-
Notifications
You must be signed in to change notification settings - Fork 76
Expand file tree
/
Copy pathBannedAPIs.json
More file actions
227 lines (227 loc) · 8.36 KB
/
BannedAPIs.json
File metadata and controls
227 lines (227 loc) · 8.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
{
"MISRA-C++-2023": {
"RULE-18-5-2": {
"properties": {
"enforcement": "decidable",
"obligation": "advisory"
},
"queries": [
{
"description": "Using program-terminating functions like abort, exit, _Exit, quick_exit or terminate causes the stack to not be unwound and object destructors to not be called, potentially leaving the environment in an undesirable state.",
"kind": "problem",
"name": "Program-terminating functions should not be used",
"precision": "very-high",
"severity": "error",
"short_name": "AvoidProgramTerminatingFunctions",
"tags": [
"scope/single-translation-unit",
"maintainability",
"correctness"
]
}
],
"title": "Program-terminating functions should not be used"
},
"RULE-21-10-1": {
"properties": {
"enforcement": "decidable",
"obligation": "required"
},
"queries": [
{
"description": "Using <cstdarg> features like va_list, va_arg, va_start, va_end and va_copy bypasses compiler type checking and leads to undefined behavior when used incorrectly.",
"kind": "problem",
"name": "The features of <cstdarg> shall not be used",
"precision": "very-high",
"severity": "error",
"short_name": "NoVariadicFunctionMacros",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability"
]
}
],
"title": "The features of <cstdarg> shall not be used"
},
"RULE-21-10-2": {
"properties": {
"enforcement": "decidable",
"obligation": "required"
},
"queries": [
{
"description": "Using facilities from the <csetjmp> header causes undefined behavior by bypassing normal function return mechanisms and may result in non-trivial object destruction being omitted.",
"kind": "problem",
"name": "The standard header file <csetjmp> shall not be used",
"precision": "very-high",
"severity": "error",
"short_name": "NoCsetjmpHeader",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability"
]
}
],
"title": "The standard header file <csetjmp> shall not be used"
},
"RULE-21-2-2": {
"properties": {
"enforcement": "decidable",
"obligation": "required"
},
"queries": [
{
"description": "Using string handling functions from <cstring>, <cstdlib>, <cwchar> and <cinttypes> headers may result in buffer overflows or unreliable error detection through errno.",
"kind": "problem",
"name": "The string handling functions from <cstring>, <cstdlib>, <cwchar> and <cinttypes> shall not be used",
"precision": "very-high",
"severity": "error",
"short_name": "UnsafeStringHandlingFunctions",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability"
]
}
],
"title": "The string handling functions from <cstring>, <cstdlib>, <cwchar> and <cinttypes> shall not be used"
},
"RULE-21-2-3": {
"properties": {
"enforcement": "decidable",
"obligation": "required"
},
"queries": [
{
"description": "Using the system() function from cstdlib or stdlib.h causes undefined behavior and potential security vulnerabilities.",
"kind": "problem",
"name": "The library function system from <cstdlib> shall not be used",
"precision": "very-high",
"severity": "error",
"short_name": "BannedSystemFunction",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability",
"security"
]
}
],
"title": "The library function system from <cstdlib> shall not be used"
},
"RULE-23-11-1": {
"properties": {
"enforcement": "decidable",
"obligation": "advisory"
},
"queries": [
{
"description": "Using raw pointer constructors of std::shared_ptr and std::unique_ptr instead of make_shared/make_unique can lead to memory leaks if exceptions occur during construction.",
"kind": "problem",
"name": "The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used",
"precision": "very-high",
"severity": "error",
"short_name": "UseSmartPtrFactoryFunctions",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability"
]
}
],
"title": "The raw pointer constructors of std::shared_ptr and std::unique_ptr should not be used"
},
"RULE-24-5-1": {
"properties": {
"enforcement": "decidable",
"obligation": "required"
},
"queries": [
{
"description": "Using character classification and case mapping functions from <cctype> and <cwctype> causes undefined behavior when arguments are not representable as unsigned char or not equal to EOF.",
"kind": "problem",
"name": "The character handling functions from <cctype> and <cwctype> shall not be used",
"precision": "very-high",
"severity": "error",
"short_name": "CharacterHandlingFunctionRestrictions",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability"
]
}
],
"title": "The character handling functions from <cctype> and <cwctype> shall not be used"
},
"RULE-24-5-2": {
"properties": {
"enforcement": "decidable",
"obligation": "required"
},
"queries": [
{
"description": "Using memcpy, memmove or memcmp from <cstring> can result in undefined behavior due to overlapping memory, non-trivially copyable objects, or unequal comparison of logically equal objects.",
"kind": "problem",
"name": "The C++ Standard Library functions memcpy, memmove and memcmp from <cstring> shall not be used",
"precision": "very-high",
"severity": "error",
"short_name": "NoMemoryFunctionsFromCString",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability"
]
}
],
"title": "The C++ Standard Library functions memcpy, memmove and memcmp from <cstring> shall not be used"
},
"RULE-25-5-1": {
"properties": {
"enforcement": "decidable",
"obligation": "required"
},
"queries": [
{
"description": "Calling setlocale or std::locale::global functions can introduce data races with functions that use the locale, leading to undefined behavior.",
"kind": "problem",
"name": "The setlocale and std::locale::global functions shall not be called",
"precision": "very-high",
"severity": "error",
"short_name": "LocaleGlobalFunctionNotAllowed",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability",
"concurrency"
]
}
],
"title": "The setlocale and std::locale::global functions shall not be called"
},
"RULE-6-9-2": {
"properties": {
"enforcement": "decidable",
"obligation": "advisory"
},
"queries": [
{
"description": "Using standard signed and unsigned integer type names instead of specified width types makes storage requirements unclear and implementation-dependent.",
"kind": "problem",
"name": "The names of the standard integer types should not be used",
"precision": "very-high",
"severity": "error",
"short_name": "AvoidStandardIntegerTypeNames",
"shared_implementation_short_name": "VariableWidthIntegerTypesUsed",
"tags": [
"scope/single-translation-unit",
"correctness",
"maintainability"
]
}
],
"title": "The names of the standard signed integer types and standard unsigned integer types should not be used"
}
}
}