Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IrqlInconsistentWithRequired: CodeQL port of C28166 #159

Open
wants to merge 1 commit into
base: development
Choose a base branch
from
Open

IrqlInconsistentWithRequired: CodeQL port of C28166 #159

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 52 additions & 0 deletions src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.qhelp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
<!DOCTYPE qhelp PUBLIC "-//Semmle//qhelp//EN" "qhelp.dtd">
<qhelp>
<overview>
<p>
TODO overview
</p>
</overview>
<recommendation>
<p>
TODO recommendation
</p>
</recommendation>
<example>
<p>
Function annotated with _IRQL_requires_same_ but can possibly exit at a different IRQL level.
</p>
<sample language="c"> <![CDATA[
_IRQL_requires_same_ void fail1(PKIRQL oldIrql)
{

if (oldIrql == PASSIVE_LEVEL)
{
KeLowerIrql(*oldIrql);
}
else
{
KeRaiseIrql(DISPATCH_LEVEL, oldIrql); // Function exits at DISPATCH_LEVEL
}
}
}]]>
</sample>
<p>
TODO example 2
</p>
<sample language="c"> <![CDATA[
// Example code
}]]>
</sample>
</example>
<semmleNotes>
<p>
TODO notes
</p>
</semmleNotes>
<references>
<li>
<a href="example.com">
Example link
</a>
</li>
</references>
</qhelp>
36 changes: 36 additions & 0 deletions src/drivers/general/queries/IrqlInconsistentWithRequired/IrqlInconsistentWithRequired.ql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.
/**
* @id cpp/drivers/irql-inconsistent-with-required
* @kind problem
* @name Irql Inconsistent With Required
* @description The actual IRQL is inconsistent with the required IRQL
* @platform Desktop
* @feature.area Multiple
* @impact Insecure Coding Practice
* @repro.textAn _IRQL_requires_same_ annotation specifies that the driver should be executing at a particular IRQL when the function completes, but there is at least one path in which the driver is executing at a different IRQL when the function completes.
* @owner.email: sdat@microsoft.com
* @opaqueid CQLD-C28156
* @problem.severity warning
* @precision medium
* @tags correctness
* @scope domainspecific
* @query-version v1
*/

import cpp
import drivers.libraries.Irql

from
IrqlRequiresSameAnnotatedFunction f, int irqlLevelEntry, int irqlLevelExit,
ControlFlowNode exitCfn, ControlFlowNode entryCfn
where
exitCfn = f.getControlFlowScope() and
entryCfn = f.getBlock() and
irqlLevelEntry = getPotentialExitIrqlAtCfn(entryCfn) and
irqlLevelExit = getPotentialExitIrqlAtCfn(exitCfn) and
irqlLevelEntry != irqlLevelExit
select f,
"Possible IRQL level at function completion inconsistent with the required IRQL level for some path. Irql level expected: "
+ irqlLevelEntry + ". Irql level found: " + irqlLevelExit +
". Review the IRQL level of the function."
Loading
Loading