Add TIME_FIELDS struct and test case

Author: ropwareJB

cpp/ql/lib/semmle/code/cpp/commons/DateTime.qll

@@ -14,7 +14,7 @@ class PackedTimeType extends Type {
   }
 }
 
-private predicate timeType(string typeName) { typeName = ["_SYSTEMTIME", "SYSTEMTIME", "tm"] }
+private predicate timeType(string typeName) { typeName = ["_SYSTEMTIME", "SYSTEMTIME", "tm", "TIME_FIELDS", "PTIME_FIELDS"] }
 
 /**
  * A type that is used to represent times and dates in an 'unpacked' form, that is,
@@ -95,3 +95,24 @@ class StructTmMonthFieldAccess extends MonthFieldAccess {
 class StructTmYearFieldAccess extends YearFieldAccess {
   StructTmYearFieldAccess() { this.getTarget().getName() = "tm_year" }
 }
+
+/**
+ * A `DayFieldAccess` for the `TIME_FIELDS` struct.
+ */
+class TimeFieldsDayFieldAccess extends DayFieldAccess {
+  TimeFieldsDayFieldAccess() { this.getTarget().getName() = "Day" }
+}
+
+/**
+ * A `MonthFieldAccess` for the `TIME_FIELDS` struct.
+ */
+class TimeFieldsMonthFieldAccess extends MonthFieldAccess {
+  TimeFieldsMonthFieldAccess() { this.getTarget().getName() = "Month" }
+}
+
+/**
+ * A `YearFieldAccess` for the `TIME_FIELDS` struct.
+ */
+class TimeFieldsYearFieldAccess extends YearFieldAccess {
+  TimeFieldsYearFieldAccess() { this.getTarget().getName() = "Year" }
+}

cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModificationPrecise.ql

@@ -312,10 +312,11 @@ module OperationToYearAssignmentConfig implements DataFlow::ConfigSig {
     isLeapYearCheckSink(n)
   }
 
-  // Block flow out of an operation source to get the "closest" operation to the sink
+  /** Block flow out of an operation source to get the "closest" operation to the sink */
   predicate isBarrierIn(DataFlow::Node n) { isSource(n) }
 
   predicate isBarrierOut(DataFlow::Node n) { isSink(n) }
+
   // DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext }
 }
 
@@ -358,6 +359,7 @@ module YearFieldAccessToLeapYearCheckConfig implements DataFlow::ConfigSig {
   // DataFlow::FlowFeature getAFeature() {
   //   result instanceof DataFlow::FeatureEqualSourceSinkCallContext
   // }
+
   /**
    * Enforcing the check must occur in the same call context as the source,
    * i.e., do not return from the source function and check in a caller.
@@ -389,6 +391,9 @@ predicate isUsedInFeb29Check(YearFieldAccess fa) {
   )
 }
 
+/**
+ * An expression which checks the value of a Month field `a->month == 1`.
+ */
 class MonthEqualityCheck extends EqualityOperation {
   MonthEqualityCheck() { this.getAnOperand() instanceof MonthFieldAccess }
 
@@ -405,6 +410,9 @@ class MonthEqualityCheck extends EqualityOperation {
 
 class MonthEqualityCheckGuard extends GuardCondition instanceof MonthEqualityCheck { }
 
+/**
+ * Verifies if the expression is guarded by a check on the Month property of a date struct, that is NOT February.
+ */
 bindingset[e]
 pragma[inline_late]
 predicate isControlledByMonthEqualityCheckNonFebruary(Expr e) {

cpp/ql/test/query-tests/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification/test.cpp

@@ -1115,7 +1115,8 @@ void fn_year_set_through_out_arg(){
 }
 
 
-/* void
+/* TODO: don't alert on simple copies from another struct where all three {year,month,day} are copied
+void
 GetEpochTime(struct pg_tm *tm)
 {
 	struct pg_tm *t0;
@@ -1147,4 +1148,22 @@ fp_guarded_by_month(struct pg_tm *tm){
 		--tm->tm_year; // Negative Test Case
 	if (woy <= 1 && tm->tm_mon == MONTHS_PER_YEAR)
 		++tm->tm_year; // Negative Test Case
+}
+
+typedef unsigned short CSHORT;
+
+typedef struct _TIME_FIELDS {
+  CSHORT Year;
+  CSHORT Month;
+  CSHORT Day;
+  CSHORT Hour;
+  CSHORT Minute;
+  CSHORT Second;
+  CSHORT Milliseconds;
+  CSHORT Weekday;
+} TIME_FIELDS, *PTIME_FIELDS;
+
+void
+tp_ptime(PTIME_FIELDS ptm){
+	ptm->Year = ptm->Year - 1; // Positive Test Case
 }