Ignore "system::" to reduce false positives
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit is contained in:
parent
f32f11f092
commit
48ebb4023e
18
flawfinder
18
flawfinder
|
@ -579,7 +579,6 @@ def extract_c_parameters(text, pos=0):
|
||||||
text[pos:pos + 200])
|
text[pos:pos + 200])
|
||||||
return [] # Treat unterminated list as an empty list
|
return [] # Treat unterminated list as an empty list
|
||||||
|
|
||||||
|
|
||||||
# These patterns match gettext() and _() for internationalization.
|
# These patterns match gettext() and _() for internationalization.
|
||||||
# This is compiled here, to avoid constant recomputation.
|
# This is compiled here, to avoid constant recomputation.
|
||||||
# FIXME: assumes simple function call if it ends with ")",
|
# FIXME: assumes simple function call if it ends with ")",
|
||||||
|
@ -851,6 +850,13 @@ def cpp_unsafe_stl(hit):
|
||||||
def normal(hit):
|
def normal(hit):
|
||||||
add_warning(hit)
|
add_warning(hit)
|
||||||
|
|
||||||
|
# Ignore "system" if it's "system::" (that is, a C++ namespace such as
|
||||||
|
# boost::system::...), because that produces too many false positives.
|
||||||
|
# We ignore spaces before "::"
|
||||||
|
def found_system(hit):
|
||||||
|
follow_text = hit.lookahead[len(hit.name):].lstrip()
|
||||||
|
if not follow_text.startswith('::'):
|
||||||
|
normal(hit)
|
||||||
|
|
||||||
# "c_ruleset": the rules for identifying "hits" in C (potential warnings).
|
# "c_ruleset": the rules for identifying "hits" in C (potential warnings).
|
||||||
# It's a dictionary, where the key is the function name causing the hit,
|
# It's a dictionary, where the key is the function name causing the hit,
|
||||||
|
@ -1150,13 +1156,21 @@ c_ruleset = {
|
||||||
"tmpfile", "avoid-race", {}),
|
"tmpfile", "avoid-race", {}),
|
||||||
|
|
||||||
# TODO: Need to detect varying levels of danger.
|
# TODO: Need to detect varying levels of danger.
|
||||||
"execl|execlp|execle|execv|execvp|system|popen|WinExec|ShellExecute":
|
"execl|execlp|execle|execv|execvp|popen|WinExec|ShellExecute":
|
||||||
(normal, 4,
|
(normal, 4,
|
||||||
"This causes a new program to execute and is difficult to use safely (CWE-78)",
|
"This causes a new program to execute and is difficult to use safely (CWE-78)",
|
||||||
"try using a library call that implements the same functionality "
|
"try using a library call that implements the same functionality "
|
||||||
"if available",
|
"if available",
|
||||||
"shell", "", {}),
|
"shell", "", {}),
|
||||||
|
|
||||||
|
# TODO: Need to detect varying levels of danger.
|
||||||
|
"system":
|
||||||
|
(found_system, 4,
|
||||||
|
"This causes a new program to execute and is difficult to use safely (CWE-78)",
|
||||||
|
"try using a library call that implements the same functionality "
|
||||||
|
"if available",
|
||||||
|
"shell", "", {'extract_lookahead': 1}),
|
||||||
|
|
||||||
# TODO: Be more specific. The biggest problem involves "first" param NULL,
|
# TODO: Be more specific. The biggest problem involves "first" param NULL,
|
||||||
# second param with embedded space. Windows.
|
# second param with embedded space. Windows.
|
||||||
"CreateProcessAsUser|CreateProcessWithLogon":
|
"CreateProcessAsUser|CreateProcessWithLogon":
|
||||||
|
|
|
@ -75,12 +75,17 @@ test_009: $(FLAWFINDER) test-cpp-digit-separator.cpp
|
||||||
| grep 'File ended while in string.' \
|
| grep 'File ended while in string.' \
|
||||||
> /dev/null
|
> /dev/null
|
||||||
|
|
||||||
|
test_010: $(FLAWFINDER) test-boost-system.hpp
|
||||||
|
@echo 'test_010 (system:: ignored)'
|
||||||
|
@$(PYTHON) $(FLAWFINDER) --error-level 2 test-boost-system.hpp \
|
||||||
|
> /dev/null
|
||||||
|
|
||||||
# Run all tests on *one* version of Python;
|
# Run all tests on *one* version of Python;
|
||||||
# output shows differences from expected results.
|
# output shows differences from expected results.
|
||||||
# If everything works as expected, it just prints test numbers.
|
# If everything works as expected, it just prints test numbers.
|
||||||
# Set PYTHON as needed, including to ""
|
# Set PYTHON as needed, including to ""
|
||||||
test: test_001 test_002 test_003 test_004 test_005 test_006 test_007 test_008 \
|
test: test_001 test_002 test_003 test_004 test_005 test_006 test_007 test_008 \
|
||||||
test_009
|
test_009 test_010
|
||||||
@echo 'All tests pass!'
|
@echo 'All tests pass!'
|
||||||
|
|
||||||
# Usual check routine. Run all tests using *both* python2 and python3.
|
# Usual check routine. Run all tests using *both* python2 and python3.
|
||||||
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
|
||||||
|
// Ensure reference to boost::system is ignored
|
||||||
|
|
||||||
|
void HandleWrite(const boost::system::error_code &error);
|
Loading…
Reference in New Issue