Skip to content

Commit ece4789

Browse files
amai2012amai2012
authored
Merge pull request danmar#821 from boos/cwe-mapping-11
CWE mapping of invalidLengthModifierError, leakUnsafeArgAlloc, nullPointerDefaultArg, nullPointerRedundantCheck, raceAfterInterlockedDecrement.
2 parents 9c27211 + 01ee9ee commit ece4789

File tree

4 files changed

+13
-10
lines changed

4 files changed

+13
-10
lines changed

lib/checkio.cpp

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,7 @@ static const CWE CWE664(664U); // Improper Control of a Resource Through its Li
4040
static const CWE CWE685(685U); // Function Call With Incorrect Number of Arguments
4141
static const CWE CWE686(686U); // Function Call With Incorrect Argument Type
4242
static const CWE CWE687(687U); // Function Call With Incorrectly Specified Argument Value
43+
static const CWE CWE704(704U); // Incorrect Type Conversion or Cast
4344
static const CWE CWE910(910U); // Use of Expired File Descriptor
4445

4546
//---------------------------------------------------------------------------
@@ -2045,7 +2046,7 @@ void CheckIO::invalidLengthModifierError(const Token* tok, unsigned int numForma
20452046
return;
20462047
std::ostringstream errmsg;
20472048
errmsg << "'" << modifier << "' in format string (no. " << numFormat << ") is a length modifier and cannot be used without a conversion specifier.";
2048-
reportError(tok, Severity::warning, "invalidLengthModifierError", errmsg.str());
2049+
reportError(tok, Severity::warning, "invalidLengthModifierError", errmsg.str(), CWE704, false);
20492050
}
20502051

20512052
void CheckIO::invalidScanfFormatWidthError(const Token* tok, unsigned int numFormat, int width, const Variable *var, char c)

lib/checkmemoryleak.cpp

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -39,9 +39,10 @@ namespace {
3939
}
4040

4141
// CWE ID used:
42-
static const CWE CWE398(398U);
43-
static const CWE CWE771(771U);
44-
static const CWE CWE772(772U);
42+
static const CWE CWE398(398U); // Indicator of Poor Code Quality
43+
static const CWE CWE401(401U); // Improper Release of Memory Before Removing Last Reference ('Memory Leak')
44+
static const CWE CWE771(771U); // Missing Reference to Active Allocated Resource
45+
static const CWE CWE772(772U); // Missing Release of Resource after Effective Lifetime
4546

4647
/**
4748
* Count function parameters
@@ -2749,6 +2750,6 @@ void CheckMemoryLeakNoVar::unsafeArgAllocError(const Token *tok, const std::stri
27492750
const std::string factoryFunc = ptrType == "shared_ptr" ? "make_shared" : "make_unique";
27502751
reportError(tok, Severity::warning, "leakUnsafeArgAlloc",
27512752
"Unsafe allocation. If " + funcName + "() throws, memory could be leaked. Use " + factoryFunc + "<" + objType + ">() instead.",
2752-
CWE(0U),
2753+
CWE401,
27532754
true); // Inconclusive because funcName may never throw
27542755
}

lib/checknullpointer.cpp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ namespace {
3030
CheckNullPointer instance;
3131
}
3232

33-
static const CWE CWE476(476U);
33+
static const CWE CWE476(476U); // NULL Pointer Dereference
3434

3535
//---------------------------------------------------------------------------
3636

@@ -477,7 +477,7 @@ void CheckNullPointer::nullPointerError(const Token *tok, const std::string &var
477477
{
478478
if (defaultArg) {
479479
if (_settings->isEnabled("warning"))
480-
reportError(tok, Severity::warning, "nullPointerDefaultArg", "Possible null pointer dereference if the default parameter value is used: " + varname, CWE(0U), inconclusive);
480+
reportError(tok, Severity::warning, "nullPointerDefaultArg", "Possible null pointer dereference if the default parameter value is used: " + varname, CWE476, inconclusive);
481481
} else if (possible) {
482482
if (_settings->isEnabled("warning"))
483483
reportError(tok, Severity::warning, "nullPointer", "Possible null pointer dereference: " + varname, CWE476, inconclusive);
@@ -491,5 +491,5 @@ void CheckNullPointer::nullPointerError(const Token *tok, const std::string &var
491491
callstack.push_back(tok);
492492
callstack.push_back(nullCheck);
493493
const std::string errmsg(ValueFlow::eitherTheConditionIsRedundant(nullCheck) + " or there is possible null pointer dereference: " + varname + ".");
494-
reportError(callstack, Severity::warning, "nullPointerRedundantCheck", errmsg, CWE(0U), inconclusive);
494+
reportError(callstack, Severity::warning, "nullPointerRedundantCheck", errmsg, CWE476, inconclusive);
495495
}

lib/checkother.cpp

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,8 @@ namespace {
3434
}
3535

3636
static const struct CWE CWE197(197U); // Numeric Truncation Error
37-
static const struct CWE CWE369(369U);
37+
static const struct CWE CWE362(362U); // Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
38+
static const struct CWE CWE369(369U); // Divide By Zero
3839
static const struct CWE CWE398(398U); // Indicator of Poor Code Quality
3940
static const struct CWE CWE475(475U); // Undefined Behavior for Input to API
4041
static const struct CWE CWE561(561U); // Dead Code
@@ -2554,7 +2555,7 @@ void CheckOther::checkInterlockedDecrement()
25542555
void CheckOther::raceAfterInterlockedDecrementError(const Token* tok)
25552556
{
25562557
reportError(tok, Severity::error, "raceAfterInterlockedDecrement",
2557-
"Race condition: non-interlocked access after InterlockedDecrement(). Use InterlockedDecrement() return value instead.");
2558+
"Race condition: non-interlocked access after InterlockedDecrement(). Use InterlockedDecrement() return value instead.", CWE362, false);
25582559
}
25592560

25602561
void CheckOther::checkUnusedLabel()

0 commit comments

Comments
 (0)