Uploaded image for project: 'SonarCFamily'
  1. SonarCFamily
  2. CPP-2971

Fix FN: Unmapped Clang Static Analyzer issues leads to FNs for rules tagged with symbolic-execution

    XMLWordPrintable

    Details

      Description

      CFamily analyzer uses Clang Static Analyzer and some of its checkers. Issues found by these checkers that bind to Sonar C, C++ and ObjC rules are reported to the users.
      For some checkers, some messages do not bind to Sonar CFamily rules and are not reported to the user. When this case is met, this interrupt the reporting of any further issues of rules tagged with symbolic-execution and then creates false negatives.

      typedef unsigned long size_t;
      typedef long ssize_t;
      
      int scanf(const char* format, ...);
      int system(const char* command);
      
      ssize_t read(int fd, void* buf, size_t count);
      
      void withoutUnmappedCheckerIssue(int fd) {
        char buf[128];
        scanf("%s", buf);
        read(fd, buf, 256); // Issue: "read" overflows write buffer "buf"; passed size "256" (256) exceeds buffer size (128)
      }
      
      void withUnmappedCheckerIssue(int fd) {
        char buf[128];
        scanf("%s", buf);
        system(buf); // CSA checker issue not mapped to Sonar CFamily rule here (Untrusted data is passed to a system call (CERT/STR02-C. Sanitize data passed to complex subsystems))
        read(fd, buf, 256); // FN: No issue reported
      }
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              geoffray.adde Geoffray Adde
              Reporter:
              geoffray.adde Geoffray Adde
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: