diff --git a/.github/codeql-cpp.yml b/.github/codeql-cpp.yml new file mode 100644 index 0000000000..88b8c60860 --- /dev/null +++ b/.github/codeql-cpp.yml @@ -0,0 +1,4 @@ +name: "Custom CodeQL Analysis" + +queries: + - uses: ./.github/codeql/custom-queries/cpp/deprecatedFunctionUsage.ql diff --git a/.github/codeql-python.yml b/.github/codeql-python.yml new file mode 100644 index 0000000000..93cb4a435e --- /dev/null +++ b/.github/codeql-python.yml @@ -0,0 +1,4 @@ +name: "Custom CodeQL Analysis" + +paths-ignore: + - tests diff --git a/.github/codeql/custom-queries/cpp/deprecatedFunctionUsage.ql b/.github/codeql/custom-queries/cpp/deprecatedFunctionUsage.ql new file mode 100644 index 0000000000..eb4b7bd629 --- /dev/null +++ b/.github/codeql/custom-queries/cpp/deprecatedFunctionUsage.ql @@ -0,0 +1,59 @@ +/** + * @name Deprecated function usage detection + * @description Detects functions whose usage is banned from the OpenZFS + * codebase due to QA concerns. + * @kind problem + * @severity error + * @id cpp/deprecated-function-usage +*/ + +import cpp + +predicate isDeprecatedFunction(Function f) { + f.getName() = "strtok" or + f.getName() = "__xpg_basename" or + f.getName() = "basename" or + f.getName() = "dirname" or + f.getName() = "bcopy" or + f.getName() = "bcmp" or + f.getName() = "bzero" or + f.getName() = "asctime" or + f.getName() = "asctime_r" or + f.getName() = "gmtime" or + f.getName() = "localtime" or + f.getName() = "strncpy" + +} + +string getReplacementMessage(Function f) { + if f.getName() = "strtok" then + result = "Use strtok_r(3) instead!" + else if f.getName() = "__xpg_basename" then + result = "basename(3) is underspecified. Use zfs_basename() instead!" + else if f.getName() = "basename" then + result = "basename(3) is underspecified. Use zfs_basename() instead!" + else if f.getName() = "dirname" then + result = "dirname(3) is underspecified. Use zfs_dirnamelen() instead!" + else if f.getName() = "bcopy" then + result = "bcopy(3) is deprecated. Use memcpy(3)/memmove(3) instead!" + else if f.getName() = "bcmp" then + result = "bcmp(3) is deprecated. Use memcmp(3) instead!" + else if f.getName() = "bzero" then + result = "bzero(3) is deprecated. Use memset(3) instead!" + else if f.getName() = "asctime" then + result = "Use strftime(3) instead!" + else if f.getName() = "asctime_r" then + result = "Use strftime(3) instead!" + else if f.getName() = "gmtime" then + result = "gmtime(3) isn't thread-safe. Use gmtime_r(3) instead!" + else if f.getName() = "localtime" then + result = "localtime(3) isn't thread-safe. Use localtime_r(3) instead!" + else + result = "strncpy(3) is deprecated. Use strlcpy(3) instead!" +} + +from FunctionCall fc, Function f +where + fc.getTarget() = f and + isDeprecatedFunction(f) +select fc, getReplacementMessage(f) diff --git a/.github/codeql/custom-queries/cpp/qlpack.yml b/.github/codeql/custom-queries/cpp/qlpack.yml new file mode 100644 index 0000000000..cbe0f1cbe3 --- /dev/null +++ b/.github/codeql/custom-queries/cpp/qlpack.yml @@ -0,0 +1,4 @@ +name: openzfs-cpp-queries +version: 0.0.0 +libraryPathDependencies: codeql-cpp +suites: openzfs-cpp-suite diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 037f8aca0e..7ccfc14925 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -29,6 +29,7 @@ jobs: - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: + config-file: .github/codeql-${{ matrix.language }}.yml languages: ${{ matrix.language }} - name: Autobuild diff --git a/config/Rules.am b/config/Rules.am index 7c266964f3..2e463ae608 100644 --- a/config/Rules.am +++ b/config/Rules.am @@ -42,21 +42,6 @@ AM_CPPFLAGS += $(DEBUG_CPPFLAGS) AM_CPPFLAGS += $(CODE_COVERAGE_CPPFLAGS) AM_CPPFLAGS += -DTEXT_DOMAIN=\"zfs-@ac_system_l@-user\" -AM_CPPFLAGS_NOCHECK = -D"strtok(...)=strtok(__VA_ARGS__) __attribute__((deprecated(\"Use strtok_r(3) instead!\")))" -AM_CPPFLAGS_NOCHECK += -D"__xpg_basename(...)=__xpg_basename(__VA_ARGS__) __attribute__((deprecated(\"basename(3) is underspecified. Use zfs_basename() instead!\")))" -AM_CPPFLAGS_NOCHECK += -D"basename(...)=basename(__VA_ARGS__) __attribute__((deprecated(\"basename(3) is underspecified. Use zfs_basename() instead!\")))" -AM_CPPFLAGS_NOCHECK += -D"dirname(...)=dirname(__VA_ARGS__) __attribute__((deprecated(\"dirname(3) is underspecified. Use zfs_dirnamelen() instead!\")))" -AM_CPPFLAGS_NOCHECK += -D"bcopy(...)=__attribute__((deprecated(\"bcopy(3) is deprecated. Use memcpy(3)/memmove(3) instead!\"))) bcopy(__VA_ARGS__)" -AM_CPPFLAGS_NOCHECK += -D"bcmp(...)=__attribute__((deprecated(\"bcmp(3) is deprecated. Use memcmp(3) instead!\"))) bcmp(__VA_ARGS__)" -AM_CPPFLAGS_NOCHECK += -D"bzero(...)=__attribute__((deprecated(\"bzero(3) is deprecated. Use memset(3) instead!\"))) bzero(__VA_ARGS__)" -AM_CPPFLAGS_NOCHECK += -D"asctime(...)=__attribute__((deprecated(\"Use strftime(3) instead!\"))) asctime(__VA_ARGS__)" -AM_CPPFLAGS_NOCHECK += -D"asctime_r(...)=__attribute__((deprecated(\"Use strftime(3) instead!\"))) asctime_r(__VA_ARGS__)" -AM_CPPFLAGS_NOCHECK += -D"gmtime(...)=__attribute__((deprecated(\"gmtime(3) isn't thread-safe. Use gmtime_r(3) instead!\"))) gmtime(__VA_ARGS__)" -AM_CPPFLAGS_NOCHECK += -D"localtime(...)=__attribute__((deprecated(\"localtime(3) isn't thread-safe. Use localtime_r(3) instead!\"))) localtime(__VA_ARGS__)" -AM_CPPFLAGS_NOCHECK += -D"strncpy(...)=__attribute__((deprecated(\"strncpy(3) is deprecated. Use strlcpy(3) instead!\"))) strncpy(__VA_ARGS__)" - -AM_CPPFLAGS += $(AM_CPPFLAGS_NOCHECK) - if ASAN_ENABLED AM_CPPFLAGS += -DZFS_ASAN_ENABLED endif