lgtm: replace the query used for looking for fgets with a more genera…

…l query to make it easier to comlain about `strtok` :-) Inspired by systemd/systemd#11963, which, in turn, was prompted by systemd/systemd#11555. (cherry picked from commit 7ba5ded) Related: #2017033
mrc0mmand · Dec 6, 2021 · 474b882 · 474b882
1 parent 441e2cd
commit 474b882
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 21 deletions.
diff --git a/.lgtm/cpp-queries/PotentiallyDangerousFunction.ql b/.lgtm/cpp-queries/PotentiallyDangerousFunction.ql
@@ -0,0 +1,30 @@
+/**
+ * @name Use of potentially dangerous function
+ * @description Certain standard library functions are dangerous to call.
+ * @kind problem
+ * @problem.severity error
+ * @precision high
+ * @id cpp/potentially-dangerous-function
+ * @tags reliability
+ *       security
+ *
+ * Borrowed from
+ * https://github.com/Semmle/ql/blob/master/cpp/ql/src/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
+ */
+import cpp
+
+predicate potentiallyDangerousFunction(Function f, string message) {
+  (
+    f.getQualifiedName() = "fgets" and
+    message = "Call to fgets is potentially dangerous. Use read_line() instead."
+  ) or (
+    f.getQualifiedName() = "strtok" and
+    message = "Call to strtok is potentially dangerous. Use extract_first_word() instead."
+  )
+}
+
+from FunctionCall call, Function target, string message
+where
+  call.getTarget() = target and
+  potentiallyDangerousFunction(target, message)
+select call, message
diff --git a/.lgtm/cpp-queries/fgets.ql b/.lgtm/cpp-queries/fgets.ql