StrictTypeMatch: Codeql port of c28139 (#169)

* WIP port of C28139

* CodeQL port of C28139

* Update src/drivers/general/queries/StrictTypeMatch/driver_snippet.c

Co-authored-by: NateD-MSFT <[email protected]>
Signed-off-by: Jacob Ronstadt <[email protected]>

* Fix parameter order in code samples

---------

Signed-off-by: Jacob Ronstadt <[email protected]>
Co-authored-by: NateD-MSFT <[email protected]>

src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.qhelp

@@ -0,0 +1,50 @@
+<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
+<qhelp>
+	<overview>
+		<p>
+		 The argument should exactly match the type
+		</p>
+	</overview>
+	<recommendation>
+		<p>
+			An enumerated value in a function call does not match the type specified for the parameter in the function declaration. This error can occur when parameters are mis-coded, missing, or out of order. Because C permits enumerated values to be used interchangeably, and to be used interchangeably with integer constants, it is not unusual to pass the wrong enumerated value to a function without recognizing the error.
+		</p>
+	</recommendation>
+	<example>
+		<p>
+		The following code example elicits this warning.		
+		</p>
+		<sample language="c"> <![CDATA[
+ 		KeWaitForSingleObject(
+			&EventDone,
+			Executive,
+			Executive,
+			FALSE,
+			NULL);
+		}]]>
+		</sample>
+		<p>
+			The following code example avoids this warning.
+		</p>
+		<sample language="c"> <![CDATA[
+		KeWaitForSingleObject(
+			&EventDone,
+			Executive,
+			KernelMode,
+			FALSE,
+			NULL);
+		}]]>
+		</sample>
+	</example>
+	<semmleNotes>
+		<p>
+		</p>
+	</semmleNotes>
+	<references>
+		<li>
+			<a href="https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/28139-argument-operand-should-exactly-match">
+				C28139
+			</a>
+		</li>
+	</references>
+</qhelp>

src/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.ql

@@ -0,0 +1,66 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+/**
+ * @id cpp/drivers/strict-type-match
+ * @kind problem
+ * @name Strict Type Match
+ * @description The argument should exactly match the type
+ * @platform Desktop
+ * @feature.area Multiple
+ * @impact Insecure Coding Practice
+ * @repro.text
+ * @owner.email: [email protected]
+ * @opaqueid CQLD-C28139
+ * @problem.severity warning
+ * @precision medium
+ * @tags correctness
+ * @scope domainspecific
+ * @query-version v1
+ */
+
+import cpp
+import drivers.libraries.SAL
+
+from EnumConstantAccess eca, FunctionCall fc, Parameter p, int i
+where
+  fc.getArgument(i) = eca and
+  p = fc.getTarget().getParameter(i) and
+  (
+    // check for pattern __drv_strictType(typename, mode) 
+    if p instanceof SALParameter
+    then
+    exists(string enumType1, string enumType2 | 
+      enumType1 = eca.getTarget().getDeclaringEnum().toString() and
+      enumType2 =
+        p.(SALParameter)
+            .getAnnotation()
+            .getUnexpandedArgument(0)
+            .toString()
+            .splitAt("/", _)
+            .replaceAll("enum", "")
+            .trim() and
+      not enumType2.matches("__drv_%") and // exclude other SAL annotations
+      not exists(string allowedType |
+        allowedType =
+          p.(SALParameter)
+              .getAnnotation()
+              .getUnexpandedArgument(0)
+              .toString()
+              .splitAt("/", _)
+              .replaceAll("enum", "")
+              .trim() and
+        allowedType = enumType1
+      )
+    )
+    else
+    // non SAL parameter
+      eca.getTarget().getDeclaringEnum().toString() !=
+        fc.getTarget()
+            .getADeclarationEntry()
+            .getParameterDeclarationEntry(i)
+            .getType()
+            .getUnderlyingType()
+            .toString()
+  )
+select eca,
+  "Enumerated value in a function call does not match the type specified for the parameter in the function declaration"