Add new library, backported to a small handful of queries, for resolving types.

c/cert/src/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

c/cert/src/rules/INT36-C/ConvertingAPointerToIntegerOrIntegerToPointer.ql

@@ -17,6 +17,7 @@
 
 import cpp
 import codingstandards.c.cert
+import codingstandards.cpp.types.Resolve
 
 class LiteralZero extends Literal {
   LiteralZero() { this.getValue() = "0" }
@@ -37,21 +38,30 @@ class StdIntIntPtrType extends Type {
   }
 }
 
+class ResolvesToStdIntIntPtrType = ResolvesTo<StdIntIntPtrType>::IgnoringSpecifiers;
+
+class ResolvesToVoidPointerType = ResolvesTo<VoidPointerType>::IgnoringSpecifiers;
+
 /**
  * Casting a pointer value to integer, excluding literal 0.
  * Includes implicit conversions made during declarations or assignments.
  */
 predicate conversionBetweenPointerAndInteger(Cast cast, string message) {
   /* Ensure that `int` has different size than that of pointers */
-  exists(IntType intType, PointerType ptrType | intType.getSize() < ptrType.getSize() |
-    cast.getExpr().getUnderlyingType() = intType and
-    cast.getUnderlyingType() = ptrType and
+  exists(
+    ResolvesTo<IntType>::IgnoringSpecifiers intType,
+    ResolvesTo<PointerType>::IgnoringSpecifiers ptrType
+  |
+    intType.getSize() < ptrType.getSize()
+  |
+    cast.getExpr().getType() = intType and
+    cast.getType() = ptrType and
     if cast.isCompilerGenerated()
     then message = "Integer expression " + cast.getExpr() + " is implicitly cast to a pointer type."
     else message = "Integer expression " + cast.getExpr() + " is cast to a pointer type."
     or
-    cast.getExpr().getUnderlyingType() = ptrType and
-    cast.getUnderlyingType() = intType and
+    cast.getExpr().getType() = ptrType and
+    cast.getType() = intType and
     if cast.isCompilerGenerated()
     then
       message = "Pointer expression " + cast.getExpr() + " is implicitly cast to an integer type."
@@ -61,11 +71,11 @@ predicate conversionBetweenPointerAndInteger(Cast cast, string message) {
   not cast.getExpr() instanceof LiteralZero and
   /* Compliant exception 2: variable's declared type is (u)intptr_t */
   not (
-    cast.getType() instanceof StdIntIntPtrType and
-    cast.getExpr().getType() instanceof VoidPointerType
+    cast.getType() instanceof ResolvesToStdIntIntPtrType and
+    cast.getExpr().getType() instanceof ResolvesToVoidPointerType
     or
-    cast.getType() instanceof VoidPointerType and
-    cast.getExpr().getType() instanceof StdIntIntPtrType
+    cast.getType() instanceof ResolvesToVoidPointerType and
+    cast.getExpr().getType() instanceof ResolvesToStdIntIntPtrType
   )
 }
 

c/cert/test/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

c/common/src/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

c/common/test/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

c/misra/src/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

c/misra/src/rules/RULE-22-12/NonstandardUseOfThreadingObject.ql

@@ -16,9 +16,11 @@
 import cpp
 import codingstandards.c.misra
 import codingstandards.cpp.Concurrency
-import codingstandards.cpp.Type
+import codingstandards.cpp.types.Resolve
 
-predicate isThreadingObject(Type t) { t instanceof PossiblySpecified<C11ThreadingObjectType>::Type }
+predicate isThreadingObject(Type t) {
+  t instanceof ResolvesTo<C11ThreadingObjectType>::IgnoringSpecifiers
+}
 
 predicate validUseOfStdThreadObject(Expr e) {
   e.getParent() instanceof AddressOfExpr

c/misra/src/rules/RULE-22-13/ThreadingObjectWithInvalidStorageDuration.ql

@@ -17,15 +17,15 @@ import cpp
 import codingstandards.c.misra
 import codingstandards.c.Objects
 import codingstandards.cpp.Concurrency
-import codingstandards.cpp.Type
+import codingstandards.cpp.types.Resolve
 
 from ObjectIdentity obj, StorageDuration storageDuration, Type type
 where
   not isExcluded(obj, Concurrency8Package::threadingObjectWithInvalidStorageDurationQuery()) and
   storageDuration = obj.getStorageDuration() and
   not storageDuration.isStatic() and
   type = obj.getASubObjectType() and
-  type instanceof PossiblySpecified<C11ThreadingObjectType>::Type
+  type instanceof ResolvesTo<C11ThreadingObjectType>::IgnoringSpecifiers
 select obj,
   "Object of type '" + obj.getType().getName() + "' has invalid storage duration type '" +
     storageDuration.getStorageTypeName() + "'."

c/misra/src/rules/RULE-22-14/MutexNotInitializedBeforeUse.ql

@@ -17,7 +17,7 @@ import cpp
 import codingstandards.c.misra
 import codingstandards.c.Objects
 import codingstandards.cpp.Concurrency
-import codingstandards.cpp.Type
+import codingstandards.cpp.types.Resolve
 import codingstandards.c.initialization.GlobalInitializationAnalysis
 
 module MutexInitializationConfig implements GlobalInitializationAnalysisConfigSig {
@@ -68,8 +68,8 @@ where
   ) and
   (
     if
-      obj.getType() instanceof PossiblySpecified<C11MutexType>::Type or
-      obj.getType() instanceof PossiblySpecified<C11ConditionType>::Type
+      obj.getType() instanceof ResolvesTo<C11MutexType>::IgnoringSpecifiers or
+      obj.getType() instanceof ResolvesTo<C11ConditionType>::IgnoringSpecifiers
     then description = typeString
     else description = typeString + " in object"
   )

c/misra/test/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

change_notes/2025-12-03-type-resolution-tracking-changes.md

@@ -0,0 +1,6 @@
+ - `INT36-C` - `ConvertingAPointerToIntegerOrIntegerToPointer.ql`:
+  - Integrated new type resolution modules to fully handle typedefs and ignore cv-qualifiers during type comparisons, such as in detecting int types, pointer types, (u)intptr_t types, and void pointer types.
+ - `RULE-22-12`, `RULE-22-13`, `RULE-22-14` - `NonstandardUseOfThreadingObject.ql`, `ThreadingObjectWithInvalidStorageDuration.ql`, `MutexNotInitializedBeforeUse.ql`:
+  - Integrated new type resolution modules to handle typedefs when identifying threading object types.
+ - `RULE-9-5-1` - `LegacyForStatementsShouldBeSimple.ql`:
+  - Refactor to integrate new type resolution, no change in functionality expected.

cpp/autosar/src/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

cpp/autosar/test/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

cpp/cert/src/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

cpp/cert/test/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow:

cpp/common/src/codeql-pack.lock.yml

@@ -1,6 +1,8 @@
 ---
 lockVersion: 1.0.0
 dependencies:
+  advanced-security/qtil:
+    version: 0.0.3
   codeql/cpp-all:
     version: 4.0.3
   codeql/dataflow: