Skip to content

Commit 2e7cc23

Browse files
ESS-ENNESS-ENN
authored
Rules: null-function-library-c/cpp (#19)
1 parent cd70510 commit 2e7cc23

6 files changed

+480
-0
lines changed

rules/c/security/null-library-function-c.yml

Lines changed: 187 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,187 @@
1+
id: null-library-function-c
2+
language: C
3+
severity: warning
4+
message: >-
5+
The `$SOURCE` function returns NULL on error and this line dereferences
6+
the return value without checking for NULL.
7+
note: >-
8+
[CWE-476] NULL Pointer Dereference.
9+
[REFERENCES]
10+
- https://wiki.sei.cmu.edu/confluence/display/c/EXP34-C.+Do+not+dereference+null+pointers
11+
utils:
12+
MATCH_PATTERN_ONE:
13+
kind: return_statement
14+
has:
15+
stopBy: neighbor
16+
kind: field_expression
17+
has:
18+
stopBy: neighbor
19+
kind: call_expression
20+
all:
21+
- has:
22+
stopBy: neighbor
23+
kind: identifier
24+
regex: "^fgets|::fgets|std::fgets|fopen|::fopen|std::fopen|getenv|::getenv|std::getenv|getgrent|::getgrent|std::getgrent|getgrgid|::getgrgid|std::getgrgid|getgrnam|::getgrnam|std::getgrnam|getlogin|::getlogin|std::getlogin|getpwent|::getpwent|std::getpwent|getpwnam|::getpwnam|std::getpwnam|getpwuid|::getpwuid|std::getpwuid|getpwuuid|::getpwuuid|std::getpwuuid|gets|::gets|std::gets|inet_ntop|::inet_ntop|std::inet_ntop|realpath|::realpath|std::realpath|tempnam|::tempnam|std::tempnam|tmpfile|::tmpfile|std::tmpfile|tmpnam|::tmpnam|std::tmpnam|memchr|::memchr|std::memchr|strcasestr_l|::strcasestr_l|std::strcasestr_l|strcasestr|::strcasestr|std::strcasestr|strchr|::strchr|std::strchr|strnstr|::strnstr|std::strnstr|strpbrk|::strpbrk|std::strpbrk|strrchr|::strrchr|std::strrchr|strstr|::strstr|std::strstr|strtok_r|::strtok_r|std::strtok_r|strtok|::strtok|std::strtok$"
25+
26+
MATCH_PATTERN_THREE:
27+
kind: call_expression
28+
all:
29+
- has:
30+
stopBy: neighbor
31+
kind: identifier
32+
regex: "^atof|::atof|std::atof|atoi|::atoi|std::atoi|atol_l|::atol_l|std::atol_l|atol|::atol|std::atol|atoll_l|::atoll_l|std::atoll_l|atoll|::atoll|std::atoll|getc|::getc|std::getc|fprintf|::fprintf|std::fprintf|fgetpos|::fgetpos|std::fgetpos|fseek|::fseek|std::fseek|fseeko|::fseeko|std::fseeko|fsetpos|::fsetpos|std::fsetpos|ftell|::ftell|std::ftell|ftello|::ftello|std::ftello|rewind|::rewind|std::rewind|strlen|::strlen|std::strlen|strtoimax|::strtoimax|std::strtoimax|strtod|::strtod|std::strtod|strtol|::strtol|std::strtol|strtoul|::strtoul|std::strtoul|strtoll|::strtoll|std::strtoll|strtoq|::strtoq|std::strtoq$"
33+
- has:
34+
stopBy: neighbor
35+
kind: argument_list
36+
has:
37+
stopBy: neighbor
38+
kind: call_expression
39+
all:
40+
- has:
41+
stopBy: neighbor
42+
kind: identifier
43+
regex: "^fgets|::fgets|std::fgets|fopen|::fopen|std::fopen|getenv|::getenv|std::getenv|getgrent|::getgrent|std::getgrent|getgrgid|::getgrgid|std::getgrgid|getgrnam|::getgrnam|std::getgrnam|getlogin|::getlogin|std::getlogin|getpwent|::getpwent|std::getpwent|getpwnam|::getpwnam|std::getpwnam|getpwuid|::getpwuid|std::getpwuid|getpwuuid|::getpwuuid|std::getpwuuid|gets|::gets|std::gets|inet_ntop|::inet_ntop|std::inet_ntop|realpath|::realpath|std::realpath|tempnam|::tempnam|std::tempnam|tmpfile|::tmpfile|std::tmpfile|tmpnam|::tmpnam|std::tmpnam|memchr|::memchr|std::memchr|strcasestr_l|::strcasestr_l|std::strcasestr_l|strcasestr|::strcasestr|std::strcasestr|strchr|::strchr|std::strchr|strnstr|::strnstr|std::strnstr|strpbrk|::strpbrk|std::strpbrk|strrchr|::strrchr|std::strrchr|strstr|::strstr|std::strstr|strtok_r|::strtok_r|std::strtok_r|strtok|::strtok|std::strtok$"
44+
- has:
45+
stopBy: end
46+
kind: argument_list
47+
48+
MATCH_PATTERN_FOUR:
49+
kind: call_expression
50+
all:
51+
- has:
52+
stopBy: neighbor
53+
kind: identifier
54+
regex: "^atof|::atof|std::atof|atoi|::atoi|std::atoi|atol_l|::atol_l|std::atol_l|atol|::atol|std::atol|atoll_l|::atoll_l|std::atoll_l|atoll|::atoll|std::atoll|getc|::getc|std::getc|fprintf|::fprintf|std::fprintf|fgetpos|::fgetpos|std::fgetpos|fseek|::fseek|std::fseek|fseeko|::fseeko|std::fseeko|fsetpos|::fsetpos|std::fsetpos|ftell|::ftell|std::ftell|ftello|::ftello|std::ftello|rewind|::rewind|std::rewind|strlen|::strlen|std::strlen|strtoimax|::strtoimax|std::strtoimax|strtod|::strtod|std::strtod|strtol|::strtol|std::strtol|strtoul|::strtoul|std::strtoul|strtoll|::strtoll|std::strtoll|strtoq|::strtoq|std::strtoq$"
55+
- has:
56+
stopBy: neighbor
57+
kind: argument_list
58+
has:
59+
stopBy: neighbor
60+
kind: assignment_expression
61+
all:
62+
- has:
63+
stopBy: neighbor
64+
kind: identifier
65+
- has:
66+
stopBy: neighbor
67+
regex: "="
68+
- has:
69+
stopBy: neighbor
70+
kind: call_expression
71+
all:
72+
- has:
73+
stopBy: neighbor
74+
kind: identifier
75+
regex: "^fgets|::fgets|std::fgets|fopen|::fopen|std::fopen|getenv|::getenv|std::getenv|getgrent|::getgrent|std::getgrent|getgrgid|::getgrgid|std::getgrgid|getgrnam|::getgrnam|std::getgrnam|getlogin|::getlogin|std::getlogin|getpwent|::getpwent|std::getpwent|getpwnam|::getpwnam|std::getpwnam|getpwuid|::getpwuid|std::getpwuid|getpwuuid|::getpwuuid|std::getpwuuid|gets|::gets|std::gets|inet_ntop|::inet_ntop|std::inet_ntop|realpath|::realpath|std::realpath|tempnam|::tempnam|std::tempnam|tmpfile|::tmpfile|std::tmpfile|tmpnam|::tmpnam|std::tmpnam|memchr|::memchr|std::memchr|strcasestr_l|::strcasestr_l|std::strcasestr_l|strcasestr|::strcasestr|std::strcasestr|strchr|::strchr|std::strchr|strnstr|::strnstr|std::strnstr|strpbrk|::strpbrk|std::strpbrk|strrchr|::strrchr|std::strrchr|strstr|::strstr|std::strstr|strtok_r|::strtok_r|std::strtok_r|strtok|::strtok|std::strtok$"
76+
- has:
77+
stopBy: neighbor
78+
kind: argument_list
79+
80+
MATCH_PATTERN_FIVE:
81+
kind: call_expression
82+
all:
83+
- has:
84+
stopBy: neighbor
85+
kind: identifier
86+
regex: "^bcopy|::bcopy|std::bcopy|memccpy|::memccpy|std::memccpy|memcpy|::memcpy|std::memcpy|memmove|::memmove|std::memmove|stpncpy|::stpncpy|std::stpncpy|strcat|::strcat|std::strcat|strcpy|::strcpy|std::strcpy|strcpy|::strcpy|std::strcpy|strlcat|::strlcat|std::strlcat|strlcpy|::strlcpy|std::strlcpy|strncat|::strncat|std::strncat|strpcpy|::strpcpy|std::strpcpy|wcpcpy|::wcpcpy|std::wcpcpy|wcpncpy|::wcpncpy|std::wcpncpy$"
87+
- has:
88+
stopBy: neighbor
89+
kind: argument_list
90+
all:
91+
- has:
92+
stopBy: neighbor
93+
pattern: $$$
94+
- has:
95+
stopBy: neighbor
96+
kind: call_expression
97+
all:
98+
- has:
99+
stopBy: neighbor
100+
kind: identifier
101+
regex: "^fgets|::fgets|std::fgets|fopen|::fopen|std::fopen|getenv|::getenv|std::getenv|getgrent|::getgrent|std::getgrent|getgrgid|::getgrgid|std::getgrgid|getgrnam|::getgrnam|std::getgrnam|getlogin|::getlogin|std::getlogin|getpwent|::getpwent|std::getpwent|getpwnam|::getpwnam|std::getpwnam|getpwuid|::getpwuid|std::getpwuid|getpwuuid|::getpwuuid|std::getpwuuid|gets|::gets|std::gets|inet_ntop|::inet_ntop|std::inet_ntop|realpath|::realpath|std::realpath|tempnam|::tempnam|std::tempnam|tmpfile|::tmpfile|std::tmpfile|tmpnam|::tmpnam|std::tmpnam|memchr|::memchr|std::memchr|strcasestr_l|::strcasestr_l|std::strcasestr_l|strcasestr|::strcasestr|std::strcasestr|strchr|::strchr|std::strchr|strnstr|::strnstr|std::strnstr|strpbrk|::strpbrk|std::strpbrk|strrchr|::strrchr|std::strrchr|strstr|::strstr|std::strstr|strtok_r|::strtok_r|std::strtok_r|strtok|::strtok|std::strtok$"
102+
- has:
103+
stopBy: neighbor
104+
kind: argument_list
105+
has:
106+
stopBy: neighbor
107+
pattern: $$$
108+
109+
MATCH_PATTERN_SIX:
110+
kind: call_expression
111+
all:
112+
- has:
113+
stopBy: neighbor
114+
kind: identifier
115+
regex: "^fwrite|::fwrite|std::fwrite$"
116+
- has:
117+
stopBy: neighbor
118+
kind: argument_list
119+
has:
120+
stopBy: end
121+
kind: call_expression
122+
all:
123+
- has:
124+
stopBy: neighbor
125+
kind: identifier
126+
regex: "^fgets|::fgets|std::fgets|fopen|::fopen|std::fopen|getenv|::getenv|std::getenv|getgrent|::getgrent|std::getgrent|getgrgid|::getgrgid|std::getgrgid|getgrnam|::getgrnam|std::getgrnam|getlogin|::getlogin|std::getlogin|getpwent|::getpwent|std::getpwent|getpwnam|::getpwnam|std::getpwnam|getpwuid|::getpwuid|std::getpwuid|getpwuuid|::getpwuuid|std::getpwuuid|gets|::gets|std::gets|inet_ntop|::inet_ntop|std::inet_ntop|realpath|::realpath|std::realpath|tempnam|::tempnam|std::tempnam|tmpfile|::tmpfile|std::tmpfile|tmpnam|::tmpnam|std::tmpnam|memchr|::memchr|std::memchr|strcasestr_l|::strcasestr_l|std::strcasestr_l|strcasestr|::strcasestr|std::strcasestr|strchr|::strchr|std::strchr|strnstr|::strnstr|std::strnstr|strpbrk|::strpbrk|std::strpbrk|strrchr|::strrchr|std::strrchr|strstr|::strstr|std::strstr|strtok_r|::strtok_r|std::strtok_r|strtok|::strtok|std::strtok$"
127+
- has:
128+
stopBy: neighbor
129+
kind: argument_list
130+
131+
MATCH_PATTERN_TWO:
132+
kind: subscript_expression
133+
all:
134+
- has:
135+
stopBy: neighbor
136+
kind: parenthesized_expression
137+
has:
138+
stopBy: neighbor
139+
kind: call_expression
140+
all:
141+
- has:
142+
stopBy: neighbor
143+
kind: identifier
144+
regex: "^fgets|::fgets|std::fgets|fopen|::fopen|std::fopen|getenv|::getenv|std::getenv|getgrent|::getgrent|std::getgrent|getgrgid|::getgrgid|std::getgrgid|getgrnam|::getgrnam|std::getgrnam|getlogin|::getlogin|std::getlogin|getpwent|::getpwent|std::getpwent|getpwnam|::getpwnam|std::getpwnam|getpwuid|::getpwuid|std::getpwuid|getpwuuid|::getpwuuid|std::getpwuuid|gets|::gets|std::gets|inet_ntop|::inet_ntop|std::inet_ntop|realpath|::realpath|std::realpath|tempnam|::tempnam|std::tempnam|tmpfile|::tmpfile|std::tmpfile|tmpnam|::tmpnam|std::tmpnam|memchr|::memchr|std::memchr|strcasestr_l|::strcasestr_l|std::strcasestr_l|strcasestr|::strcasestr|std::strcasestr|strchr|::strchr|std::strchr|strnstr|::strnstr|std::strnstr|strpbrk|::strpbrk|std::strpbrk|strrchr|::strrchr|std::strrchr|strstr|::strstr|std::strstr|strtok_r|::strtok_r|std::strtok_r|strtok|::strtok|std::strtok$"
145+
- has:
146+
stopBy: neighbor
147+
kind: argument_list
148+
has:
149+
stopBy: neighbor
150+
pattern: $$$
151+
- has:
152+
stopBy: neighbor
153+
pattern: $$$
154+
155+
MATCH_PATTERN_SEVEN:
156+
kind: subscript_expression
157+
all:
158+
- has:
159+
stopBy: neighbor
160+
kind: call_expression
161+
all:
162+
- has:
163+
stopBy: neighbor
164+
kind: identifier
165+
regex: "^fgets|::fgets|std::fgets|fopen|::fopen|std::fopen|getenv|::getenv|std::getenv|getgrent|::getgrent|std::getgrent|getgrgid|::getgrgid|std::getgrgid|getgrnam|::getgrnam|std::getgrnam|getlogin|::getlogin|std::getlogin|getpwent|::getpwent|std::getpwent|getpwnam|::getpwnam|std::getpwnam|getpwuid|::getpwuid|std::getpwuid|getpwuuid|::getpwuuid|std::getpwuuid|gets|::gets|std::gets|inet_ntop|::inet_ntop|std::inet_ntop|realpath|::realpath|std::realpath|tempnam|::tempnam|std::tempnam|tmpfile|::tmpfile|std::tmpfile|tmpnam|::tmpnam|std::tmpnam|memchr|::memchr|std::memchr|strcasestr_l|::strcasestr_l|std::strcasestr_l|strcasestr|::strcasestr|std::strcasestr|strchr|::strchr|std::strchr|strnstr|::strnstr|std::strnstr|strpbrk|::strpbrk|std::strpbrk|strrchr|::strrchr|std::strrchr|strstr|::strstr|std::strstr|strtok_r|::strtok_r|std::strtok_r|strtok|::strtok|std::strtok$"
166+
- has:
167+
stopBy: neighbor
168+
kind: argument_list
169+
- has:
170+
stopBy: neighbor
171+
pattern: $$$
172+
173+
rule:
174+
any:
175+
- kind: return_statement
176+
any:
177+
- matches: MATCH_PATTERN_ONE
178+
- kind: call_expression
179+
any:
180+
- matches: MATCH_PATTERN_THREE
181+
- matches: MATCH_PATTERN_FOUR
182+
- matches: MATCH_PATTERN_FIVE
183+
- matches: MATCH_PATTERN_SIX
184+
- kind: subscript_expression
185+
any:
186+
- matches: MATCH_PATTERN_TWO
187+
- matches: MATCH_PATTERN_SEVEN

0 commit comments

Comments
 (0)