cert.py: Add ENV33-C-EX1 exception (#2396)

* cert.py: Add ENV33-C-EX1 exception ENV33-C-EX1: It is permissible to call system() with a null pointer argument to determine the presence of a command processor for the system. [1] [1]: https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152177 * Handle different null-pointer constants
2019-11-24 12:31:08 +03:00 · 2019-11-24 12:31:08 +03:00 · 2c28440f15
parent c3c3d6770c
commit 2c28440f15
2 changed files with 17 additions and 0 deletions
--- a/addons/cert.py
+++ b/addons/cert.py
@ -242,6 +242,18 @@ def int31(data, platform):
 def env33(data):
    for token in data.tokenlist:
        if isFunctionCall(token, ('system',), 1):
+
+            # Invalid syntax
+            if not token.next.astOperand2:
+                continue
+
+            # ENV33-C-EX1: It is permissible to call system() with a null
+            # pointer argument to determine the presence of a command processor
+            # for the system.
+            argValue = token.next.astOperand2.getValue(0)
+            if argValue and argValue.intvalue == 0 and argValue.isKnown():
+                continue
+
            reportError(token, 'style', 'Do not call system()', 'ENV33-C')


--- a/addons/test/cert-test.c
+++ b/addons/test/cert-test.c
@ -77,6 +77,11 @@ unsigned char int31(int x)
 void env33()
 {
    system("chmod -x $(which chmod)"); // cert-ENV33-C
+    system(""); // cert-ENV33-C
+    system(NULL); // no-warning
+    system(0); // no-warning
+    const int *np = NULL;
+    system(np); // no-warning
    int system;
 }