Nota
O acceso a esta páxina require autorización. Pode tentar iniciar sesión ou modificar os directorios.
O acceso a esta páxina require autorización. Pode tentar modificar os directorios.
El repositorio de GitHub de Microsoft CodeQL proporciona tres conjuntos de consultas para simplificar el flujo de trabajo para desarrolladores de controladores de un extremo a otro. Estos conjuntos se incluyen en el paquete CodeQL de microsoft/windows-drivers y usan consultas únicas para ese paquete y consultas generales de C++ del paquete microsoft/cpp-queries pack.
- recommended.qls contiene un amplio conjunto de comprobaciones para errores comunes de controlador y C/C++. Se recomienda ejecutar este conjunto de aplicaciones de forma predeterminada y revisar los resultados.
- mustrun.qls contiene comprobaciones que deben ejecutarse para pasar la certificación del Programa de compatibilidad de hardware de Windows (WHCP). Dado que estas consultas pueden producir falsos positivos en algunos casos, fallar estas comprobaciones no hará que se falle la prueba de logotipo de Static Tools, pero los desarrolladores deben revisar los resultados y corregir errores reales. Una DVL generada sin resultados para estas comprobaciones produce un error en la prueba de logotipo de Static Tools. Para 26H1, mustrun.qls y recommended.qls son idénticos .
- mustfix.qls actúa como un subconjunto de las consultas must-run y contiene comprobaciones que notifican problemas que deben corregirse para pasar la certificación WHCP. Una DVL generada con errores en estas reglas no supera la prueba de logotipo de Static Tools.
Para obtener más información sobre el contenido de los conjuntos de consultas, consulte CodeQL Queries and Suites.
Consultas imprescindibles para la certificación WHCP
El siguiente subconjunto de consultas son Must-Fix para la certificación WHCP y también se incluyen en el conjunto de correcciones recomendadas . Este conjunto de reglas se incluye en mustfix.qls.
Muchas de las reglas siguientes se corresponden con la enumeración de puntos débiles comunes (CWE) o las advertencias anteriores de análisis de código.
Consultas pendientes por solucionar del paquete microsoft/windows-drivers
| identificación | Ubicación | Common Weakness Enumeration / Advertencia de análisis de código |
|---|---|---|
| cpp/drivers/wdk-deprecated-api |
/microsoft/windows-drivers/<Version>/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql |
No disponible |
| cpp/drivers/extended-deprecated-apis |
/microsoft/windows-drivers/<Version>/drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql |
Advertencia C28719, Advertencia C28726, Advertencia C28735, Advertencia C28750 |
| cpp/incorrect-string-type-conversion-ignore-puchar-casts |
/microsoft/windows-drivers/<Version>/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql |
CWE-704 |
Must-Fix consultas del paquete microsoft/cpp-queries
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/bad-addition-overflow-check |
/microsoft/cpp-queries/<Version>/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql |
CWE-190, CWE-192 |
| cpp/argumentos-de-formato-de-número-incorrectos |
/microsoft/cpp-queries/<Version>/Errores Probables/Formato/WrongNumberOfFormatArguments.ql |
CWE-234, CWE-685 |
| cpp/pointer-overflow-check |
/microsoft/cpp-queries/<Version>/Probables errores/Administración de memoria/PointerOverflow.ql |
CWE-758 |
| cpp/unsafe-strncat |
/microsoft/cpp-queries/<Version>/Probables errores/Administración de memoria/SuspiciousCallToStrncat.ql |
CWE-119, CWE-251, CWE-676, CWE-788 |
| cpp/uso-inseguro-de-esto |
/microsoft/cpp-queries/<Version>/Probables errores/OO/UnsafeUseOfThis.ql |
CWE-670 |
| cpp/boost/tls-settings-misconfiguration |
/microsoft/cpp-queries/<Version>/Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql |
CWE-326 |
| cpp/boost/use-of-deprecated-hardcoded-security-protocol |
/microsoft/cpp-queries/<Version>/Likely Bugs/Protocols/UseOfDeprecatedHardcodedProtocol.ql |
CWE-327 |
| cpp/demasiados pocos argumentos |
/microsoft/cpp-queries/<Version>/Likely Bugs/Underspecified Functions/TooFewArguments.ql |
CWE-234, CWE-685 |
| cpp/microsoft/public/badoverflowguard |
/microsoft/cpp-queries/<Version>/Microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql |
CWE-190, CWE-191 |
| cpp/microsoft/public/drivers/incorrect-usage-of-rtlcomparememory |
/microsoft/cpp-queries/<Version>/Microsoft/Likely Bugs/Drivers/IncorrectUsageOfRtlCompareMemory.ql |
No disponible |
| cpp/microsoft/public/weak-crypto/banned-encryption-algorithms |
/microsoft/cpp-queries/<Version>/Microsoft/Security/Cryptography/BannedEncryption.ql |
CWE-327 |
| cpp/microsoft/public/weak-crypto/capi/banned-modes |
/microsoft/cpp-queries/<Version>/Microsoft/Security/Cryptography/BannedModesCAPI.ql |
CWE-327 |
| cpp/microsoft/public/weak-crypto/cng/banned-modes |
/microsoft/cpp-queries/<Version>/Microsoft/Security/Cryptography/BannedModesCNG.ql |
CWE-327 |
| cpp/microsoft/public/weak-crypto/cng/hardcoded-iv |
/microsoft/cpp-queries/<Version>/Microsoft/Security/Cryptography/HardcodedIVCNG.ql |
CWE-327 |
| cpp/microsoft/public/enum-index |
/microsoft/cpp-queries/<Version>/Microsoft/Security/MemoryAccess/EnumIndex/UncheckedBoundsEnumAsIndex.ql |
CWE-125 |
| cpp/command-line-injection |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-078/ExecTainted.ql |
CWE-078, CWE-088 |
| cpp/operación-de-proceso-no-controlado |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-114/UncontrolledProcessOperation.ql |
CWE-114 |
| cpp/escritura-mal-delimitada |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-120/BadlyBoundedWrite.ql |
CWE-120, CWE-787, CWE-805 |
| cpp/overrunning-write |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-120/OverrunWrite.ql |
CWE-120, CWE-787, CWE-805 |
| cpp/sin-espacio-para-terminador |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql |
CWE-120, CWE-122, CWE-131 |
| cpp/controlado-por-el-usuario-terminación-nula-contaminado |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-170/ImproperNullTerminationTainted.ql |
CWE-170 |
| cpp/comparison-with-wider-type |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-190/ComparisonWithWiderType.ql |
CWE-190, CWE-197, CWE-835 |
| cpp/hresult-boolean-conversion |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-253/HResultBooleanConversion.ql |
CWE-253 |
| cpp/openssl-heartbleed |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-327/OpenSslHeartbleed.ql |
CWE-327, CWE-788 |
| cpp/dangerous-function-overflow |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-676/DangerousFunctionOverflow.ql |
CWE-242, CWE-676 |
| cpp/dangerous-cin |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-676/DangerousUseOfCin.ql |
CWE-676 |
| cpp/incorrect-string-type-conversion |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-704/WcharCharConversion.ql |
CWE-704 |
| cpp/unsafe-dacl-security-descriptor |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql |
CWE-732 |
Consultas recomendadas
El conjunto recommended.qls incluye todas las consultas del conjunto mustfix.qls, además de las siguientes consultas de los paquetes microsoft/windows-drivers y microsoft/cpp-queries.
Consultas generales sobre controladores del paquete de Microsoft/Windows Drivers
| identificación | Ubicación | Advertencia de análisis de código |
|---|---|---|
| cpp/drivers/annotation-syntax |
/microsoft/windows-drivers/<Version>/drivers/general/queries/AnnotationSyntax/AnnotationSyntax.ql |
Advertencia de C28266 |
| cpp/drivers/tipo-de-función-actual-no-correcto |
/microsoft/windows-drivers/<Version>/drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.ql |
Advertencia de C28101 |
| cpp/drivers/default-pool-tag |
/microsoft/windows-drivers/<Version>/drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql |
Advertencia C28147 |
| cpp/drivers/driver-entry-save-buffer |
/microsoft/windows-drivers/<Version>/drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.ql |
Advertencia de C28131 |
| cpp/drivers/examined-value |
/microsoft/windows-drivers/<Version>/drivers/general/queries/ExaminedValue/ExaminedValue.ql |
Advertencia de C28193 |
| cpp/drivers/irp-stack-entry-copy |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.ql |
Advertencia C28114 |
| cpp/drivers/important-function-call-optimized-out |
/microsoft/windows-drivers/<Version>/drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.ql |
Advertencia de C28625 |
| cpp/drivers/operador-NOT-inapropiado-en-cero |
/microsoft/windows-drivers/<Version>/drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.ql |
Advertencia C28650 |
| cpp/drivers/invalid-function-class-typedef |
/microsoft/windows-drivers/<Version>/drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.ql |
Advertencia C28268 |
| cpp/drivers/invalid-function-pointer-annotation |
/microsoft/windows-drivers/<Version>/drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.ql |
Advertencia de C28165 |
| cpp/drivers/io-initialize-timer-call |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.ql |
Advertencia C28133 |
| cpp/drivers/irql-annotation-issue |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.ql |
Advertencia C28153 |
| cpp/drivers/irql-cancel-routine |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.ql |
Advertencia C28144 |
| cpp/drivers/irql-float-state-mismatch |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.ql |
Advertencia C28111 |
| cpp/drivers/irql-not-saved |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql |
Advertencia C28158 |
| cpp/drivers/irql-not-used |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql |
Advertencia C28157 |
| cpp/drivers/irql-set-too-high |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.ql |
Advertencia C28150 |
| cpp/drivers/irql-set-too-low |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql |
Advertencia C28124 |
| cpp/drivers/irql-too-high |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql |
Advertencia C28121 |
| cpp/drivers/irql-too-low |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql |
Advertencia C28120 |
| cpp/drivers/ke-set-event-pageable |
/microsoft/windows-drivers/<Version>/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql |
No hay ninguna comprobación de CA asociada |
| cpp/drivers/multithreaded-av-condition |
/microsoft/windows-drivers/<Version>/drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.ql |
Advertencia de C28616 |
| cpp/drivers/ntstatus-explicit-cast |
/microsoft/windows-drivers/<Version>/drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql |
Advertencia C28714 |
| cpp/drivers/ntstatus-explicit-cast2 |
/microsoft/windows-drivers/<Version>/drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.ql |
Advertencia C28715 |
| cpp/drivers/ntstatus-explicit-cast3 |
/microsoft/windows-drivers/<Version>/drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.ql |
Advertencia C28716 |
| cpp/drivers/null-character-pointer-assignment |
/microsoft/windows-drivers/<Version>/drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.ql |
Advertencia C28730 |
| cpp/drivers/asignación-de-operandos |
/microsoft/windows-drivers/<Version>/drivers/general/queries/OperandAssignment/OperandAssignment.ql |
Advertencia de C28129 |
| cpp/drivers/pointer-variable-size |
/microsoft/windows-drivers/<Version>/drivers/general/queries/PointerVariableSize/PointerVariableSize.ql |
Advertencia de C28132 |
| cpp/drivers/pool-tag-integral |
/microsoft/windows-drivers/<Version>/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql |
Advertencia C28134 |
| cpp/drivers/role-type-correctly-used |
/microsoft/windows-drivers/<Version>/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql |
Advertencia C28158 |
| cpp/drivers/routine-function-type-not-expected |
/microsoft/windows-drivers/<Version>/drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.ql |
Advertencia C28127 |
| cpp/drivers/str-safe |
/microsoft/windows-drivers/<Version>/drivers/general/queries/StrSafe/StrSafe.ql |
Advertencia C28146 |
| cpp/drivers/strict-type-match |
/microsoft/windows-drivers/<Version>/drivers/general/queries/StrictTypeMatch/StrictTypeMatch.ql |
Advertencia de C28139 |
Consultas del controlador WDM desde el paquete Microsoft/Windows Drivers
| identificación | Ubicación | Advertencia de análisis de código |
|---|---|---|
| cpp/drivers/illegal-field-access |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql |
Advertencia C28128 |
| cpp/drivers/illegal-field-access-2 |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql |
Advertencia C28175 |
| cpp/drivers/illegal-field-write |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql |
Advertencia C28176 |
| cpp/drivers/init-not-cleared |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/InitNotCleared/InitNotCleared.ql |
Advertencia de C28152 |
| cpp/drivers/kewaitlocal-requires-kernel-mode |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql |
Advertencia C28135 |
| cpp/drivers/multiple-paged-code |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql |
Advertencia C28171 |
| cpp/drivers/ob-reference-mode |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/ObReferenceMode/ObReferenceMode.ql |
Advertencia C28126 |
| cpp/drivers/opaque-mdl-use |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql |
No hay ninguna comprobación de CA asociada |
| cpp/drivers/opaque-mdl-write |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.ql |
Advertencia C28145 |
| cpp/drivers/pending-status-error |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql |
Advertencia C28143 |
| cpp/drivers/wrong-dispatch-table-assignment |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql |
Advertencia C28168, Advertencia de C28169 |
Consultas generales de C++ del paquete microsoft/windows-drivers
| identificación | Ubicación | Advertencia de enumeración de puntos débiles comunes /Análisis de código |
|---|---|---|
| cpp/paddingbyteinformationdisclosure |
/microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql |
No disponible |
| cpp/badoverflowguard |
/microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql |
No disponible |
| cpp/infiniteloop |
/microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql |
No disponible |
| cpp/use-after-free |
/microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql |
No disponible |
| cpp/uninitializedptrfield |
/microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/UninitializedPtrField.ql |
No disponible |
| cpp/weak-crypto/cng/hardcoded-iv |
/microsoft/windows-drivers/<Version>/microsoft/Security/Cryptography/HardcodedIVCNG.ql |
No disponible |
Consultas generales de C++ del paquete microsoft/cpp-queries
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/offset-use-before-range-check |
/microsoft/cpp-queries/<Version>/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql |
CWE-120, CWE-125 |
| cpp/integer-multiplication-cast-to-long |
/microsoft/cpp-queries/<Version>/Likely Bugs/Arithmetic/IntMultToLong.ql |
CWE-190, CWE-192, CWE-197, CWE-681 |
| cpp/signed-overflow-check |
/microsoft/cpp-queries/<Version>/Likely Bugs/Arithmetic/SignedOverflowCheck.ql |
CWE-128, CWE-190 |
| cpp/upcast-array-pointer-arithmetic |
/microsoft/cpp-queries/<Version>/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql |
CWE-119, CWE-843 |
| cpp/incorrect-not-operator-usage |
/microsoft/cpp-queries/<Version>/Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql |
CWE-480 |
| cpp/suspicious-sizeof |
/microsoft/cpp-queries/<Version>/Probables errores/Administración de memoria/SuspiciousSizeof.ql |
CWE-467 |
| cpp/uninitialized-local |
/microsoft/cpp-queries/<Version>/Likely Bugs/Memory Management/UninitializedLocal.ql |
CWE-457, CWE-665 |
| cpp/unterminated-variadic-call |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-121/UnterminatedVarargsCall.ql |
CWE-121 |
| cpp/conditionally-uninitialized-variable |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql |
CWE-457 |
| cpp/suspicious-add-sizeof |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql |
CWE-468 |
| cpp/suspicious-pointer-scaling |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-468/IncorrectPointerScaling.ql |
CWE-468 |
| cpp/suspicious-pointer-scaling-void |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql |
CWE-468 |
| cpp/potencialmente peligroso-función |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql |
CWE-676 |
| cpp/overflow-buffer |
/microsoft/cpp-queries/<Version>/Security/CWE/CWE-119/OverflowBuffer.ql |
CWE-119, CWE-121, CWE-122, CWE-126 |
consultas de Must-Run
El conjunto mustrun.qls contiene consultas que se deben ejecutar para pasar la certificación WHCP. Es posible que estas consultas no necesiten corregirse necesariamente debido a posibles falsos positivos, pero deben tener sus resultados revisados y los errores reales encontrados corregidos. Una DVL generada sin resultados para estas comprobaciones produce un error en la prueba de logotipo de Static Tools.
Para Windows 11, versión 26H1, las consultas expuestas por mustrun.qls y recommended.qls son idénticas .