Add BannedAPIs package details

lcartey · lcartey · commit 18443397f5a4 · 2025-06-02T15:50:45.000+01:00
diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedAPIs.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/BannedAPIs.qll
@@ -0,0 +1,163 @@
+//** THIS FILE IS AUTOGENERATED, DO NOT MODIFY DIRECTLY.  **/
+import cpp
+import RuleMetadata
+import codingstandards.cpp.exclusions.RuleMetadata
+
+newtype BannedAPIsQuery =
+  TAvoidProgramTerminatingFunctionsQuery() or
+  TNoVariadicFunctionMacrosQuery() or
+  TNoCsetjmpHeaderQuery() or
+  TUnsafeStringHandlingFunctionsQuery() or
+  TBannedSystemFunctionQuery() or
+  TUseSmartPtrFactoryFunctionsQuery() or
+  TCharacterHandlingFunctionRestrictionsQuery() or
+  TNoMemoryFunctionsFromCStringQuery() or
+  TLocaleGlobalFunctionNotAllowedQuery()
+
+predicate isBannedAPIsQueryMetadata(Query query, string queryId, string ruleId, string category) {
+  query =
+    // `Query` instance for the `avoidProgramTerminatingFunctions` query
+    BannedAPIsPackage::avoidProgramTerminatingFunctionsQuery() and
+  queryId =
+    // `@id` for the `avoidProgramTerminatingFunctions` query
+    "cpp/misra/avoid-program-terminating-functions" and
+  ruleId = "RULE-18-5-2" and
+  category = "advisory"
+  or
+  query =
+    // `Query` instance for the `noVariadicFunctionMacros` query
+    BannedAPIsPackage::noVariadicFunctionMacrosQuery() and
+  queryId =
+    // `@id` for the `noVariadicFunctionMacros` query
+    "cpp/misra/no-variadic-function-macros" and
+  ruleId = "RULE-21-10-1" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `noCsetjmpHeader` query
+    BannedAPIsPackage::noCsetjmpHeaderQuery() and
+  queryId =
+    // `@id` for the `noCsetjmpHeader` query
+    "cpp/misra/no-csetjmp-header" and
+  ruleId = "RULE-21-10-2" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `unsafeStringHandlingFunctions` query
+    BannedAPIsPackage::unsafeStringHandlingFunctionsQuery() and
+  queryId =
+    // `@id` for the `unsafeStringHandlingFunctions` query
+    "cpp/misra/unsafe-string-handling-functions" and
+  ruleId = "RULE-21-2-2" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `bannedSystemFunction` query
+    BannedAPIsPackage::bannedSystemFunctionQuery() and
+  queryId =
+    // `@id` for the `bannedSystemFunction` query
+    "cpp/misra/banned-system-function" and
+  ruleId = "RULE-21-2-3" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `useSmartPtrFactoryFunctions` query
+    BannedAPIsPackage::useSmartPtrFactoryFunctionsQuery() and
+  queryId =
+    // `@id` for the `useSmartPtrFactoryFunctions` query
+    "cpp/misra/use-smart-ptr-factory-functions" and
+  ruleId = "RULE-23-11-1" and
+  category = "advisory"
+  or
+  query =
+    // `Query` instance for the `characterHandlingFunctionRestrictions` query
+    BannedAPIsPackage::characterHandlingFunctionRestrictionsQuery() and
+  queryId =
+    // `@id` for the `characterHandlingFunctionRestrictions` query
+    "cpp/misra/character-handling-function-restrictions" and
+  ruleId = "RULE-24-5-1" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `noMemoryFunctionsFromCString` query
+    BannedAPIsPackage::noMemoryFunctionsFromCStringQuery() and
+  queryId =
+    // `@id` for the `noMemoryFunctionsFromCString` query
+    "cpp/misra/no-memory-functions-from-c-string" and
+  ruleId = "RULE-24-5-2" and
+  category = "required"
+  or
+  query =
+    // `Query` instance for the `localeGlobalFunctionNotAllowed` query
+    BannedAPIsPackage::localeGlobalFunctionNotAllowedQuery() and
+  queryId =
+    // `@id` for the `localeGlobalFunctionNotAllowed` query
+    "cpp/misra/locale-global-function-not-allowed" and
+  ruleId = "RULE-25-5-1" and
+  category = "required"
+}
+
+module BannedAPIsPackage {
+  Query avoidProgramTerminatingFunctionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `avoidProgramTerminatingFunctions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TAvoidProgramTerminatingFunctionsQuery()))
+  }
+
+  Query noVariadicFunctionMacrosQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `noVariadicFunctionMacros` query
+      TQueryCPP(TBannedAPIsPackageQuery(TNoVariadicFunctionMacrosQuery()))
+  }
+
+  Query noCsetjmpHeaderQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `noCsetjmpHeader` query
+      TQueryCPP(TBannedAPIsPackageQuery(TNoCsetjmpHeaderQuery()))
+  }
+
+  Query unsafeStringHandlingFunctionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `unsafeStringHandlingFunctions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TUnsafeStringHandlingFunctionsQuery()))
+  }
+
+  Query bannedSystemFunctionQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `bannedSystemFunction` query
+      TQueryCPP(TBannedAPIsPackageQuery(TBannedSystemFunctionQuery()))
+  }
+
+  Query useSmartPtrFactoryFunctionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `useSmartPtrFactoryFunctions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TUseSmartPtrFactoryFunctionsQuery()))
+  }
+
+  Query characterHandlingFunctionRestrictionsQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `characterHandlingFunctionRestrictions` query
+      TQueryCPP(TBannedAPIsPackageQuery(TCharacterHandlingFunctionRestrictionsQuery()))
+  }
+
+  Query noMemoryFunctionsFromCStringQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `noMemoryFunctionsFromCString` query
+      TQueryCPP(TBannedAPIsPackageQuery(TNoMemoryFunctionsFromCStringQuery()))
+  }
+
+  Query localeGlobalFunctionNotAllowedQuery() {
+    //autogenerate `Query` type
+    result =
+      // `Query` type for `localeGlobalFunctionNotAllowed` query
+      TQueryCPP(TBannedAPIsPackageQuery(TLocaleGlobalFunctionNotAllowedQuery()))
+  }
+}
diff --git a/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll b/cpp/common/src/codingstandards/cpp/exclusions/cpp/RuleMetadata.qll
@@ -3,6 +3,7 @@ import cpp
 import codingstandards.cpp.exclusions.RuleMetadata
 //** Import packages for this language **/
 import Allocations
+import BannedAPIs
 import BannedFunctions
 import BannedLibraries
 import BannedSyntax
@@ -58,6 +59,7 @@ import VirtualFunctions
 /** The TQuery type representing this language * */
 newtype TCPPQuery =
   TAllocationsPackageQuery(AllocationsQuery q) or
+  TBannedAPIsPackageQuery(BannedAPIsQuery q) or
   TBannedFunctionsPackageQuery(BannedFunctionsQuery q) or
   TBannedLibrariesPackageQuery(BannedLibrariesQuery q) or
   TBannedSyntaxPackageQuery(BannedSyntaxQuery q) or
@@ -113,6 +115,7 @@ newtype TCPPQuery =
 /** The metadata predicate * */
 predicate isQueryMetadata(Query query, string queryId, string ruleId, string category) {
   isAllocationsQueryMetadata(query, queryId, ruleId, category) or
+  isBannedAPIsQueryMetadata(query, queryId, ruleId, category) or
   isBannedFunctionsQueryMetadata(query, queryId, ruleId, category) or
   isBannedLibrariesQueryMetadata(query, queryId, ruleId, category) or
   isBannedSyntaxQueryMetadata(query, queryId, ruleId, category) or
diff --git a/rule_packages/cpp/BannedAPIs.json b/rule_packages/cpp/BannedAPIs.json
@@ -0,0 +1,184 @@
+{
+  "MISRA-C++-2023": {
+    "RULE-18-5-2": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "advisory"
+      },
+      "queries": [
+        {
+          "description": "Using program-terminating functions like abort, exit, _Exit, quick_exit or terminate causes the stack to not be unwound and object destructors to not be called, potentially leaving the environment in an undesirable state.",
+          "kind": "problem",
+          "name": "Program-terminating functions should not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "AvoidProgramTerminatingFunctions",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "Program-terminating functions should not be used"
+    },
+    "RULE-21-10-1": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "Using <cstdarg> features like va_list, va_arg, va_start, va_end and va_copy bypasses compiler type checking and leads to undefined behavior when used incorrectly.",
+          "kind": "problem",
+          "name": "The features of <cstdarg> shall not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "NoVariadicFunctionMacros",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The features of <cstdarg> shall not be used"
+    },
+    "RULE-21-10-2": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "Using facilities from the <csetjmp> header causes undefined behavior by bypassing normal function return mechanisms and may result in non-trivial object destruction being omitted.",
+          "kind": "problem",
+          "name": "The standard header file <csetjmp> shall not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "NoCsetjmpHeader",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The standard header file <csetjmp> shall not be used"
+    },
+    "RULE-21-2-2": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "Using string handling functions from <cstring>, <cstdlib>, <cwchar> and <cinttypes> headers may result in buffer overflows or unreliable error detection through errno.",
+          "kind": "problem",
+          "name": "The string handling functions from <cstring>, <cstdlib>, <cwchar> and <cinttypes> shall not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "UnsafeStringHandlingFunctions",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The string handling functions from <cstring>, <cstdlib>, <cwchar> and <cinttypes> shall not be used"
+    },
+    "RULE-21-2-3": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "Using the system() function from cstdlib or stdlib.h causes undefined behavior and potential security vulnerabilities.",
+          "kind": "problem",
+          "name": "The library function system from <cstdlib> shall not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "BannedSystemFunction",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The library function system from <cstdlib> shall not be used"
+    },
+    "RULE-23-11-1": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "advisory"
+      },
+      "queries": [
+        {
+          "description": "Using raw pointer constructors of std::shared_ptr and std::unique_ptr instead of make_shared/make_unique can lead to memory leaks if exceptions occur during construction.",
+          "kind": "problem",
+          "name": "The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "UseSmartPtrFactoryFunctions",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used"
+    },
+    "RULE-24-5-1": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "Using character classification and case mapping functions from <cctype> and <cwctype> causes undefined behavior when arguments are not representable as unsigned char or not equal to EOF.",
+          "kind": "problem",
+          "name": "The character handling functions from <cctype> and <cwctype> shall not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "CharacterHandlingFunctionRestrictions",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The character handling functions from <cctype> and <cwctype> shall not be used"
+    },
+    "RULE-24-5-2": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "Using memcpy, memmove or memcmp from <cstring> can result in undefined behavior due to overlapping memory, non-trivially copyable objects, or unequal comparison of logically equal objects.",
+          "kind": "problem",
+          "name": "The C++ Standard Library functions memcpy, memmove and memcmp from <cstring> shall not be used",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "NoMemoryFunctionsFromCString",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The C++ Standard Library functions memcpy, memmove and memcmp from <cstring> shall not be used"
+    },
+    "RULE-25-5-1": {
+      "properties": {
+        "enforcement": "decidable",
+        "obligation": "required"
+      },
+      "queries": [
+        {
+          "description": "Calling setlocale or std::locale::global functions can introduce data races with functions that use the locale, leading to undefined behavior.",
+          "kind": "problem",
+          "name": "The setlocale and std::locale::global functions shall not be called",
+          "precision": "very-high",
+          "severity": "error",
+          "short_name": "LocaleGlobalFunctionNotAllowed",
+          "tags": [
+            "scope/single-translation-unit"
+          ]
+        }
+      ],
+      "title": "The setlocale and std::locale::global functions shall not be called"
+    }
+  }
+}
