CodeQL-frågor och sviter för Windows-drivrutinstestning

Microsoft CodeQL GitHub-lagringsplatsen erbjuder två frågesviter för att förenkla utvecklingen av Windows-drivrutinen och säkerställa kompatibilitet med Windows Hardware Compatibility Program (WHCP). Den rekommenderade.qls-sviten innehåller alla rekommenderade frågor för drivrutinsutvecklare, medan mustfix.qls-sviten fokuserar på "Must-Fix"-frågor som krävs för WHCP-certifiering. Båda sviterna uppdateras regelbundet.

Must-Fix frågor för WCHP-certifiering

Följande delmängd av frågor är Must-Fix för WHCP-certifiering och ingår även i den rekommenderade korrigeringssviten .

Den här uppsättningen regler ingår i mustfix.qls.

ID-nummer	Plats	Vanliga svaghetsuppräkning
cpp/otillräcklig-detektering-av-överflöde-vid-addition	codeql/cpp-queries/`<Version>`/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql	CWE-190, CWE-192
cpp/pointer-overflow-check	codeql/cpp-queries/`<Version>`/Likely Bugs/Memory Management/PointerOverflow.ql	Inte tillgänglig
cpp/för få argument	codeql/cpp-queries/`<Version>`/Likely Bugs/Underspecified Functions/TooFewArguments.ql	Inte tillgänglig
cpp/jämförelse-med-bredare-typ	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-190/ComparisonWithWiderType.ql	CWE-190, CWE-197, CWE-835
`cpp/hresult-boolean-conversion`	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-253/HResultBooleanConversion.ql	CWE-253

Filen mustfix.qls innehåller följande kodfrågor som måste åtgärdas .

# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.

- description: Security queries required to fix when certifying Windows Drivers
- queries: .
  from: codeql/cpp-queries
  version: 0.9.0
- include:
    query path:
      - Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
      - Likely Bugs/Memory Management/PointerOverflow.ql
      - Likely Bugs/Underspecified Functions/TooFewArguments.ql
      - Security/CWE/CWE-190/ComparisonWithWiderType.ql
      - Security/CWE/CWE-253/HResultBooleanConversion.ql
- import: windows-driver-suites/windows_mustfix_partial.qls
  from: microsoft/windows-drivers

Den här uppsättningen regler ingår i windows-driver-suites/windows_mustfix_partial.qls.

ID-nummer	Plats	Vanliga svaghetsuppräkning
cpp/windows/wdk/föråldrat-api	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql	Inte tillgänglig
microsoft/Security/CWE/CWE-704/WcharCharConversionLimited	/microsoft/windows-drivers/`<Version>`/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql	CWE-704

Filen windows_mustfix_partial.qls innehåller följande kodfrågor som måste åtgärdas .

# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.

- description: Security queries required to fix when certifying Windows Drivers
- queries: .
  from: microsoft/windows-drivers
- include:
    query path:
      - drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql
      - microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql

Rekommenderade korrigeringsfrågor

De här frågorna ingår i frågesviten recommended.qls på Microsoft GitHub CodeQL-lagringsplatsen. Kolumnen "Common Weakness Enumeration" (CWE) identifierar vilka typer av säkerhetsproblem som den angivna frågan söker efter. Mer information om CWEs finns på Mitre-sidan på CWE .

Kolumnen "Common Weakness Enumeration" (CWE) visar de typer av säkerhetsproblem som frågan identifierar.

Metodtips

ID-nummer	Plats	Vanliga svaghetsuppräkning
cpp/offset-use-before-range-check	codeql/cpp-queries/`<Version>`/Bästa praxis/Sannolika fel/OffsetUseBeforeRangeCheck.ql	Inte tillgänglig

Troliga buggar

ID-nummer	Plats	Vanliga svaghetsuppräkning
cpp/otillräcklig-detektering-av-överflöde-vid-addition	codeql/cpp-queries/`<Version>`/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql	CWE-190, CWE-192
cpp/integer-multiplication-cast-to-long	codeql/cpp-queries/`<Version>`/Likely Bugs/Arithmetic/IntMultToLong.ql	CWE-190, CWE-192, CWE-197, CWE-681
cpp/kontroll-av-signerat-överflöde	codeql/cpp-queries/`<Version>`/Likely Bugs/Arithmetic/SignedOverflowCheck.ql	Inte tillgänglig
cpp/upcast-array-pointer-aritmetic	codeql/cpp-queries/`<Version>`/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql	CWE-119, CWE-843
cpp/pointer-overflow-check	codeql/cpp-queries/`<Version>`/Likely Bugs/Memory Management/PointerOverflow.ql	Inte tillgänglig
cpp/för få argument	codeql/cpp-queries/`<Version>`/Likely Bugs/Underspecified Functions/TooFewArguments.ql	Inte tillgänglig
cpp/felaktig-användning-av-icke-operator	codeql/cpp-queries/`<Version>`/Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql	CWE-480
cpp/suspicious-add-sizeof	codeql/cpp-queries/`<Version>`/Likely Bugs/Memory Management/SuspiciousSizeof.ql	CWE-468
cpp/uninitialized-local	codeql/cpp-queries/`<Version>`/Likely Bugs/Memory Management/UninitializedLocal.ql	CWE-457, CWE-665

Säkerhet

ID-nummer	Plats	Vanliga svaghetsuppräkning
cpp/ständigt-ouppdaterad-variabel	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql.	CWE-457
cpp/unterminated-variadic-call	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-121/UnterminatedVarargsCall.ql	CWE-121
cpp/misstänkt pekarskalning	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-468/IncorrectPointerScaling.ql	CWE-468
cpp/suspicious-pointer-scaling-void	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql	CWE-468
cpp/potentiellt farlig funktion	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql	CWE-676
cpp/felaktig-strängtypkonvertering	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-704/WcharCharConversion.ql	CWE-704
cpp/jämförelse-med-bredare-typ	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-190/ComparisonWithWiderType.ql	CWE-190, CWE-197, CWE-835
`cpp/hresult-boolean-conversion`	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-253/HResultBooleanConversion.ql	CWE-253
cpp/suspicious-add-sizeof	codeql/cpp-queries/`<Version>`/Security/CWE/CWE-468/CWE-468/SuspiciousAddWithSizeof.ql	CWE-468

Filen recommended.qls innehåller följande rekommenderade kodfrågor.

# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.

- description: Recommended and required queries for Windows Drivers.
- import: windows-driver-suites/windows_mustfix_partial.qls
  from: microsoft/windows-drivers
- import: windows-driver-suites/windows_recommended_partial.qls
  from: microsoft/windows-drivers
- queries: .
  from: codeql/cpp-queries
  version: 0.9.0
- include:
    query path:
      - Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql
      - Likely Bugs/Arithmetic/IntMultToLong.ql
      - Likely Bugs/Arithmetic/SignedOverflowCheck.ql
      - Likely Bugs/Conversion/CastArrayPointerArithmetic.ql
      - Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql
      - Likely Bugs/Memory Management/SuspiciousSizeof.ql
      - Likely Bugs/Memory Management/UninitializedLocal.ql
      - Security/CWE/CWE-121/UnterminatedVarargsCall.ql
      - Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql
      - Security/CWE/CWE-468/IncorrectPointerScaling.ql
      - Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql
      - Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
      - Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
      - Security/CWE/CWE-704/WcharCharConversion.ql
      - Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
      - Likely Bugs/Memory Management/PointerOverflow.ql
      - Likely Bugs/Underspecified Functions/TooFewArguments.ql
      - Security/CWE/CWE-190/ComparisonWithWiderType.ql
      - Security/CWE/CWE-253/HResultBooleanConversion.ql

Dessa frågor ingår i frågesviten windows_recommended_partial.qls .

Förmodade buggar – windows_recommended_partial.qls

ID-nummer	Plats	Vanliga svaghetsuppräkning
cpp/paddingbyteinformationdisclosure	microsoft/windows-drivers/microsoft/Troliga Buggar/Gränsbrott/PaddingByteInformationDisclosure.ql	Inte tillgänglig
cpp/badoverflowguard	microsoft/windows-drivers/`<Version>`/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql	Inte tillgänglig
cpp/infiniteloop	microsoft/windows-drivers/`<Version>`/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql	Inte tillgänglig
cpp/uninitializedptrfield	microsoft/windows-drivers/`<Version>`/microsoft/Likely Bugs/UninitializedPtrField.ql	Inte tillgänglig
cpp/use-after-free	microsoft/windows-drivers/`<Version>`/microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql	Inte tillgänglig

Säkerhet – windows_recommended_partial.qls

ID-nummer	Plats	Varning för kodanalys
cpp/weak-crypto/cng/hardcoded-iv	/microsoft/windows-drivers/`<Version>`/microsoft/Security/Cryptography/HardcodedIVCNG.ql	Inte tillgänglig

Drivrutiner – Allmänt

ID-nummer	Plats	Varning för kodanalys
cpp/drivers/ke-set-event-pageable	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql	Ingen associerad CA-kontroll
cpp/drivers/role-type-correctly-used	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql	Ingen associerad CA-kontroll
cpp/drivers/extended-deprecated-apis	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/ExtendedDeprecatedApis.ql	C28719 Varning, C28726 Varning, C28735 Varning, C28750 Varning
cpp/drivers/irql-not-saved	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql	C28158 Varning
cpp/drivrutiner/irql-ej-används	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql	C28157 Varning
cpp/drivrutiner/irql-inställd-för-hög	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql	C28150 Varning
cpp/drivers/irql-too-low	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql	C28120 Varning
cpp/drivrutiner/irql-inställd-för-hög	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/IrqlSetTooHigh/IrqlTooHigh.ql	C28121 Varning
cpp/drivers/irql-set-too-low	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql	C28124 Varning
cpp/drivers/pool-tag-integral	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql	C28134 Varning
cpp/drivers/str-safe	/microsoft/windows-drivers/`<Version>`/drivers/general/queries/StrSafe/StrSafe.ql	C28146 Varning

Drivrutiner – WDM

ID-nummer	Plats	Varning för kodanalys
cpp/drivers/illegal-field-access	/microsoft/windows-drivers/`<Version>`/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql	C28128 Varning
cpp/drivrutiner/olaglig-fältåtkomst2	/microsoft/windows-drivers/`<Version>`/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql	C28175 Varning
cpp/drivrutiner/otillåten-fält-skrivning	/microsoft/windows-drivers/`<Version>`/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql	C28176 Varning
cpp/drivers/opaque-mdl-use	/microsoft/windows-drivers/`<Version>`/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql	(Ingen associerad CA-kontroll)
cpp/drivers/opaque-mdl-write	/microsoft/windows-drivers/`<Version>`/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlWrite.ql	C28145 Varning
cpp/drivers/pending-status-error	/microsoft/windows-drivers/`<Version>`/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql	C28143 Varning
cpp/drivrutiner/felaktig-tilldelning-av-dispatch-tabell	/microsoft/windows-drivers/`<Version>`/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql	C28169 Varning

Filen windows-driver-suites/windows_recommended_partial.qls innehåller följande rekommenderade kodfrågor.

# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.

- description: Recommended and required queries for Windows Drivers.
- import: windows-driver-suites/windows_mustfix_partial.qls
- queries: .
  from: microsoft/windows-drivers
- include:
    query path:
      - microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql
      - microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql
      - microsoft/Likely Bugs/Conversion/InfiniteLoop.ql
      - microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql
      - microsoft/Likely Bugs/UninitializedPtrField.ql
      - microsoft/Security/Crytpography/HardcodedIVCNG.ql
      - drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql
      - drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql
      - drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql
      - drivers/general/queries/ExaminedValue/ExaminedValue.ql
      - drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql
      - drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql
      - drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql
      - drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql
      - drivers/general/queries/IrqlTooLow/IrqlTooLow.ql
      - drivers/general/queries/IrqlSetTooHigh/IrqlTooHigh.ql
      - drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql
      - drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql
      - drivers/general/queries/StrSafe/StrSafe.ql
      - drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql
      - drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql
      - drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql
      - drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql
      - drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlWrite.ql
      - drivers/wdm/queries/PendingStatusError/PendingStatusError.ql
      - drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql

Feedback

Var den här sidan till hjälp?

Last updated on 2025-05-14