From 3d6d8586e1678390a4897c4caf4650d1cfd6396f Mon Sep 17 00:00:00 2001
From: Dario Pinto <dario.pinto@cea.fr>
Date: Mon, 5 Oct 2020 11:09:40 +0200
Subject: [PATCH] [compliance] add safer alternatives for unsafe functions
---
share/compliance/c11_functions.json | 123 ++++++++++++++--------------
1 file changed, 62 insertions(+), 61 deletions(-)
diff --git a/share/compliance/c11_functions.json b/share/compliance/c11_functions.json
index 7edc7064c5a..10f8cf23b4a 100644
--- a/share/compliance/c11_functions.json
+++ b/share/compliance/c11_functions.json
@@ -1,8 +1,9 @@
{
"description": "C11 reserved function identifiers",
"notes": {
- "description": "The 'notes' field is a list of characteristics that may affect the 'difficulty' of analyzing such functions with Frama-C. Each note is succintly described below.",
- "variadic":"variadic function, OR having an argument of type va_list"
+ "description": "The 'notes' field is a list of characteristics related to CWEs or that may affect the 'difficulty' of analyzing such functions with Frama-C. Each note is succintly described below.",
+ "variadic":"Variadic function, OR having an argument of type va_list.",
+ "safer-alts":"A list of recommended alternatives for functions considered unsafe (CWE-242, CWE-477, CWE-676)."
},
"source":"ISO/IEC 9899:2011",
"data":[
@@ -16,7 +17,7 @@
{"ident":"acoshl", "header":"math.h"},
{"ident":"acosl", "header":"math.h"},
{"ident":"aligned_alloc", "header":"stdlib.h"},
- {"ident":"asctime", "header":"time.h"},
+ {"ident":"asctime", "header":"time.h", "notes":[{"safer-alts":["asctime_s"]}]},
{"ident":"asctime_s", "header":"time.h"},
{"ident":"asin", "header":"math.h"},
{"ident":"asinf", "header":"math.h"},
@@ -58,7 +59,7 @@
{"ident":"atomic_store", "header":"stdatomic.h"},
{"ident":"atomic_store_explicit", "header":"stdatomic.h"},
{"ident":"atomic_thread_fence", "header":"stdatomic.h"},
- {"ident":"bsearch", "header":"stdlib.h"},
+ {"ident":"bsearch", "header":"stdlib.h", "notes":[{"safer-alts":["bsearch_s"]}]},
{"ident":"bsearch_s", "header":"stdlib.h"},
{"ident":"btowc", "header":"wchar.h"},
{"ident":"c16rtomb", "header":"uchar.h"},
@@ -215,10 +216,10 @@
{"ident":"fmod", "header":"math.h"},
{"ident":"fmodf", "header":"math.h"},
{"ident":"fmodl", "header":"math.h"},
- {"ident":"fopen", "header":"stdio.h"},
+ {"ident":"fopen", "header":"stdio.h", "notes":[{"safer-alts":["fopen_s"]}]},
{"ident":"fopen_s", "header":"stdio.h"},
{"ident":"fpclassify", "header":"math.h"},
- {"ident":"fprintf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"fprintf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["fprintf_s"]}]},
{"ident":"fprintf_s", "header":"stdio.h", "notes":["variadic"]},
{"ident":"fputc", "header":"stdio.h"},
{"ident":"fputs", "header":"stdio.h"},
@@ -226,30 +227,30 @@
{"ident":"fputws", "header":"wchar.h"},
{"ident":"fread", "header":"stdio.h"},
{"ident":"free", "header":"stdlib.h"},
- {"ident":"freopen", "header":"stdio.h"},
+ {"ident":"freopen", "header":"stdio.h", "notes":[{"safer-alts":["freopen_s"]}]},
{"ident":"freopen_s", "header":"stdio.h"},
{"ident":"frexp", "header":"math.h"},
{"ident":"frexpf", "header":"math.h"},
{"ident":"frexpl", "header":"math.h"},
- {"ident":"fscanf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"fscanf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["fscanf_s"]}]},
{"ident":"fscanf_s", "header":"stdio.h", "notes":["variadic"]},
{"ident":"fseek", "header":"stdio.h"},
{"ident":"fsetpos", "header":"stdio.h"},
{"ident":"ftell", "header":"stdio.h"},
{"ident":"fwide", "header":"wchar.h"},
- {"ident":"fwprintf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"fwprintf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["fwprintf_s"]}]},
{"ident":"fwprintf_s", "header":"wchar.h", "notes":["variadic"]},
{"ident":"fwrite", "header":"stdio.h"},
- {"ident":"fwscanf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"fwscanf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["fwscanf_s"]}]},
{"ident":"fwscanf_s", "header":"wchar.h", "notes":["variadic"]},
{"ident":"getc", "header":"stdio.h"},
{"ident":"getchar", "header":"stdio.h"},
- {"ident":"getenv", "header":"stdlib.h"},
+ {"ident":"getenv", "header":"stdlib.h", "notes":[{"safer-alts":["getenv_s"]}]},
{"ident":"getenv_s", "header":"stdlib.h"},
{"ident":"gets_s", "header":"stdio.h"},
{"ident":"getwc", "header":"wchar.h"},
{"ident":"getwchar", "header":"wchar.h"},
- {"ident":"gmtime", "header":"time.h"},
+ {"ident":"gmtime", "header":"time.h", "notes":[{"safer-alts":["gmtime_s"]}]},
{"ident":"gmtime_s", "header":"time.h"},
{"ident":"hypot", "header":"math.h"},
{"ident":"hypotf", "header":"math.h"},
@@ -313,7 +314,7 @@
{"ident":"llroundf", "header":"math.h"},
{"ident":"llroundl", "header":"math.h"},
{"ident":"localeconv", "header":"locale.h"},
- {"ident":"localtime", "header":"time.h"},
+ {"ident":"localtime", "header":"time.h", "notes":[{"safer-alts":["localtime_s"]}]},
{"ident":"localtime_s", "header":"time.h"},
{"ident":"log", "header":"math.h"},
{"ident":"log10", "header":"math.h"},
@@ -344,18 +345,18 @@
{"ident":"mbrtoc32", "header":"uchar.h"},
{"ident":"mbrtowc", "header":"wchar.h"},
{"ident":"mbsinit", "header":"wchar.h"},
- {"ident":"mbsrtowcs", "header":"wchar.h"},
+ {"ident":"mbsrtowcs", "header":"wchar.h", "notes":[{"safer-alts":["mbsrtowcs_s"]}]},
{"ident":"mbsrtowcs_s", "header":"wchar.h"},
- {"ident":"mbstowcs", "header":"stdlib.h"},
+ {"ident":"mbstowcs", "header":"stdlib.h", "notes":[{"safer-alts":["mbstowcs_s"]}]},
{"ident":"mbstowcs_s", "header":"stdlib.h"},
{"ident":"mbtowc", "header":"stdlib.h"},
{"ident":"memchr", "header":"string.h"},
{"ident":"memcmp", "header":"string.h"},
- {"ident":"memcpy", "header":"string.h"},
+ {"ident":"memcpy", "header":"string.h", "notes":[{"safer-alts":["memcpy_s"]}]},
{"ident":"memcpy_s", "header":"string.h"},
- {"ident":"memmove", "header":"string.h"},
+ {"ident":"memmove", "header":"string.h", "notes":[{"safer-alts":["memmove_s"]}]},
{"ident":"memmove_s", "header":"string.h"},
- {"ident":"memset", "header":"string.h"},
+ {"ident":"memset", "header":"string.h", "notes":[{"safer-alts":["memset_s"]}]},
{"ident":"memset_s", "header":"string.h"},
{"ident":"mktime", "header":"time.h"},
{"ident":"modf", "header":"math.h"},
@@ -383,7 +384,7 @@
{"ident":"pow", "header":"math.h"},
{"ident":"powf", "header":"math.h"},
{"ident":"powl", "header":"math.h"},
- {"ident":"printf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"printf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["printf_s"]}]},
{"ident":"printf_s", "header":"stdio.h"},
{"ident":"putc", "header":"stdio.h"},
{"ident":"putchar", "header":"stdio.h"},
@@ -417,7 +418,7 @@
{"ident":"scalbn", "header":"math.h"},
{"ident":"scalbnf", "header":"math.h"},
{"ident":"scalbnl", "header":"math.h"},
- {"ident":"scanf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"scanf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["scanf_s"]}]},
{"ident":"scanf_s", "header":"stdio.h", "notes":["variadic"]},
{"ident":"set_constraint_handler_s", "header":"stdlib.h"},
{"ident":"setbuf", "header":"stdio.h"},
@@ -432,34 +433,34 @@
{"ident":"sinhf", "header":"math.h"},
{"ident":"sinhl", "header":"math.h"},
{"ident":"sinl", "header":"math.h"},
- {"ident":"snprintf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"snprintf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["snprintf_s", "sprintf_s"]}]},
{"ident":"snprintf_s", "header":"stdio.h", "notes":["variadic"]},
{"ident":"snwprintf_s", "header":"wchar.h"},
- {"ident":"sprintf", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"sprintf_s", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"sprintf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["sprintf_s", "snprintf_s"]}]},
+ {"ident":"sprintf_s", "header":"stdio.h", "notes":["variadic", {"safer-alts":["snprintf_s"]}]},
{"ident":"sqrt", "header":"math.h"},
{"ident":"sqrtf", "header":"math.h"},
{"ident":"sqrtl", "header":"math.h"},
{"ident":"srand", "header":"stdlib.h"},
- {"ident":"sscanf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"sscanf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["sscanf_s"]}]},
{"ident":"sscanf_s", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"strcat", "header":"string.h"},
+ {"ident":"strcat", "header":"string.h", "notes":[{"safer-alts":["strcat_s", "strncat_s", "strlcat", "strncat"]}]},
{"ident":"strcat_s", "header":"string.h"},
{"ident":"strchr", "header":"string.h"},
{"ident":"strcmp", "header":"string.h"},
{"ident":"strcoll", "header":"string.h"},
- {"ident":"strcpy", "header":"string.h"},
+ {"ident":"strcpy", "header":"string.h", "notes":[{"safer-alts":["strcpy_s", "strncpy_s", "strlcpy", "strncpy"]}]},
{"ident":"strcpy_s", "header":"string.h"},
{"ident":"strcspn", "header":"string.h"},
{"ident":"strerror", "header":"string.h"},
{"ident":"strerror_s", "header":"string.h"},
{"ident":"strerrorlen_s", "header":"string.h"},
{"ident":"strftime", "header":"time.h"},
- {"ident":"strlen", "header":"string.h"},
- {"ident":"strncat", "header":"string.h"},
+ {"ident":"strlen", "header":"string.h", "notes":[{"safer-alts":["strnlen_s"]}]},
+ {"ident":"strncat", "header":"string.h", "notes":[{"safer-alts":["strncat_s", "strlcat"]}]},
{"ident":"strncat_s", "header":"string.h"},
{"ident":"strncmp", "header":"string.h"},
- {"ident":"strncpy", "header":"string.h"},
+ {"ident":"strncpy", "header":"string.h", "notes":[{"safer-alts":["strncpy_s", "strlcpy"]}]},
{"ident":"strncpy_s", "header":"string.h"},
{"ident":"strnlen_s", "header":"string.h"},
{"ident":"strpbrk", "header":"string.h"},
@@ -469,7 +470,7 @@
{"ident":"strtod", "header":"stdlib.h"},
{"ident":"strtof", "header":"stdlib.h"},
{"ident":"strtoimax", "header":"inttypes.h"},
- {"ident":"strtok", "header":"string.h"},
+ {"ident":"strtok", "header":"string.h", "notes":[{"safer-alts":["strtok_s"]}]},
{"ident":"strtok_s", "header":"string.h"},
{"ident":"strtol", "header":"stdlib.h"},
{"ident":"strtold", "header":"stdlib.h"},
@@ -478,9 +479,9 @@
{"ident":"strtoull", "header":"stdlib.h"},
{"ident":"strtoumax", "header":"inttypes.h"},
{"ident":"strxfrm", "header":"string.h"},
- {"ident":"swprintf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"swprintf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["swprintf_s", "sprintf_s"]}]},
{"ident":"swprintf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"swscanf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"swscanf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["swscanf_s", "sscanf_s"]}]},
{"ident":"swscanf_s", "header":"wchar.h", "notes":["variadic"]},
{"ident":"system", "header":"stdlib.h"},
{"ident":"tan", "header":"math.h"},
@@ -502,9 +503,9 @@
{"ident":"thrd_yield", "header":"threads.h"},
{"ident":"time", "header":"time.h"},
{"ident":"timespec_get", "header":"time.h"},
- {"ident":"tmpfile", "header":"stdio.h"},
+ {"ident":"tmpfile", "header":"stdio.h", "notes":[{"safer-alts":["tmpfile_s"]}]},
{"ident":"tmpfile_s", "header":"stdio.h"},
- {"ident":"tmpnam", "header":"stdio.h"},
+ {"ident":"tmpnam", "header":"stdio.h", "notes":[{"safer-alts":["tmpnam_s"]}]},
{"ident":"tmpnam_s", "header":"stdio.h"},
{"ident":"tolower", "header":"ctype.h"},
{"ident":"toupper", "header":"ctype.h"},
@@ -524,86 +525,86 @@
{"ident":"va_copy", "header":"stdarg.h"},
{"ident":"va_end", "header":"stdarg.h"},
{"ident":"va_start", "header":"stdarg.h"},
- {"ident":"vfprintf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"vfprintf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["vfprintf_s"]}]},
{"ident":"vfprintf_s", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"vfscanf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"vfscanf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["vfscanf_s"]}]},
{"ident":"vfscanf_s", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"vfwprintf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"vfwprintf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["vfwprintf_s"]}]},
{"ident":"vfwprintf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"vfwscanf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"vfwscanf", "header":"wchar.h", "notes":["variadic"], "notes":[{"safer-alts":["vfwscanf_s"]}]},
{"ident":"vfwscanf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"vprintf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"vprintf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["vprintf_s"]}]},
{"ident":"vprintf_s", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"vscanf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"vscanf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["vscanf_s"]}]},
{"ident":"vscanf_s", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"vsnprintf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"vsnprintf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["vsnprintf_s"]}]},
{"ident":"vsnprintf_s", "header":"stdio.h", "notes":["variadic"]},
{"ident":"vsnwprintf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"vsprintf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"vsprintf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["vsprintf_s", "sprintf_s"]}]},
{"ident":"vsprintf_s", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"vsscanf", "header":"stdio.h", "notes":["variadic"]},
+ {"ident":"vsscanf", "header":"stdio.h", "notes":["variadic", {"safer-alts":["vsscanf_s"]}]},
{"ident":"vsscanf_s", "header":"stdio.h", "notes":["variadic"]},
- {"ident":"vswprintf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"vswprintf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["vswprintf_s", "sprintf_s"]}]},
{"ident":"vswprintf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"vswscanf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"vswscanf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["vswscanf_s"]}]},
{"ident":"vswscanf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"vwprintf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"vwprintf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["vwprintf_s"]}]},
{"ident":"vwprintf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"vwscanf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"vwscanf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["vwscanf_s"]}]},
{"ident":"vwscanf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"wcrtomb", "header":"wchar.h"},
+ {"ident":"wcrtomb", "header":"wchar.h", "notes":[{"safer-alts":["wcrtomb_s"]}]},
{"ident":"wcrtomb_s", "header":"wchar.h"},
- {"ident":"wcscat", "header":"wchar.h"},
+ {"ident":"wcscat", "header":"wchar.h", "notes":[{"safer-alts":["wcscat_s", "strcat_s"]}]},
{"ident":"wcscat_s", "header":"wchar.h"},
{"ident":"wcschr", "header":"wchar.h"},
{"ident":"wcscmp", "header":"wchar.h"},
{"ident":"wcscoll", "header":"wchar.h"},
- {"ident":"wcscpy", "header":"wchar.h"},
+ {"ident":"wcscpy", "header":"wchar.h", "notes":[{"safer-alts":["wcscpy_s", "strcpy_s"]}]},
{"ident":"wcscpy_s", "header":"wchar.h"},
{"ident":"wcscspn", "header":"wchar.h"},
{"ident":"wcsftime", "header":"wchar.h"},
- {"ident":"wcslen", "header":"wchar.h"},
- {"ident":"wcsncat", "header":"wchar.h"},
+ {"ident":"wcslen", "header":"wchar.h", "notes":[{"safer-alts":["wcsnlen_s"]}]},
+ {"ident":"wcsncat", "header":"wchar.h", "notes":[{"safer-alts":["wcsncat_s", "strncat_s", "strlcat"]}]},
{"ident":"wcsncat_s", "header":"wchar.h"},
{"ident":"wcsncmp", "header":"wchar.h"},
- {"ident":"wcsncpy", "header":"wchar.h"},
+ {"ident":"wcsncpy", "header":"wchar.h", "notes":[{"safer-alts":["wcsncpy_s", "strncpy_s", "strlcpy"]}]},
{"ident":"wcsncpy_s", "header":"wchar.h"},
{"ident":"wcsnlen_s", "header":"wchar.h"},
{"ident":"wcspbrk", "header":"wchar.h"},
{"ident":"wcsrchr", "header":"wchar.h"},
- {"ident":"wcsrtombs", "header":"wchar.h"},
+ {"ident":"wcsrtombs", "header":"wchar.h", "notes":[{"safer-alts":["wcsrtombs_s"]}]},
{"ident":"wcsrtombs_s", "header":"wchar.h"},
{"ident":"wcsspn", "header":"wchar.h"},
{"ident":"wcsstr", "header":"wchar.h"},
{"ident":"wcstod", "header":"wchar.h"},
{"ident":"wcstof", "header":"wchar.h"},
{"ident":"wcstoimax", "header":"inttypes.h"},
- {"ident":"wcstok", "header":"wchar.h"},
+ {"ident":"wcstok", "header":"wchar.h", "notes":[{"safer-alts":["wcstok_s"]}]},
{"ident":"wcstok_s", "header":"wchar.h"},
{"ident":"wcstol", "header":"wchar.h"},
{"ident":"wcstold", "header":"wchar.h"},
{"ident":"wcstoll", "header":"wchar.h"},
- {"ident":"wcstombs", "header":"stdlib.h"},
+ {"ident":"wcstombs", "header":"stdlib.h", "notes":[{"safer-alts":["wcstombs_s"]}]},
{"ident":"wcstombs_s", "header":"stdlib.h"},
{"ident":"wcstoul", "header":"wchar.h"},
{"ident":"wcstoull", "header":"wchar.h"},
{"ident":"wcstoumax", "header":"inttypes.h"},
{"ident":"wcsxfrm", "header":"wchar.h"},
{"ident":"wctob", "header":"wchar.h"},
- {"ident":"wctomb", "header":"stdlib.h"},
+ {"ident":"wctomb", "header":"stdlib.h", "notes":[{"safer-alts":["wctomb_s"]}]},
{"ident":"wctomb_s", "header":"stdlib.h"},
{"ident":"wctrans", "header":"wctype.h"},
{"ident":"wctype", "header":"wctype.h"},
{"ident":"wmemchr", "header":"wchar.h"},
{"ident":"wmemcmp", "header":"wchar.h"},
- {"ident":"wmemcpy", "header":"wchar.h"},
+ {"ident":"wmemcpy", "header":"wchar.h", "notes":[{"safer-alts":["wmemcpy_s"]}]},
{"ident":"wmemcpy_s", "header":"wchar.h"},
- {"ident":"wmemmove", "header":"wchar.h"},
+ {"ident":"wmemmove", "header":"wchar.h", "notes":[{"safer-alts":["wmemmove_s"]}]},
{"ident":"wmemmove_s", "header":"wchar.h"},
{"ident":"wmemset", "header":"wchar.h"},
- {"ident":"wprintf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"wprintf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["wprintf_s"]}]},
{"ident":"wprintf_s", "header":"wchar.h", "notes":["variadic"]},
- {"ident":"wscanf", "header":"wchar.h", "notes":["variadic"]},
+ {"ident":"wscanf", "header":"wchar.h", "notes":["variadic", {"safer-alts":["wscanf_s", "sscanf_s"]}]},
{"ident":"wscanf_s", "header":"wchar.h", "notes":["variadic"]}
]
}
--
GitLab