From cb47be79119d5851338f5c4b53e7907fb958cc74 Mon Sep 17 00:00:00 2001 From: RenFengJiang <1111> Date: Sun, 14 Jan 2024 11:32:13 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=EF=BC=9AC++=E4=BD=BF?= =?UTF-8?q?=E7=94=A8realloc=E5=87=BD=E6=95=B0=E5=89=8D=E5=BA=94=E5=85=88?= =?UTF-8?q?=E6=B8=85=E6=A5=9A=E6=95=8F=E6=84=9F=E4=BF=A1=E6=81=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../rules/checkers/ReallocMainChecker.java | 113 ++++++++++++++++++ .../org/sonar/cxx/parser/CxxGrammarImpl.java | 6 + .../checkers/ReallocMainCheckerTest.java | 34 ++++++ .../cxx/rules/checkers/ReallocMainChecker.cc | 22 ++++ 4 files changed, 175 insertions(+) create mode 100644 sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java create mode 100644 sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainCheckerTest.java create mode 100644 sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc diff --git a/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java new file mode 100644 index 0000000..f96a4e6 --- /dev/null +++ b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.java @@ -0,0 +1,113 @@ +/* + * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved. + * 项目名称:C++ 信息安全性设计准则 + * 项目描述:用于检查C++源代码的安全性设计准则的Sonarqube插件 + * 版权说明:本软件属北京关键科技股份有限公司所有,在未获得北京关键科技股份有限公司正式授权情况下,任何企业和个人,不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。 + */ +package com.keyware.sonar.cxx.rules.checkers; + +import com.sonar.cxx.sslr.api.AstNode; +import com.sonar.cxx.sslr.api.Grammar; +import org.sonar.check.Priority; +import org.sonar.check.Rule; +import org.sonar.cxx.parser.CxxGrammarImpl; +import org.sonar.cxx.squidbridge.annotations.ActivatedByDefault; +import org.sonar.cxx.squidbridge.annotations.SqaleConstantRemediation; +import org.sonar.cxx.squidbridge.checks.SquidCheck; + +import java.util.ArrayList; +import java.util.List; + +/** + * TODO ReallocMainChecker + * + * @author RenFengJiang + * @date 2024/1/13 + */ +@Rule(key = "ReallocMainChecker", name = "使用realloc函数前应先清楚敏感信息", description = "使用realloc()函数前先清空该内存块中的敏感信息", priority = Priority.INFO, tags = {"28suo"}) +@ActivatedByDefault +@SqaleConstantRemediation("5min") +public class ReallocMainChecker extends SquidCheck { + + @Override + public void init() { + // 订阅要检查AST节点类型,用于在visitNode方法中检查该类型节点 + this.subscribeTo( + CxxGrammarImpl.expression + ); + } + + private List lists = new ArrayList(); + /** + * 检查AST节点 + * + * @param astNode 要处理的AST节点,该节点类型为通过subscribeTo方法订阅的类型 + */ + @Override + public void visitNode(AstNode astNode) { + //判断是否是memset方法调用 + if("memset".equals(astNode.getToken().getValue())){ + //获取到此 方法调用中的参数列表 + List listAsts = astNode.getDescendants(CxxGrammarImpl.expressionList); + for (AstNode listAst :listAsts) { + //将此参数列表存入list中 + lists.add(listAst.getToken().getValue()); + } + } + List astNodeDescendants = astNode.getDescendants(CxxGrammarImpl.postfixExpression); + for (AstNode ast :astNodeDescendants) { + //判断是不是realloc方法调用 + if("realloc".equals(ast.getToken().getValue())){ + //获取到参数列表 + List astNodes = ast.getDescendants(CxxGrammarImpl.expressionList); + for (AstNode as:astNodes) { + //获取到参数 + String name = as.getToken().getValue(); + //判断参数是否存在在集合中 + if(!lists.contains(name)){ + getContext().createLineViolation(this,"使用realloc函数前应先清楚敏感信息",as); + } + } + } + } + } +// class IfChildren extends SquidCheck{ +// private final String name ; +// private boolean boo = true; +// +// IfChildren(String name){ +// this.name = name; +// } +// +// @Override +// public void init() { +// // 订阅要检查AST节点类型,用于在visitNode方法中检查该类型节点 +// this.subscribeTo( +// CxxGrammarImpl.expression +// ); +// } +// @Override +// public void visitNode(AstNode astNode) { +// +// List astNodes = astNode.getDescendants(CxxGrammarImpl.expressionStatement); +// for (AstNode as :astNodes) { +// if("memset".equals(as.getToken().getValue())){ +// List descendants = astNode.getDescendants(CxxGrammarImpl.expressionList); +// for (AstNode ast :descendants) { +// if(name.equals(ast.getToken().getValue())){ +// boo = false; +// } +// } +// } +// } +// +// List descendants = astNode.getDescendants(CxxGrammarImpl.postfixExpression); +// for (AstNode ast :descendants) { +// if(name.equals(ast.getToken().getValue())){ +// boo = false; +// } +// } +// } +// +// } +} diff --git a/sonar-keyware-plugins-cxx/src/main/java/org/sonar/cxx/parser/CxxGrammarImpl.java b/sonar-keyware-plugins-cxx/src/main/java/org/sonar/cxx/parser/CxxGrammarImpl.java index 6be2a59..b08742a 100644 --- a/sonar-keyware-plugins-cxx/src/main/java/org/sonar/cxx/parser/CxxGrammarImpl.java +++ b/sonar-keyware-plugins-cxx/src/main/java/org/sonar/cxx/parser/CxxGrammarImpl.java @@ -1,3 +1,9 @@ +/* + * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved. + * 项目名称:C++ 信息安全性设计准则 + * 项目描述:用于检查C++源代码的安全性设计准则的Sonarqube插件 + * 版权说明:本软件属北京关键科技股份有限公司所有,在未获得北京关键科技股份有限公司正式授权情况下,任何企业和个人,不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。 + */ package org.sonar.cxx.parser; import static com.sonar.cxx.sslr.api.GenericTokenType.EOF; diff --git a/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainCheckerTest.java b/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainCheckerTest.java new file mode 100644 index 0000000..dd25b7a --- /dev/null +++ b/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/ReallocMainCheckerTest.java @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved. + * 项目名称:C++ 信息安全性设计准则 + * 项目描述:用于检查C++源代码的安全性设计准则的Sonarqube插件 + * 版权说明:本软件属北京关键科技股份有限公司所有,在未获得北京关键科技股份有限公司正式授权情况下,任何企业和个人,不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。 + */ +package com.keyware.sonar.cxx.rules.checkers; + +import com.keyware.sonar.cxx.CxxFileTesterHelper; +import org.junit.jupiter.api.Test; +import org.sonar.cxx.CxxAstScanner; +import org.sonar.cxx.squidbridge.api.SourceFile; +import org.sonar.cxx.squidbridge.checks.CheckMessagesVerifier; + +import java.io.IOException; + +/** + * TODO ReallocMainCheckerTest + * + * @author RenFengJiang + * @date 2024/1/13 + */ +public class ReallocMainCheckerTest { + @Test + public void checkTest() throws IOException { + var checker = new ReallocMainChecker(); + var tester = CxxFileTesterHelper.create("ReallocMainChecker.cc"); + SourceFile file = CxxAstScanner.scanSingleInputFile(tester.asInputFile(), checker); + CheckMessagesVerifier.verify(file.getCheckMessages()) + .next().atLine(14).withMessage("使用realloc函数前应先清楚敏感信息") + .noMore(); + } + +} diff --git a/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc b/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc new file mode 100644 index 0000000..1596a5b --- /dev/null +++ b/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ReallocMainChecker.cc @@ -0,0 +1,22 @@ +struct User { + char name[50]; + int age; +}; + +int main() { + // 假设有一个使用者结构体需要重新分配内存 +// User* users = (User*)malloc(5 * sizeof(User)); + + // 在使用realloc()函数重新分配内存块之前,先清空使用者信息 +// memset(users, 0, 5 * sizeof(User)); + + // 使用realloc()函数重新分配内存块 + users = (User*)realloc(users, 10 * sizeof(User));//error + + // 继续使用重新分配后的内存块... + + // 最后释放内存 +// free(users); + + return 0; +}