walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

security: added simple gui checking

This commit is contained in:
Daniel Marjamäki 2009-02-19 17:57:27 +00:00
parent 4e1f19a366
commit efeaac736d
7 changed files with 568 additions and 491 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/checkvalidate.cpp
View File

@ -66,11 +66,45 @@ void CheckValidate::readnum()
for (const Token *tok2 = tok; tok2; tok2 = tok2->next()) for (const Token *tok2 = tok; tok2; tok2 = tok2->next())
{ {
if (Token::Match(tok2, "cin >> %varid%", varId)) if (Token::Match(tok2, "cin >> %varid%", varId))
_errorLogger->unvalidatedInput(_tokenizer, tok2, tok2->strAt(2)); _errorLogger->unvalidatedInput(_tokenizer, tok2);
if (Token::Match(tok2, "fscanf ( %var% , %str% , %varid%", varId)) if (Token::Match(tok2, "fscanf ( %var% , %str% , %varid%", varId))
_errorLogger->unvalidatedInput(_tokenizer, tok2, tok2->strAt(6)); _errorLogger->unvalidatedInput(_tokenizer, tok2);
if (Token::Match(tok2, "scanf ( %str% , %varid%", varId)) if (Token::Match(tok2, "scanf ( %str% , %varid%", varId))
_errorLogger->unvalidatedInput(_tokenizer, tok2, tok2->strAt(4)); _errorLogger->unvalidatedInput(_tokenizer, tok2);
}
}
}
/**
* Read data from Form/GUI
* Todo: This function must be more customizable to be usable
*/
void CheckValidate::gui()
{
// input control classes whose values are insecure..
const char *inputclass[] = {"TEdit", 0};
// functions that parse value without validating it..
const std::string dangerousfunc("atoi|atof|strtol|strtoul");
for (unsigned int i = 0; inputclass[i]; ++i)
{
const std::string classname(inputclass[i]);
for (const Token *tok = _tokenizer->tokens(); tok; tok = tok->next())
{
// Declaration..
if (Token::Match(tok, (classname + " * %var% ;|=").c_str()))
{
// Variable name..
const std::string varname(tok->strAt(2));
// Getting the value..
const Token *tok2 = Token::findmatch(tok, (dangerousfunc + " ( " + varname + " .").c_str());
if (tok2)
_errorLogger->unvalidatedInput(_tokenizer, tok2);
}
} }
} }
} }

3
src/checkvalidate.h
View File

@ -36,6 +36,9 @@ public:
/** Reading a number from a stream/FILE */ /** Reading a number from a stream/FILE */
void readnum(); void readnum();
/** Reading Form/GUI data */
void gui();
private: private:
const Tokenizer *_tokenizer; const Tokenizer *_tokenizer;
ErrorLogger *_errorLogger; ErrorLogger *_errorLogger;

6
src/errorlogger.h
View File

@ -459,13 +459,13 @@ public:
return true; return true;
} }
void unvalidatedInput(const Tokenizer *tokenizer, const Token *Location, const std::string &varname) void unvalidatedInput(const Tokenizer *tokenizer, const Token *Location)
{ {
_writemsg(tokenizer, Location, "all", "Unvalidated input: " + varname + "", "unvalidatedInput"); _writemsg(tokenizer, Location, "security", "Unvalidated input", "unvalidatedInput");
} }
static bool unvalidatedInput(const Settings &s) static bool unvalidatedInput(const Settings &s)
{ {
return s._showAll; return s._security;
} }

1
src/settings.cpp
View File

@ -29,6 +29,7 @@ Settings::Settings()
_force = false; _force = false;
_xml = false; _xml = false;
_unusedFunctions = false; _unusedFunctions = false;
_security = false;
} }
Settings::~Settings() Settings::~Settings()

3
src/settings.h
View File

@ -45,6 +45,9 @@ public:
/** Checking if there are unused functions */ /** Checking if there are unused functions */
bool _unusedFunctions; bool _unusedFunctions;
/** Security checks */
bool _security;
}; };
#endif // SETTINGS_H #endif // SETTINGS_H

35
test/testvalidate.cpp
View File

@ -37,6 +37,7 @@ private:
void run() void run()
{ {
TEST_CASE(stdin1); TEST_CASE(stdin1);
TEST_CASE(gui);
} }
void check(const char code[]) void check(const char code[])
@ -63,7 +64,39 @@ private:
" int i;\n" " int i;\n"
" std::cin >> i;\n" " std::cin >> i;\n"
"}\n"); "}\n");
ASSERT_EQUALS("[test.cpp:4]: (all) Unvalidated input: i\n", errout.str()); ASSERT_EQUALS("[test.cpp:4]: (security) Unvalidated input\n", errout.str());
}
void checkGui(const char code[])
{
// Tokenize..
Tokenizer tokenizer;
std::istringstream istr(code);
tokenizer.tokenize(istr, "test.cpp");
tokenizer.simplifyTokenList();
// Clear the error buffer..
errout.str("");
// Check char variable usage..
CheckValidate checkValidate(&tokenizer, this);
checkValidate.gui();
}
void gui()
{
// Reading the value of a textbox and converting it into an int without any validation..
checkGui("void onok()\n"
"{\n"
" TEdit *editAbc;\n"
" abc = atoi(editAbc->Text.c_str());\n"
"}\n");
ASSERT_EQUALS("[test.cpp:4]: (security) Unvalidated input\n", errout.str());
} }
}; };

13
tools/errmsg.cpp
View File

@ -25,7 +25,7 @@
class Message class Message
{ {
public: public:
enum Settings {error, all, style, style_all, never}; enum Settings {error, all, style, style_all, security, never};
Message(std::string funcname, Settings settings, std::string msg); Message(std::string funcname, Settings settings, std::string msg);
Message(std::string funcname, Settings settings, std::string msg, std::string par1); Message(std::string funcname, Settings settings, std::string msg, std::string par1);
@ -118,7 +118,7 @@ int main()
// checkvalidate.cpp // checkvalidate.cpp
err.push_back(Message("unvalidatedInput", Message::all, "Unvalidated input: %1", "varname")); err.push_back(Message("unvalidatedInput", Message::security, "Unvalidated input"));
// Generate code.. // Generate code..
@ -223,10 +223,11 @@ int main()
// Generate documentation.. // Generate documentation..
std::cout << "Generate doc.." << std::endl; std::cout << "Generate doc.." << std::endl;
for (unsigned int i = 0; i < 4; ++i) const unsigned int NUMSUITE = 5;
for (unsigned int i = 0; i < NUMSUITE; ++i)
{ {
const char *suite[4] = { "error", "all", "style", "all + style" }; const char *suite[NUMSUITE] = { "error", "all", "style", "all + style", "security" };
const Message::Settings settings[4] = { Message::error, Message::all, Message::style, Message::style_all }; const Message::Settings settings[NUMSUITE] = { Message::error, Message::all, Message::style, Message::style_all, Message::security };
std::cout << " =" << suite[i] << "=" << std::endl; std::cout << " =" << suite[i] << "=" << std::endl;
for (std::list<Message>::const_iterator it = err.begin(); it != err.end(); ++it) for (std::list<Message>::const_iterator it = err.begin(); it != err.end(); ++it)
it->generateDoc(std::cout, settings[i]); it->generateDoc(std::cout, settings[i]);
@ -374,6 +375,8 @@ std::string Message::stringifySettings(bool text) const
return text ? "style" : "s._checkCodingStyle"; return text ? "style" : "s._checkCodingStyle";
case style_all: case style_all:
return text ? "all style" : "s._checkCodingStyle || s._showAll"; return text ? "all style" : "s._checkCodingStyle || s._showAll";
case security:
return text ? "security" : "s._security";
case never: case never:
return text ? "never" : "false"; return text ? "never" : "false";
} }