Skip to content

Implement BannedAPIs package #909

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 33 commits into
base: main
Choose a base branch
from
Draft

Implement BannedAPIs package #909

wants to merge 33 commits into from

Conversation

lcartey
Copy link
Collaborator

@lcartey lcartey commented Jun 6, 2025

Description

This PR implements the BannedAPIs package.

As many of these rules required the detection of banned functions, I've written a library (BannedFunctions) to help identify different uses (e.g. calls, accesses etc.), and to aggregate reports in macro definitions.

I've also updated quite a few of the C++ stubs (unlike the C stubs, these are all written by hand). I suspect there may be some broken tests - will update the PR after CI/CD has run.

Change request type

  • Release or process automation (GitHub workflows, internal scripts)
  • Internal documentation
  • External documentation
  • Query files (.ql, .qll, .qls or unit tests)
  • External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

  • No rules added
  • Queries have been added for the following rules:
    • ``
  • Queries have been modified for the following rules:
    • rule number here

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

  • The structure or layout of the release artifacts.
  • The evaluation performance (memory, execution time) of an existing query.
  • The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

  • Yes
  • No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

  • Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

  • Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

Reviewer

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

lcartey added 30 commits June 2, 2025 15:50
@lcartey
Add BannedAPIs package details
1844339
@lcartey
Rule 18.5.2: AvoidProgramTerminatingFunctions.ql
102703a 
Add a query to identify uses of terminating program functions. [a]
@lcartey
RULE-18-5-2: Improve macro defined results
31039e3 
Make the results easier to understand by reporting calls in
macro expansions in the macros themselves, if they are defined
by the developers of this project.
@lcartey
Remove cstdlib.h
e9c0fe4 
This header shouldn't exist.
@lcartey
Improve C++ stub headers for cstdarg
58e43ad
@lcartey
Rule 21.10.1: NoVariadicFunctionMacros.ql
ffed467 
A query for reporting the use of variadic functions. [a]
@lcartey
Remove redundant header stub file
d3ec7b0
@lcartey
Add csetjmp header
aae01d0
@lcartey
Add str* functions to cstdlib/stdlib.h headers
786f747
@lcartey
Add strerror to cstring/string.h
4ae6e32 
And remove duplicate definitions
@lcartey
Add cwchar/wchar.h as stubs
1415a72
@lcartey
Add stdint.h as a header, and move cstdint definitions
c15b516
@lcartey
Remove cstdint.h
ce58aff 
This is not a "real" header - definitions should be in stdint.h
and cstdint.
@lcartey
Update cinttypes/inttypes.h
99fa73b 
 - Replace int aliases with include of stdint.h
 - Add str/wcs function stubs
 - Add header guards
@lcartey
Populate wint_t from wctype.h, and use it in wchar.h.
84697e6
@lcartey
Rule 21.2.2 - UnsafeStringHandlingFunctions.ql
555fdec 
Add a query to detect uses of a number of common unsafe string
handling functions. [a]
@lcartey
Add a library to support the detection of banned functions
c607798 
This supports accurate detection of usage of banned functions:
 - Detects both accesses and calls
 - Reports the macro definition if the use is within a macro
   defined in the users code.
 - Otherwise reports the location of the expression.
@lcartey
Rule 18.5.2 - Use BannedFunctions library
7a28f02 
Use library to avoid duplication.
@lcartey
Rule 21.2.2 - use BannedFunction library
7fa6646
@lcartey
Add system to cstdlib
d33b4eb
@lcartey
Rule 21.2.3 - BannedSystemFunction.ql
efa017f 
Add a new query for detecting uses of the banned function `system`. [a]
@lcartey
Rule 23.11.1 - UseSmarPtrFactoryFunctions.ql
eccc416 
A new query to report uses of the raw pointer constructors of
the std::unique_ptr and std::shared_ptr classes. [a]
@lcartey
Update C++ stubs for ctype.h/cctype and wctype.h/cwctype
8a8c33d
@lcartey
Improve C++ stubs for locales
b81423b
@lcartey
Add C++ string_view stub
cfceb9b
@lcartey
Rule 24.5.1 - CharacterHandlingFunctionRestrictions.ql
52b97e6 
Add a new query to detect uses of prohibited character handling
functions.
@lcartey
Rule 24.5.1 - improve structure/consistency of query
ed16770
@lcartey
Extend C++ stubs for locale
18e0143
@lcartey
Rule 25.5.1 - LocaleGlobalFunctionNotAllowed.ql
367a18a 
Add query for banned locale functions. [a]
@lcartey
Rule 24-5-2 - NoMemoryFunctionsFromCString.ql
8485924 
Adds a new query to detect use of banned cstring functions. [a]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lcartey