Nota:
El acceso a esta página requiere autorización. Puede intentar iniciar sesión o cambiar directorios.
El acceso a esta página requiere autorización. Puede intentar cambiar los directorios.
El repositorio de GitHub de Microsoft CodeQL ofrece dos conjuntos de consultas para simplificar el desarrollo de controladores de Windows y garantizar el cumplimiento del Programa de compatibilidad de hardware de Windows (WHCP). El conjunto recommended.qls incluye todas las consultas recomendadas para los desarrolladores de controladores, mientras que el conjunto mustfix.qls se centra en las consultas "Must-Fix" necesarias para la certificación WHCP. Ambos conjuntos se actualizan periódicamente.
consultas de Must-Fix para la certificación WCHP
El siguiente subconjunto de consultas son Must-Fix para la certificación WHCP y también se incluyen en el conjunto de correcciones recomendadas .
Este conjunto de reglas se incluye en mustfix.qls.
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/bad-addition-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql |
CWE-190, CWE-192 |
| cpp/pointer-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/PointerOverflow.ql |
No disponible |
| cpp/demasiados pocos argumentos |
codeql/cpp-queries/<Version>/Likely Bugs/Underspecified Functions/TooFewArguments.ql |
No disponible |
| cpp/comparison-with-wider-type |
codeql/cpp-queries/<Version>/Security/CWE/CWE-190/ComparisonWithWiderType.ql |
CWE-190, CWE-197, CWE-835 |
| cpp/hresult-boolean-conversion |
codeql/cpp-queries/<Version>/Security/CWE/CWE-253/HResultBooleanConversion.ql |
CWE-253 |
El archivo mustfix.qls incluye las siguientes consultas de código Must-Fix .
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Security queries required to fix when certifying Windows Drivers
- queries: .
from: codeql/cpp-queries
version: 0.9.0
- include:
query path:
- Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
- Likely Bugs/Memory Management/PointerOverflow.ql
- Likely Bugs/Underspecified Functions/TooFewArguments.ql
- Security/CWE/CWE-190/ComparisonWithWiderType.ql
- Security/CWE/CWE-253/HResultBooleanConversion.ql
- import: windows-driver-suites/windows_mustfix_partial.qls
from: microsoft/windows-drivers
Este conjunto de reglas se incluye en windows-driver-suites/windows_mustfix_partial.qls.
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/windows/wdk/deprecated-api |
/microsoft/windows-drivers/<Version>/drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql |
No disponible |
| microsoft/Security/CWE/CWE-704/WcharCharConversionLimited |
/microsoft/windows-drivers/<Version>/microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql |
CWE-704 |
El archivo windows_mustfix_partial.qls incluye las siguientes consultas de código Must-Fix .
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Security queries required to fix when certifying Windows Drivers
- queries: .
from: microsoft/windows-drivers
- include:
query path:
- drivers/general/queries/WdkDeprecatedApis/wdk-deprecated-api.ql
- microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql
Consultas de corrección recomendadas
Estas consultas forman parte del conjunto de consultas recommended.qls en el repositorio de Microsoft GitHub CodeQL. La columna "Enumeración de debilidad común" (CWE) identifica los tipos de problemas de seguridad que busca la consulta dada. Consulte la página de Mitre en CWE para obtener más información sobre los CWE.
La columna "Enumeración de debilidad común" (CWE) muestra los tipos de problemas de seguridad que identifica la consulta.
Procedimientos recomendados
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/offset-use-before-range-check |
codeql/cpp-queries/<Version>/Prácticas recomendadas/Errores probables/OffsetUseBeforeRangeCheck.ql |
No disponible |
Posibles fallos
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/bad-addition-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql |
CWE-190, CWE-192 |
| cpp/integer-multiplication-cast-to-long |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/IntMultToLong.ql |
CWE-190, CWE-192, CWE-197, CWE-681 |
| cpp/signed-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Arithmetic/SignedOverflowCheck.ql |
No disponible |
| cpp/upcast-array-pointer-arithmetic |
codeql/cpp-queries/<Version>/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql |
CWE-119, CWE-843 |
| cpp/pointer-overflow-check |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/PointerOverflow.ql |
No disponible |
| cpp/demasiados pocos argumentos |
codeql/cpp-queries/<Version>/Likely Bugs/Underspecified Functions/TooFewArguments.ql |
No disponible |
| cpp/incorrect-not-operator-usage |
codeql/cpp-queries/<Version>/Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql |
CWE-480 |
| cpp/suspicious-add-sizeof |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/SuspiciousSizeof.ql |
CWE-468 |
| cpp/uninitialized-local |
codeql/cpp-queries/<Version>/Likely Bugs/Memory Management/UninitializedLocal.ql |
CWE-457, CWE-665 |
Seguridad
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/conditionally-uninitialized-variable |
codeql/cpp-queries/<Version>/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql. |
CWE-457 |
| cpp/unterminated-variadic-call |
codeql/cpp-queries/<Version>/Security/CWE/CWE-121/UnterminatedVarargsCall.ql |
CWE-121 |
| cpp/suspicious-pointer-scaling |
codeql/cpp-queries/<Version>/Security/CWE/CWE-468/IncorrectPointerScaling.ql |
CWE-468 |
| cpp/suspicious-pointer-scaling-void |
codeql/cpp-queries/<Version>/Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql |
CWE-468 |
| cpp/potencialmente peligroso-función |
codeql/cpp-queries/<Version>/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql |
CWE-676 |
| cpp/incorrect-string-type-conversion |
codeql/cpp-queries/<Version>/Security/CWE/CWE-704/WcharCharConversion.ql |
CWE-704 |
| cpp/comparison-with-wider-type |
codeql/cpp-queries/<Version>/Security/CWE/CWE-190/ComparisonWithWiderType.ql |
CWE-190, CWE-197, CWE-835 |
| cpp/hresult-boolean-conversion |
codeql/cpp-queries/<Version>/Security/CWE/CWE-253/HResultBooleanConversion.ql |
CWE-253 |
| cpp/suspicious-add-sizeof |
codeql/cpp-queries/<Version>/Security/CWE/CWE-468/CWE-468/SuspiciousAddWithSizeof.ql |
CWE-468 |
El archivo recommended.qls incluye las siguientes consultas de código recomendadas.
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Recommended and required queries for Windows Drivers.
- import: windows-driver-suites/windows_mustfix_partial.qls
from: microsoft/windows-drivers
- import: windows-driver-suites/windows_recommended_partial.qls
from: microsoft/windows-drivers
- queries: .
from: codeql/cpp-queries
version: 0.9.0
- include:
query path:
- Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql
- Likely Bugs/Arithmetic/IntMultToLong.ql
- Likely Bugs/Arithmetic/SignedOverflowCheck.ql
- Likely Bugs/Conversion/CastArrayPointerArithmetic.ql
- Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql
- Likely Bugs/Memory Management/SuspiciousSizeof.ql
- Likely Bugs/Memory Management/UninitializedLocal.ql
- Security/CWE/CWE-121/UnterminatedVarargsCall.ql
- Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql
- Security/CWE/CWE-468/IncorrectPointerScaling.ql
- Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql
- Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
- Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
- Security/CWE/CWE-704/WcharCharConversion.ql
- Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
- Likely Bugs/Memory Management/PointerOverflow.ql
- Likely Bugs/Underspecified Functions/TooFewArguments.ql
- Security/CWE/CWE-190/ComparisonWithWiderType.ql
- Security/CWE/CWE-253/HResultBooleanConversion.ql
Estas consultas forman parte del conjunto de consultas windows_recommended_partial.qls .
Errores probables: windows_recommended_partial.qls
| identificación | Ubicación | Enumeración de Debilidades Comunes |
|---|---|---|
| cpp/paddingbyteinformationdisclosure |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql |
No disponible |
| cpp/badoverflowguard |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql |
No disponible |
| cpp/infiniteloop |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/Conversion/InfiniteLoop.ql |
No disponible |
| cpp/uninitializedptrfield |
microsoft/windows-drivers/<Version>/microsoft/Likely Bugs/UninitializedPtrField.ql |
No disponible |
| cpp/use-after-free |
microsoft/windows-drivers/<Version>/microsoft/Probables errores/Administración de memoria/UseAfterFree/UseAfterFree.ql |
No disponible |
Seguridad: windows_recommended_partial.qls
| identificación | Ubicación | Advertencia de análisis de código |
|---|---|---|
| cpp/weak-crypto/cng/hardcoded-iv |
/microsoft/windows-drivers/<Version>/microsoft/Security/Cryptography/HardcodedIVCNG.ql |
No disponible |
Controladores: General
| identificación | Ubicación | Advertencia de análisis de código |
|---|---|---|
| cpp/drivers/ke-set-event-pageable |
/microsoft/windows-drivers/<Version>/drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql |
No hay ninguna comprobación de CA asociada |
| cpp/drivers/role-type-correctly-used |
/microsoft/windows-drivers/<Version>/drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql |
No hay ninguna comprobación de CA asociada |
| cpp/drivers/extended-deprecated-apis |
/microsoft/windows-drivers/<Version>/drivers/general/queries/ExtendedDeprecatedApis.ql |
Advertencia C28719, Advertencia C28726, Advertencia C28735, Advertencia C28750 |
| cpp/drivers/irql-not-saved |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql |
Advertencia C28158 |
| cpp/drivers/irql-not-used |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql |
Advertencia C28157 |
| cpp/drivers/irql-set-too-high |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql |
Advertencia C28150 |
| cpp/drivers/irql-too-low |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlTooLow/IrqlTooLow.ql |
Advertencia C28120 |
| cpp/drivers/irql-set-too-high |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlSetTooHigh/IrqlTooHigh.ql |
Advertencia C28121 |
| cpp/drivers/irql-set-too-low |
/microsoft/windows-drivers/<Version>/drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql |
Advertencia C28124 |
| cpp/drivers/pool-tag-integral |
/microsoft/windows-drivers/<Version>/drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql |
Advertencia C28134 |
| cpp/drivers/str-safe |
/microsoft/windows-drivers/<Version>/drivers/general/queries/StrSafe/StrSafe.ql |
Advertencia C28146 |
Controladores: WDM
| identificación | Ubicación | Advertencia de análisis de código |
|---|---|---|
| cpp/drivers/illegal-field-access |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql |
Advertencia C28128 |
| cpp/drivers/illegal-field-access2 |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql |
Advertencia C28175 |
| cpp/drivers/illegal-field-write |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql |
Advertencia C28176 |
| cpp/drivers/opaque-mdl-use |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql |
(No hay ninguna comprobación de CA asociada) |
| cpp/drivers/opaque-mdl-write |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlWrite.ql |
Advertencia C28145 |
| cpp/drivers/pending-status-error |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/PendingStatusError/PendingStatusError.ql |
Advertencia C28143 |
| cpp/drivers/wrong-dispatch-table-assignment |
/microsoft/windows-drivers/<Version>/drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql |
Advertencia de C28169 |
El archivo windows-driver-suites/windows_recommended_partial.qls incluye las siguientes consultas de código recomendadas.
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT license.
- description: Recommended and required queries for Windows Drivers.
- import: windows-driver-suites/windows_mustfix_partial.qls
- queries: .
from: microsoft/windows-drivers
- include:
query path:
- microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql
- microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql
- microsoft/Likely Bugs/Conversion/InfiniteLoop.ql
- microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql
- microsoft/Likely Bugs/UninitializedPtrField.ql
- microsoft/Security/Crytpography/HardcodedIVCNG.ql
- drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql
- drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql
- drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql
- drivers/general/queries/ExaminedValue/ExaminedValue.ql
- drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql
- drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql
- drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql
- drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql
- drivers/general/queries/IrqlTooLow/IrqlTooLow.ql
- drivers/general/queries/IrqlSetTooHigh/IrqlTooHigh.ql
- drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql
- drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql
- drivers/general/queries/StrSafe/StrSafe.ql
- drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql
- drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql
- drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql
- drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql
- drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlWrite.ql
- drivers/wdm/queries/PendingStatusError/PendingStatusError.ql
- drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql