C++ analyzer provides a broader coverage of the C++ Core Guidelines and detects broken access control security issues

Hello C++ developers,

We’re proud to announce the following improvements to the C++ analyzer:

  • security rules detecting broken authentication and access control issues
  • broader coverage of the C++ Core Guidelines

Security Rules

We implemented 6 rules related to broken access control (incorrect permission assignments, privilege escalations, unprotected APIs …):

  • S5847: Accessing files should not introduce TOCTOU vulnerabilities (Critical)
  • S5832: Account validity should be verified when authenticating users with PAM (Major)
  • S5982: Changing working directories without verifying the success is security-sensitive
  • S5802: Changing directories improperly when using “chroot” is security-sensitive
  • S2612: Setting loose POSIX file permissions is security-sensitive
  • S5849: Setting capabilities is security-sensitive

C++ Core Guidelines

This is still not the end of the journey but we already reached a good coverage of the C++ Core Guidelines with a total of 80+ rules that help you make sure your C++ code is compliant with these coding guidelines.

Bug Detection rule:

  • S5912: Objects should not be sliced (Blocker)

Code Smell Detection rules:

  • S5827: “auto” should be used to avoid repetition of types (Major)
  • S5950: Use “make_unique” and “make_shared” to construct “unique_ptr” and “shared_ptr” (Major)
  • S5415: “std::move” should only be used where moving can happen (Major)
  • S5945: C-style array should not be used (Major)
  • S5965: Classes should explicitly specify the access level when specifying base classes (Minor)
  • S5966: Struct should explicitly specify the access level when specifying base classes (Minor)
  • S5951: Return type of functions shouldn’t be const qualified value (Minor)
  • S5964: “std::initializer_list” constructor should not overlap with other constructors (Minor)
  • S5955: Loop variables should be declared in the minimal possible scope (Minor)
  • S5962: Threads should not be detached (Minor)
  • S5954: “shared_pointer” should not be taken by rvalue reference (Minor)
  • S1155: Do not check emptiness with a size method when a dedicated function exists (Minor)
  • S5946: “std::endl” should not be used (Minor)
  • S5952: Inheriting constructors should be used (Minor)
  • S5978: Multicharacter literals should not be used (Minor)
  • S5981: “dynamic_cast” should be used for downcasting (Minor)

For more information, see the changelog.

You can already enjoy these new rules on SonarCloud and you will find them included in SonarQube 8.5 starting from the Developer Edition.

Cheers
Alex

4 Likes

If you want to learn more about TOCTOU vulnerability, you can have a look at this entry added to SonarSource’s blog: https://blog.sonarsource.com/winning-the-race-against-toctou-vulnerabilities

1 Like