Add files via upload

2026-04-28 10:15:14 +02:00 · 2021-06-23 10:44:27 +03:00
parent 87ee7849a9
commit 460fde72ff
3 changed files with 77 additions and 0 deletions
--- a/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.cpp
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.cpp
@@ -0,0 +1,9 @@
+...
+throw ("my exception!",546); // BBAD
+...
+throw errorFunc("my exception!",546); // GOOD 
+...
+std::runtime_error("msg error"); // BAD
+...
+throw std::runtime_error("msg error"); // GOOD
+...
--- a/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.qhelp
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.qhelp
@@ -0,0 +1,23 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+<overview>
+<p>Finding places for the dangerous use of exceptions.</p>
+
+</overview>
+
+<example>
+<p>The following example demonstrates erroneous and fixed methods for using exceptions.</p>
+<sample src="FindIncorrectlyUsedExceptions.cpp" />
+
+</example>
+<references>
+
+<li>
+  CERT CPP Coding Standard:
+  <a href="https://wiki.sei.cmu.edu/confluence/display/cplusplus/DCL57-CPP.+Do+not+let+exceptions+escape+from+destructors+or+deallocation+functions">DCL57-CPP. Do not let exceptions escape from destructors or deallocation functions</a>.
+</li>
+
+</references>
+</qhelp>
--- a/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql
@@ -0,0 +1,45 @@
+/**
+ * @name Operator Find Incorrectly Used Exceptions
+ * @description --Finding places for the dangerous use of exceptions.
+ * @kind problem
+ * @id cpp/operator-find-incorrectly-used-exceptions
+ * @problem.severity warning
+ * @precision medium
+ * @tags correctness
+ *       security
+ *       external/cwe/cwe-703
+ *       external/cwe/cwe-248
+ *       external/cwe/cwe-390
+ */
+
+import cpp
+
+from FunctionCall fc, string msg
+where
+  exists(ThrowExpr texp |
+    texp.getEnclosingFunction() = fc.getTarget() and
+    (
+      fc.getTarget().hasGlobalOrStdName("DllMain") and
+      not exists(TryStmt ts |
+        texp.getEnclosingStmt().getParentStmt*() = ts.getStmt() and
+        not ts.getACatchClause().isEmpty()
+      ) and
+      msg = "DllMain contains exeption no wrapped to try..catch blocks."
+      or
+      texp.getExpr().isParenthesised() and
+      texp.getExpr().(CommaExpr).getLeftOperand().isConstant() and
+      texp.getExpr().(CommaExpr).getRightOperand().isConstant() and
+      msg = "There is an exception in the function that requires your attention."
+    )
+  )
+  or
+  fc.getTarget() instanceof Constructor and
+  fc.getTargetType().(Class).getABaseClass+().hasGlobalOrStdName("exception") and
+  not fc.isInMacroExpansion() and
+  not exists(ThrowExpr texp | fc.getEnclosingStmt() = texp.getEnclosingStmt()) and
+  not exists(FunctionCall fctmp | fctmp.getAnArgument() = fc) and
+  not fc instanceof ConstructorDirectInit and
+  not fc.getEnclosingStmt() instanceof DeclStmt and
+  not fc instanceof ConstructorDelegationInit and
+  msg = "This object does not generate an exception."
+select fc, msg