-
Notifications
You must be signed in to change notification settings - Fork 31
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
MultipleFunctionClassAnnotations: Port of C28177 (#168)
* Port of C28177 * Update src/drivers/general/queries/MultipleFunctionClassAnnotations/driver_snippet.c Co-authored-by: NateD-MSFT <[email protected]> Signed-off-by: Jacob Ronstadt <[email protected]> * Update example description in qhelp file --------- Signed-off-by: Jacob Ronstadt <[email protected]> Co-authored-by: NateD-MSFT <[email protected]>
- Loading branch information
1 parent
eeaf255
commit 77fb9a1
Showing
4 changed files
with
471 additions
and
0 deletions.
There are no files selected for viewing
56 changes: 56 additions & 0 deletions
56
...s/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.qhelp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| <!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd"> | ||
| <qhelp> | ||
| <overview> | ||
| <p> | ||
| Function is annotated with more than one function class. All but one will be ignored. | ||
| </p> | ||
| </overview> | ||
| <recommendation> | ||
| <p> | ||
| This warning can be generated when there is a chain of typedefs. Only use one function class annotation. | ||
| </p> | ||
| </recommendation> | ||
| <example> | ||
| <p> | ||
| Example function with multiple __drv_functionClass annotations | ||
| </p> | ||
| <sample language="c"> <![CDATA[ | ||
| __drv_functionClass(FAKE_DRIVER_ADD_DEVICE) | ||
| __drv_functionClass(FAKE_DRIVER_ADD_DEVICE2) | ||
| __drv_maxFunctionIRQL(PASSIVE_LEVEL) | ||
| __drv_requiresIRQL(PASSIVE_LEVEL) | ||
| __drv_sameIRQL | ||
| __drv_when(return >= 0, __drv_clearDoInit(yes)) typedef NTSTATUS | ||
| FAKE_DRIVER_ADD_DEVICE( | ||
| __in struct _DRIVER_OBJECT *DriverObject, | ||
| __in struct _DEVICE_OBJECT *PhysicalDeviceObject); | ||
| typedef FAKE_DRIVER_ADD_DEVICE *PDRIVER_ADD_DEVICE; | ||
| FAKE_DRIVER_ADD_DEVICE FakeDriverAddDevice; | ||
| _Use_decl_annotations_ | ||
| NTSTATUS | ||
| FakeDriverAddDevice( | ||
| __in struct _DRIVER_OBJECT *DriverObject, | ||
| __in struct _DEVICE_OBJECT *PhysicalDeviceObject) | ||
| { | ||
| return STATUS_SUCCESS; | ||
| } | ||
| }]]> | ||
| </sample> | ||
|
|
||
| </example> | ||
| <semmleNotes> | ||
| <p> | ||
|
|
||
| </p> | ||
| </semmleNotes> | ||
| <references> | ||
| <li> | ||
| <a href="https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/28177-function-annotated-with-more-than-one-class"> | ||
| C28177 | ||
| </a> | ||
| </li> | ||
| </references> | ||
| </qhelp> |
64 changes: 64 additions & 0 deletions
64
...vers/general/queries/MultipleFunctionClassAnnotations/MultipleFunctionClassAnnotations.ql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,64 @@ | ||
| // Copyright (c) Microsoft Corporation. | ||
| // Licensed under the MIT license. | ||
| /** | ||
| * @id cpp/drivers/multiple-function-class-annotations | ||
| * @kind problem | ||
| * @name Multiple Function Class Annotations | ||
| * @description Function is annotated with more than one function class. All but one will be ignored. | ||
| * @platform Desktop | ||
| * @feature.area Multiple | ||
| * @impact Insecure Coding Practice | ||
| * @repro.text This warning can be generated when there is a chain of typedefs. | ||
| * @owner.email: [email protected] | ||
| * @opaqueid CQLD-c28177 | ||
| * @problem.severity warning | ||
| * @precision medium | ||
| * @tags correctness | ||
| * @scope domainspecific | ||
| * @query-version v1 | ||
| */ | ||
|
|
||
| import cpp | ||
| import drivers.libraries.SAL | ||
|
|
||
| class FunctionClassAnnotatedTypedef extends TypedefType { | ||
| FunctionClassAnnotation funcAnnotation; | ||
|
|
||
| FunctionClassAnnotatedTypedef() { funcAnnotation.getTypedefDeclarations() = this } | ||
|
|
||
| FunctionClassAnnotation getFuncClassAnnotation() { result = funcAnnotation } | ||
| } | ||
|
|
||
| class FunctionClassAnnotation extends SALAnnotation { | ||
| string annotationName; | ||
|
|
||
| FunctionClassAnnotation() { | ||
| this.getMacroName() = ["__drv_functionClass", "_Function_class_"] and | ||
| annotationName = this.getMacroName() | ||
| } | ||
| } | ||
|
|
||
| class AnnotatedFunction extends Function { | ||
| FunctionClassAnnotation funcClassAnnotation; | ||
|
|
||
| AnnotatedFunction() { | ||
| funcClassAnnotation.getMacroName() = ["__drv_functionClass", "_Function_class_"] and | ||
| exists(FunctionDeclarationEntry fde | | ||
| fde = this.getADeclarationEntry() and | ||
| funcClassAnnotation.getDeclarationEntry() = fde | ||
| ) | ||
| or | ||
| exists(FunctionDeclarationEntry fde | | ||
| fde.getFunction() = this and | ||
| fde.getTypedefType().(FunctionClassAnnotatedTypedef).getFuncClassAnnotation() = | ||
| funcClassAnnotation | ||
| ) | ||
| } | ||
|
|
||
| FunctionClassAnnotation getFuncClassAnnotation() { result = funcClassAnnotation } | ||
| } | ||
|
|
||
| from AnnotatedFunction f | ||
| where | ||
| count(f.getFuncClassAnnotation() ) > 1 | ||
| select f, "Function is annotated with more than one function class. All but one will be ignored." |
Oops, something went wrong.