shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-05 09:17:44 +03:00
Code

lgtm: beef up list of dangerous/questionnable API calls not to make

Browse Source
This commit is contained in:
Lennart Poettering 2019-04-02 12:43:47 +02:00
parent 924426a703
commit 9b4805421e
1 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
.lgtm/cpp-queries/PotentiallyDangerousFunction.ql
View File

@ -16,10 +16,28 @@ import cpp
predicate potentiallyDangerousFunction(Function f, string message) { predicate potentiallyDangerousFunction(Function f, string message) {
( (
f.getQualifiedName() = "fgets" and f.getQualifiedName() = "fgets" and
message = "Call to fgets is potentially dangerous. Use read_line() instead." message = "Call to fgets() is potentially dangerous. Use read_line() instead."
) or ( ) or (
f.getQualifiedName() = "strtok" and f.getQualifiedName() = "strtok" and
message = "Call to strtok is potentially dangerous. Use extract_first_word() instead." message = "Call to strtok() is potentially dangerous. Use extract_first_word() instead."
) or (
f.getQualifiedName() = "strsep" and
message = "Call to strsep() is potentially dangerous. Use extract_first_word() instead."
) or (
f.getQualifiedName() = "dup" and
message = "Call to dup() is potentially dangerous. Use fcntl(fd, FD_DUPFD_CLOEXEC, 3) instead."
) or (
f.getQualifiedName() = "htonl" and
message = "Call to htonl() is confusing. Use htobe32() instead."
) or (
f.getQualifiedName() = "htons" and
message = "Call to htons() is confusing. Use htobe16() instead."
) or (
f.getQualifiedName() = "ntohl" and
message = "Call to ntohl() is confusing. Use be32toh() instead."
) or (
f.getQualifiedName() = "ntohs" and
message = "Call to ntohs() is confusing. Use be16toh() instead."
) )
} }