diff --git a/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/SQLVerifyChecker.java b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/SQLVerifyChecker.java new file mode 100644 index 0000000..d742c0d --- /dev/null +++ b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/SQLVerifyChecker.java @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved. + * 项目名称:C++ 信息安全性设计准则 + * 项目描述:用于检查C++源代码的安全性设计准则的Sonarqube插件 + * 版权说明:本软件属北京关键科技股份有限公司所有,在未获得北京关键科技股份有限公司正式授权情况下,任何企业和个人,不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。 + */ +package com.keyware.sonar.cxx.rules.checkers; + +import com.keyware.sonar.cxx.SubscriptionAstVisitor; +import com.sonar.cxx.sslr.api.AstNode; +import com.sonar.cxx.sslr.api.AstNodeType; +import com.sonar.cxx.sslr.api.Grammar; +import org.sonar.check.Priority; +import org.sonar.check.Rule; +import org.sonar.cxx.parser.CxxGrammarImpl; +import org.sonar.cxx.squidbridge.annotations.ActivatedByDefault; +import org.sonar.cxx.squidbridge.annotations.SqaleConstantRemediation; +import org.sonar.cxx.squidbridge.checks.SquidCheck; + +import javax.annotation.Nonnull; +import java.util.ArrayList; +import java.util.List; + +/** + * TODO SQLVerifyChecker + * + * @author RenFengJiang + * @date 2024/1/14 + */ +@Rule(key = "SQLVerifyChecker", name = "在使用SQL语句前对输入数据进行验证", description = "在拼接SQL语句前对输入数据进行验证,确保输入数据不包含SQL语句的关键字符;或使用参数化SQL查询语句,并将输入数据作为SQL语句的参数", priority = Priority.INFO, tags = {"28suo"}) +@ActivatedByDefault +@SqaleConstantRemediation("5min") +public class SQLVerifyChecker extends SquidCheck { + + @Override + public void init() { + // 指定当前访问器需要访问的节点类型,functionBody(函数)主体节点 + this.subscribeTo( + CxxGrammarImpl.functionBody + ); + } + + /** + * 访问AST节点 + * + * @param node 要处理的AST节点,该节点类型为通过subscribeTo方法订阅的类型 + */ + @Override + public void visitNode(@Nonnull AstNode node) { + IfSQL ifSQL = new IfSQL(this); + ifSQL.accept(node); + } + + class IfSQL extends SubscriptionAstVisitor{ + + List lists = new ArrayList(); + public IfSQL(SquidCheck checker){ + super(checker); + } + + @Override + public List visitNodeTypes() { + // 指定当前访问器需要访问的节点类型,这里指定了simpleDeclaration(简单声明)节点类型 + return List.of(CxxGrammarImpl.functionBody); + } + + @Override + public void visitNode(@Nonnull AstNode node) { + //选择节点语句 + List nodeDescendants = node.getDescendants(CxxGrammarImpl.selectionStatement); + for (AstNode astNode:nodeDescendants) { + //判断节点是不是if节点 + if("if".equals(astNode.getToken().getValue())){ + //获取其中的参数 + List astNodeList = astNode.getDescendants(CxxGrammarImpl.expressionList); + for (AstNode expr:astNodeList) { + lists.add(expr.getToken().getValue()); + } + } + } + //获取表达是数据信息 + List descendants = node.getDescendants(CxxGrammarImpl.expressionList); + for (AstNode ast:descendants) { + String name = ast.getParent().getToken().getValue(); + //判断是否时使用sanitizeString方法 + if("sanitizeString".equals(name)){ + //判断方法参数是否进行校验 + if(!lists.contains(ast.getToken().getValue())){ + reportIssue(ast, "在使用SQL语句前对输入数据进行验证"); + } + } + } + } + } +} diff --git a/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/SQLVerifyCheckerTest.java b/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/SQLVerifyCheckerTest.java new file mode 100644 index 0000000..1aa4f6a --- /dev/null +++ b/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/SQLVerifyCheckerTest.java @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved. + * 项目名称:C++ 信息安全性设计准则 + * 项目描述:用于检查C++源代码的安全性设计准则的Sonarqube插件 + * 版权说明:本软件属北京关键科技股份有限公司所有,在未获得北京关键科技股份有限公司正式授权情况下,任何企业和个人,不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。 + */ +package com.keyware.sonar.cxx.rules.checkers; + +import com.keyware.sonar.cxx.CxxFileTesterHelper; +import org.junit.jupiter.api.Test; +import org.sonar.cxx.CxxAstScanner; +import org.sonar.cxx.squidbridge.api.SourceFile; +import org.sonar.cxx.squidbridge.checks.CheckMessagesVerifier; + +import java.io.IOException; + +/** + * TODO SQLVerifyChecker + * + * @author RenFengJiang + * @date 2024/1/14 + */ +public class SQLVerifyCheckerTest { + + @Test + public void checkTest() throws IOException { + var checker = new SQLVerifyChecker(); + var tester = CxxFileTesterHelper.create("SQLVerifyChecker.cc"); + SourceFile file = CxxAstScanner.scanSingleInputFile(tester.asInputFile(), checker); + CheckMessagesVerifier.verify(file.getCheckMessages()) + .next().atLine(7).withMessage("在使用SQL语句前对输入数据进行验证") + .noMore(); + } +} diff --git a/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/SQLVerifyChecker.cc b/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/SQLVerifyChecker.cc new file mode 100644 index 0000000..f2aeda6 --- /dev/null +++ b/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/SQLVerifyChecker.cc @@ -0,0 +1,19 @@ +int main() { + + std::string inputQuery = ""; +// if(a(inputQuery)){ +// } + // 对输入的SQL语句进行验证和处理 + std::string sqlQuery = sanitizeString(inputQuery); // error + + // 执行SQL语句 + stmt = con->createStatement(); + res = stmt->executeQuery(sqlQuery); + + // 处理查询结果 + while (res->next()) { + // 从结果集中获取数据并进行处理 + std::string resultData = res->getString("column_name"); + std::cout << "查询结果: " << resultData << std::endl; + } +}