RULE-7-0-1 - NoConversionFromBool

Detects implicit and explicit conversions from type bool to other types,
preventing potential confusion between bitwise and logical operators and
ensuring clear type usage. [a]

Author: lcartey

cpp/misra/src/rules/RULE-7-0-1/NoConversionFromBool.ql

@@ -0,0 +1,47 @@
+/**
+ * @id cpp/misra/no-conversion-from-bool
+ * @name RULE-7-0-1: There shall be no conversion from type bool
+ * @description Converting a bool type (implicitly or explicitly) to another type can lead to
+ *              unintended behavior and code obfuscation, particularly when using bitwise operators
+ *              instead of logical operators.
+ * @kind problem
+ * @precision very-high
+ * @problem.severity error
+ * @tags external/misra/id/rule-7-0-1
+ *       scope/single-translation-unit
+ *       external/misra/enforcement/decidable
+ *       external/misra/obligation/required
+ */
+
+import cpp
+import codingstandards.cpp.misra
+
+from Expr e, Conversion conv
+where
+  not isExcluded(e, ConversionsPackage::noConversionFromBoolQuery()) and
+  conv = e.getConversion() and
+  conv.getExpr().getType().stripTopLevelSpecifiers() instanceof BoolType and
+  not conv.getType().stripTopLevelSpecifiers() instanceof BoolType and
+  // Exclude cases that are explicitly allowed
+  not (
+    // Exception: equality operators with both bool operands
+    exists(EQExpr eq | 
+      eq.getAnOperand() = e and
+      eq.getLeftOperand().getType().stripTopLevelSpecifiers() instanceof BoolType and
+      eq.getRightOperand().getType().stripTopLevelSpecifiers() instanceof BoolType
+    ) or
+    exists(NEExpr ne | 
+      ne.getAnOperand() = e and
+      ne.getLeftOperand().getType().stripTopLevelSpecifiers() instanceof BoolType and
+      ne.getRightOperand().getType().stripTopLevelSpecifiers() instanceof BoolType
+    ) or
+    // Exception: explicit constructor calls
+    exists(ConstructorCall cc | cc.getAnArgument() = e) or
+    // Exception: assignment to bit-field of length 1
+    exists(AssignExpr assign |
+      assign.getRValue() = e and
+      assign.getLValue().(ValueFieldAccess).getTarget() instanceof BitField and
+      assign.getLValue().(ValueFieldAccess).getTarget().(BitField).getNumBits() = 1
+    )
+  )
+select e, "Conversion from 'bool' to '" + conv.getType().toString() + "'."

cpp/misra/test/rules/RULE-7-0-1/NoConversionFromBool.expected

@@ -0,0 +1,29 @@
+| test.cpp:23:9:23:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:23:14:23:15 | b2 | Conversion from 'bool' to 'int'. |
+| test.cpp:24:9:24:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:24:14:24:15 | b2 | Conversion from 'bool' to 'int'. |
+| test.cpp:25:9:25:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:25:14:25:15 | b2 | Conversion from 'bool' to 'int'. |
+| test.cpp:26:10:26:11 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:29:9:29:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:29:14:29:15 | b2 | Conversion from 'bool' to 'int'. |
+| test.cpp:30:9:30:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:30:14:30:15 | b2 | Conversion from 'bool' to 'int'. |
+| test.cpp:31:9:31:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:31:15:31:16 | b2 | Conversion from 'bool' to 'int'. |
+| test.cpp:32:9:32:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:32:15:32:16 | b2 | Conversion from 'bool' to 'int'. |
+| test.cpp:35:9:35:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:36:9:36:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:37:9:37:10 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:40:22:40:23 | b1 | Conversion from 'bool' to 'double'. |
+| test.cpp:41:22:41:23 | b1 | Conversion from 'bool' to 'double'. |
+| test.cpp:42:30:42:31 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:45:36:45:37 | b1 | Conversion from 'bool' to 'int8_t'. |
+| test.cpp:46:38:46:39 | b1 | Conversion from 'bool' to 'int32_t'. |
+| test.cpp:49:8:49:9 | b1 | Conversion from 'bool' to 'int32_t'. |
+| test.cpp:50:8:50:9 | b1 | Conversion from 'bool' to 'double'. |
+| test.cpp:53:13:53:14 | b1 | Conversion from 'bool' to 'int'. |
+| test.cpp:59:11:59:12 | b1 | Conversion from 'bool' to 'int8_t'. |
+| test.cpp:60:12:60:13 | b1 | Conversion from 'bool' to 'int32_t'. |
+| test.cpp:61:10:61:11 | b1 | Conversion from 'bool' to 'double'. |

cpp/misra/test/rules/RULE-7-0-1/NoConversionFromBool.qlref

@@ -0,0 +1 @@
+rules/RULE-7-0-1/NoConversionFromBool.ql

cpp/misra/test/rules/RULE-7-0-1/test.cpp

@@ -0,0 +1,97 @@
+#include <cstdint>
+
+struct A {
+    explicit A(bool) {}
+};
+
+struct BitField {
+    std::uint8_t bit : 1;
+};
+
+void f1(std::int32_t n) {}
+void f2(double d) {}
+
+void test_bool_conversion_violations() {
+    bool b1 = true;
+    bool b2 = false;
+    double d1 = 1.0;
+    std::int8_t s8a = 0;
+    std::int32_t s32a = 0;
+    BitField bf;
+
+    // Bitwise operations - non-compliant
+    if (b1 & b2) {}        // NON_COMPLIANT
+    if (b1 | b2) {}        // NON_COMPLIANT
+    if (b1 ^ b2) {}        // NON_COMPLIANT
+    if (~b1) {}            // NON_COMPLIANT
+
+    // Relational operations - non-compliant
+    if (b1 < b2) {}        // NON_COMPLIANT
+    if (b1 > b2) {}        // NON_COMPLIANT
+    if (b1 <= b2) {}       // NON_COMPLIANT
+    if (b1 >= b2) {}       // NON_COMPLIANT
+
+    // Comparison with integer literals - non-compliant
+    if (b1 == 0) {}        // NON_COMPLIANT
+    if (b1 == 1) {}        // NON_COMPLIANT
+    if (b1 != 0) {}        // NON_COMPLIANT
+
+    // Arithmetic operations - non-compliant
+    double l1 = d1 * b1;                    // NON_COMPLIANT
+    double l2 = d1 + b1;                    // NON_COMPLIANT
+    std::int32_t l3 = s32a + b1;           // NON_COMPLIANT
+
+    // Explicit casts to integral types - non-compliant
+    s8a = static_cast<std::int8_t>(b1);     // NON_COMPLIANT
+    s32a = static_cast<std::int32_t>(b1);   // NON_COMPLIANT
+
+    // Function parameter conversion - non-compliant
+    f1(b1);                                 // NON_COMPLIANT
+    f2(b1);                                 // NON_COMPLIANT
+
+    // Switch statement - non-compliant
+    switch (b1) {                           // NON_COMPLIANT
+        case 0: break;
+        case 1: break;
+    }
+
+    // Assignment to integral types - non-compliant
+    s8a = b1;                               // NON_COMPLIANT
+    s32a = b1;                              // NON_COMPLIANT
+    d1 = b1;                                // NON_COMPLIANT
+}
+
+void test_bool_conversion_compliant() {
+    bool b1 = true;
+    bool b2 = false;
+    std::int8_t s8a = 0;
+    BitField bf;
+
+    // Boolean equality operations - compliant
+    if (b1 == false) {}     // COMPLIANT
+    if (b1 == true) {}      // COMPLIANT
+    if (b1 == b2) {}        // COMPLIANT
+    if (b1 != b2) {}        // COMPLIANT
+
+    // Logical operations - compliant
+    if (b1 && b2) {}        // COMPLIANT
+    if (b1 || b2) {}        // COMPLIANT
+    if (!b1) {}             // COMPLIANT
+
+    // Conditional operator without conversion - compliant
+    s8a = b1 ? 3 : 7;       // COMPLIANT
+
+    // Function parameter without conversion - compliant
+    f1(b1 ? 1 : 0);         // COMPLIANT
+
+    // Explicit constructor calls - compliant
+    A l1{true};                             // COMPLIANT
+    A l2(false);                            // COMPLIANT
+    A l3 = static_cast<A>(true);           // COMPLIANT
+
+    // Assignment to constructor - compliant
+    A l4 = A{false};        // COMPLIANT
+
+    // Bit-field assignment exception - compliant
+    bf.bit = b1;            // COMPLIANT
+}