Catatan
Akses ke halaman ini memerlukan otorisasi. Anda dapat mencoba masuk atau mengubah direktori.
Akses ke halaman ini memerlukan otorisasi. Anda dapat mencoba mengubah direktori.
Repositori GitHub Microsoft CodeQL menawarkan dua suite kueri untuk menyederhanakan pengembangan driver Windows dan memastikan kepatuhan terhadap Program Kompatibilitas Perangkat Keras Windows (WHCP). Rangkaian recommended.qls mencakup semua kueri yang direkomendasikan untuk pengembang driver, sementara rangkaian mustfix.qls berfokus pada kueri "Harus Diperbaiki" yang diperlukan untuk sertifikasi WHCP. Kedua suite diperbarui secara berkala.
Must-Fix pertanyaan untuk sertifikasi WCHP
Subset kueri berikut adalah Harus Diperbaiki untuk sertifikasi WHCP dan juga disertakan dalam rangkaian Perbaikan yang Direkomendasikan .
Seperangkat aturan ini disertakan dalam mustfix.qls.
| ID | Lokasi | Enumerasi Kelemahan Umum |
|---|---|---|
| cpp/pemeriksaan-kelebihan-penambahan-yang-buruk |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql |
CWE-190, CWE-192 |
| cpp/pointer-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/PointerOverflow.ql |
Tidak tersedia |
| cpp/terlalu-sedikit-argumen |
codeql/cpp-queries/<Version>/Likely Bugs/Underspecified Functions/TooFewArguments.ql |
Tidak tersedia |
| cpp/comparison-with-wider-type |
codeql/cpp-queries/<Version>/Security/CWE/CWE-190/ComparisonWithWiderType.ql |
CWE-190, CWE-197, CWE-835 |
| cpp/hresult-boolean-conversion |
codeql/cpp-queries/<Version>/Security/CWE/CWE-253/HResultBooleanConversion.ql |
CWE-253 |
File mustfix.qls menyertakan kueri kode Harus Diperbaiki berikut.
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Security queries required to fix when certifying Windows Drivers
- queries: .
from: codeql/cpp-queries
version: 0.9.0
- include:
query path:
- Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
- Likely Bugs/Memory Management/PointerOverflow.ql
- Likely Bugs/Underspecified Functions/TooFewArguments.ql
- Security/CWE/CWE-190/ComparisonWithWiderType.ql
- Security/CWE/CWE-253/HResultBooleanConversion.ql
- import: windows-driver-suites/windows_mustfix_partial.qls
from: microsoft/windows-drivers
Seperangkat aturan ini termasuk dalam windows-driver-suites/windows_mustfix_partial.qls.
| ID | Lokasi | Enumerasi Kelemahan Umum |
|---|---|---|
| cpp/windows/wdk/deprecated-api |
/microsoft/windows-drivers/<Version>/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql |
Tidak tersedia |
| microsoft/Security/CWE/CWE-704/WcharCharConversionLimited |
/microsoft/windows-drivers/<Version>/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql |
CWE-704 |
File windows_mustfix_partial.qls menyertakan kueri kode Harus Diperbaiki berikut.
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Security queries required to fix when certifying Windows Drivers
- queries: .
from: microsoft/windows-drivers
- include:
query path:
- drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql
- microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql
Kueri Perbaikan yang Direkomendasikan
Kueri ini adalah bagian dari rangkaian kueri recommended.qls di repositori Microsoft GitHub CodeQL. Kolom "Enumerasi Kelemahan Umum" (CWE) mengidentifikasi jenis masalah keamanan apa yang dicari kueri yang diberikan. Lihat halaman Mitre di CWE untuk detail selengkapnya tentang CWEs.
Kolom "Enumerasi Kelemahan Umum" (CWE) menunjukkan jenis masalah keamanan yang diidentifikasi kueri.
Praktik Terbaik
| ID | Lokasi | Enumerasi Kelemahan Umum |
|---|---|---|
| cpp/offset-penggunaan-sebelum-pemeriksaan-jangkauan |
codeql/cpp-queries/<Version>/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql |
Tidak tersedia |
Bug yang Mungkin Terjadi
| ID | Lokasi | Enumerasi Kelemahan Umum |
|---|---|---|
| cpp/pemeriksaan-kelebihan-penambahan-yang-buruk |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql |
CWE-190, CWE-192 |
| cpp/integer-multiplication-cast-to-long |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/IntMultToLong.ql |
CWE-190, CWE-192, CWE-197, CWE-681 |
| cpp/signed-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/SignedOverflowCheck.ql |
Tidak tersedia |
| cpp/upcast-array-pointer-arithmetic |
codeql/cpp-queries/<Version>/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql |
CWE-119, CWE-843 |
| cpp/pointer-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/PointerOverflow.ql |
Tidak tersedia |
| cpp/terlalu-sedikit-argumen |
codeql/cpp-queries/<Version>/Likely Bugs/Underspecified Functions/TooFewArguments.ql |
Tidak tersedia |
| cpp/incorrect-not-operator-usage |
codeql/cpp-queries/<Version>/Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql |
CWE-480 |
| cpp/suspicious-add-sizeof |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/SuspiciousSizeof.ql |
CWE-468 |
| cpp/uninitialized-local |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/UninitializedLocal.ql |
CWE-457, CWE-665 |
Keamanan
| ID | Lokasi | Enumerasi Kelemahan Umum |
|---|---|---|
| cpp/conditionally-uninitialized-variable |
codeql/cpp-queries/<Version>/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql. |
CWE-457 |
| cpp/panggilan-varian-tidak-berakhir |
codeql/cpp-queries/<Version>/Security/CWE/CWE-121/UnterminatedVarargsCall.ql |
CWE-121 |
| cpp/suspicious-pointer-scaling |
codeql/cpp-queries/<Version>/Security/CWE/CWE-468/IncorrectPointerScaling.ql |
CWE-468 |
| cpp/suspicious-pointer-scaling-void |
codeql/cpp-queries/<Version>/Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql |
CWE-468 |
| cpp/potentially-dangerous-function |
codeql/cpp-queries/<Version>/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql |
CWE-676 |
| cpp/incorrect-string-type-conversion |
codeql/cpp-queries/<Version>/Security/CWE/CWE-704/WcharCharConversion.ql |
CWE-704 |
| cpp/comparison-with-wider-type |
codeql/cpp-queries/<Version>/Security/CWE/CWE-190/ComparisonWithWiderType.ql |
CWE-190, CWE-197, CWE-835 |
| cpp/hresult-boolean-conversion |
codeql/cpp-queries/<Version>/Security/CWE/CWE-253/HResultBooleanConversion.ql |
CWE-253 |
| cpp/suspicious-add-sizeof |
codeql/cpp-queries/<Version>/Security/CWE/CWE-468/CWE-468/SuspiciousAddWithSizeof.ql |
CWE-468 |
File recommended.qls menyertakan kueri kode yang direkomendasikan berikut.
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Recommended and required queries for Windows Drivers.
- import: windows-driver-suites/windows_mustfix_partial.qls
from: microsoft/windows-drivers
- import: windows-driver-suites/windows_recommended_partial.qls
from: microsoft/windows-drivers
- queries: .
from: codeql/cpp-queries
version: 0.9.0
- include:
query path:
- Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql
- Likely Bugs/Arithmetic/IntMultToLong.ql
- Likely Bugs/Arithmetic/SignedOverflowCheck.ql
- Likely Bugs/Conversion/CastArrayPointerArithmetic.ql
- Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql
- Likely Bugs/Memory Management/SuspiciousSizeof.ql
- Likely Bugs/Memory Management/UninitializedLocal.ql
- Security/CWE/CWE-121/UnterminatedVarargsCall.ql
- Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql
- Security/CWE/CWE-468/IncorrectPointerScaling.ql
- Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql
- Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
- Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
- Security/CWE/CWE-704/WcharCharConversion.ql
- Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
- Likely Bugs/Memory Management/PointerOverflow.ql
- Likely Bugs/Underspecified Functions/TooFewArguments.ql
- Security/CWE/CWE-190/ComparisonWithWiderType.ql
- Security/CWE/CWE-253/HResultBooleanConversion.ql
Kueri ini adalah bagian dari rangkaian kueri windows_recommended_partial.qls .
Kemungkinan Bug - windows_recommended_partial.qls
| ID | Lokasi | Enumerasi Kelemahan Umum |
|---|---|---|
| cpp/paddingbyteinformationdisclosure |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql |
Tidak tersedia |
| cpp/badoverflowguard |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql |
Tidak tersedia |
| cpp/infiniteloop |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql |
Tidak tersedia |
| cpp/uninitializedptrfield |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/UninitializedPtrField.ql |
Tidak tersedia |
| cpp/use-after-free |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql |
Tidak tersedia |
Keamanan - windows_recommended_partial.qls
| ID | Lokasi | Peringatan Analisis Kode |
|---|---|---|
| cpp/weak-crypto/cng/hardcoded-iv |
/microsoft/windows-drivers/<Version>/microsoft/Security/Cryptography/HardcodedIVCNG.ql |
Tidak tersedia |
Driver - Umum
| ID | Lokasi | Peringatan Analisis Kode |
|---|---|---|
| cpp/drivers/ke-set-event-pageable |
/microsoft/windows-drivers/<Version>/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql |
Tidak ada pemeriksaan CA terkait |
| cpp/drivers/role-type-correctly-used |
/microsoft/windows-drivers/<Version>/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql |
Tidak ada pemeriksaan CA terkait |
| cpp/drivers/extended-deprecated-apis |
/microsoft/windows-drivers/<Version>/drivers/general/queries/ExtendedDeprecatedApis.ql |
C28719 Peringatan, C28726 Peringatan, C28735 Peringatan, C28750 Peringatan |
| cpp/drivers/irql-not-saved |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql |
Peringatan C28158 |
| cpp/drivers/irql-not-used |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql |
Peringatan C28157 |
| cpp/drivers/irql-set-too-high |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql |
Peringatan C28150 |
| cpp/drivers/irql-too-low |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql |
Peringatan C28120 |
| cpp/drivers/irql-set-too-high |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlSetTooHigh/IrqlTooHigh.ql |
Peringatan C28121 |
| cpp/drivers/irql-set-too-low |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql |
Peringatan C28124 |
| cpp/drivers/pool-tag-integral |
/microsoft/windows-drivers/<Version>/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql |
Peringatan C28134 |
| cpp/drivers/str-safe |
/microsoft/windows-drivers/<Version>/drivers/general/queries/StrSafe/StrSafe.ql |
Peringatan C28146 |
Driver - WDM
| ID | Lokasi | Peringatan Analisis Kode |
|---|---|---|
| cpp/drivers/akses-lapangan-ilegal |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql |
Peringatan C28128 |
| cpp/drivers/akses-bidang-ilegal2 |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql |
Peringatan C28175 |
| cpp/pengandar/penulisan-bidang-ilegal |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql |
Peringatan C28176 |
| cpp/drivers/opaque-mdl-use |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql |
(Tidak ada pemeriksaan CA terkait) |
| cpp/drivers/opaque-mdl-write |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlWrite.ql |
Peringatan C28145 |
| cpp/drivers/pending-status-error (kesalahan-status-masa-tunggu) |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql |
Peringatan C28143 |
| cpp/drivers/penugasan-tabel-dispatch-yang-salah |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql |
Peringatan C28169 |
File windows-driver-suites/windows_recommended_partial.qls menyertakan kueri kode yang direkomendasikan berikut.
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Recommended and required queries for Windows Drivers.
- import: windows-driver-suites/windows_mustfix_partial.qls
- queries: .
from: microsoft/windows-drivers
- include:
query path:
- microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql
- microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql
- microsoft/Likely Bugs/Conversion/InfiniteLoop.ql
- microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql
- microsoft/Likely Bugs/UninitializedPtrField.ql
- microsoft/Security/Crytpography/HardcodedIVCNG.ql
- drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql
- drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql
- drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql
- drivers/general/queries/ExaminedValue/ExaminedValue.ql
- drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql
- drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql
- drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql
- drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql
- drivers/general/queries/IrqlTooLow/IrqlTooLow.ql
- drivers/general/queries/IrqlSetTooHigh/IrqlTooHigh.ql
- drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql
- drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql
- drivers/general/queries/StrSafe/StrSafe.ql
- drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql
- drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql
- drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql
- drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql
- drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlWrite.ql
- drivers/wdm/queries/PendingStatusError/PendingStatusError.ql
- drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql