Hi Gerd,
There is a way to suppress results explained here:
https://github.com/tianocore/edk2/tree/master/BaseTools/Plugin/CodeQL#filter-patterns
A real-world example is here:
https://github.com/microsoft/mu_basecore/blob/release/202311/CodeQlFilters.yml
That can currently operate at the file and CodeQL rule level
granularity. In this case, the null pointer test rule
("cpp/missing-null-test" as shown in
https://github.com/tianocore/edk2/security/code-scanning/1277) could be
excluded in MpLib.c.
---
Taking a quick look at the code highlighted:
MpHandOffConfig = GetMpHandOffConfigHob ();
ASSERT (MpHandOffConfig != NULL);
DEBUG ((
DEBUG_INFO,
"FirstMpHandOff->WaitLoopExecutionMode: %04d, sizeof (VOID *):
%04d\n",
MpHandOffConfig->WaitLoopExecutionMode,
sizeof (VOID *)
));
if (MpHandOffConfig->WaitLoopExecutionMode == sizeof (VOID *)) {
CodeQL flagged the two MpHandOffConfig dereferences. These is assigned
on the return value from GetMpHandOffConfigHob () defined as:
/**
Get pointer to MP_HAND_OFF_CONFIG GUIDed HOB body.
@return The pointer to MP_HAND_OFF_CONFIG structure.
**/
MP_HAND_OFF_CONFIG *
GetMpHandOffConfigHob (
VOID
)
{
EFI_HOB_GUID_TYPE *GuidHob;
GuidHob = GetFirstGuidHob (&mMpHandOffConfigGuid);
if (GuidHob == NULL) {
return NULL;
}
return (MP_HAND_OFF_CONFIG *)GET_GUID_HOB_DATA (GuidHob);
}
Can you please provide more context about why you believe a NULL return
value from the function is not a consideration? Generally, anything is
possible in the HOB list, for example, other code could overflow a HOB
boundary and mutate the this HOB's header preventing it from being found.
ASSERT() is useful for debug but it's control path is unpredictable in
core code based on platform policies that often have varying
perspectives of how to apply asserts and how they should be configured
in different scenarios. We introduced a "panic library" to use in rare
cases where we want more consistent behavior for fatal conditions.
Thanks,
Michael
On 2/27/2024 6:39 AM, Gerd Hoffmann wrote:
Hi,
I am hoping we can work together to improve the overall quality of the
code and minimize the number of CodeQL alerts.
Seems CodeQL now runs as part of CI and flags issues it has found.
It complains about a possible NULL pointer dereference:
https://github.com/tianocore/edk2/runs/22021016348
This is not correct, but I doubt code analysis will ever be clever
enough to figure this automatically. So I've added an ASSERT()
explicitly saying so, which should help both human reviewers and
code analyzers.
Apparently that does not change anything for CodeQL though. I guess
the CodeQL config must be updated so it knows what ASSERT() means?
Maybe it is ignored simply because it is upper case (unlike the
standard C library version which is lower case)?
thanks & take care,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116054): https://edk2.groups.io/g/devel/message/116054
Mute This Topic: https://groups.io/mt/102444916/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
