lgtm: add a custom query for catching the use of fgets
As everybody knows, nodoby really reads CODING_STYLE (especially the last paragraph :-)) so let's utilize LGTM to help us catch the use of fgets.
This commit is contained in:
parent
9f1c81d80a
commit
f86c1da283
23
.lgtm/cpp-queries/fgets.ql
Normal file
23
.lgtm/cpp-queries/fgets.ql
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
/**
|
||||||
|
* @name Use of fgets()
|
||||||
|
* @description fgets() is dangerous to call. Use read_line() instead.
|
||||||
|
* @kind problem
|
||||||
|
* @problem.severity error
|
||||||
|
* @precision high
|
||||||
|
* @id cpp/fgets
|
||||||
|
* @tags reliability
|
||||||
|
* security
|
||||||
|
*/
|
||||||
|
import cpp
|
||||||
|
|
||||||
|
|
||||||
|
predicate dangerousFunction(Function function) {
|
||||||
|
exists (string name | name = function.getQualifiedName() |
|
||||||
|
name = "fgets")
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
from FunctionCall call, Function target
|
||||||
|
where call.getTarget() = target
|
||||||
|
and dangerousFunction(target)
|
||||||
|
select call, target.getQualifiedName() + " is potentially dangerous"
|
Loading…
Reference in a new issue