+    good_with_no_deref(data);      // Doesn't dereference, so no problem
+    good_with_assert(data);        // Assert will detect our error
+    good_with_if(data);            // Works with NULL pointers
+    bad_deref(data);               // Blows up - will be detected in alert
+    return 0;
+}

.github/codeql/cpp-queries/missing-argument-null-check.qhelp

@@ -0,0 +1,49 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+
+<overview>
+
+<p>
+Functions which dereference a pointer should test for <code>NULL</code>.
+This should be done as an explicit comparison in an <code>assert</code> or <code>if</code> statement.
+If the function assumes that an argument is non-null, add an assert at the beginning of the function body.
+</p>
+
+<p>
+There are some limitations in the current implementation.
+It only looks for explicit comparisons, <code>if (ptr == NULL)</code>, but this is the correct way to write it, according to our style guidelines.
+Only arrow syntax is detected, <code>ptr->field</code>, so it should be expanded to also detect asterisk syntax, <code>*ptr</code>.
+Also, it doesn't check that the comparison is before the dereference, it should be improved to also alert in cases where the check is after the dereference.
+There shouldn't be false positives, but it should be expanded to find more problematic cases.
+</p>
+
+</overview>
+<recommendation>
+
+<p>
+Add an assert to the beginning of the function if it assumes the argument is not null: <code>assert(ptr != NULL)</code>.
+Add an an explicit comparison somewhere in the function if it is okay for the argument to be NULL.
+(Usually this should be an <code>if</code> around the dereference).
+Note that in both cases, the comparison <b>must</b> be explicit (using <code>== NULL</code> or <code>!= NULL</code>).
+</p>
+
+</recommendation>
+<example>
+
+<p>
+This example has 2 correct (good) functions, and one incorrect (bad) function:
+</p>
+
+<sample src="missing-argument-null-check.c" />
+
+</example>
+<references>
+
+<li>
+CFEngine Contribution guidelines: <a href="https://github.com/cfengine/core/blob/master/CONTRIBUTING.md">CONTRIBUTING.md</a>
+</li>
+
+</references>
+</qhelp>

.github/codeql/cpp-queries/missing-argument-null-check.ql

@@ -0,0 +1,37 @@
+/**
+ * @name Pointer argument is dereferenced without checking for NULL
+ * @description Functions which dereference a pointer should test for NULL.
+ *              This should be done as an explicit comparison in an assert or if statement.
+ * @kind problem
+ * @problem.severity recommendation
+ * @id cpp/missing-argument-null-check
+ * @tags readability
+ *       correctness
+ *       safety
+ * @precision very-high
+ */
+
+import cpp
+
+predicate hasNullCheck(Function func, Parameter p){
+  exists(MacroInvocation m |
+    m.getMacroName() = "assert"
+    and m.getEnclosingFunction() = func
+    and m.getUnexpandedArgument(0) = p.getName() + " != NULL")
+  or
+  exists(EqualityOperation comparison, MacroInvocation m|
+    comparison.getEnclosingFunction() = func
+    and comparison.getLeftOperand().toString() = p.getName()
+    and comparison.getRightOperand() = m.getExpr()
+    and m.getMacroName() = "NULL")
+}
+
+from Function func, PointerFieldAccess acc, Parameter p, PointerType pt
+where acc.getEnclosingFunction() = func
+  and p.getFunction() = func
+  and p.getType() = pt
+  and acc.getQualifier().toString() = p.getName()
+  and not hasNullCheck(func, p)
+select acc, "Parameter " + p.getName() +
+            " in " + func.getName() +
+            "() is dereferenced without an explicit null-check"

.github/codeql/cpp-queries/qlpack.yml

@@ -0,0 +1,4 @@
+name: cfengine/codeql-cpp-queries
+version: 1.0.0
+dependencies:
+  codeql/cpp-all: ~0.5.4

.github/dependabot.yml

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: gitsubmodule
+    directory: /
+    schedule:
+      interval: "daily"