CodeSonar Release 3.5p1 Release Notes

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

CodeSonar^® 9.0p0 Hot Tips

CONFIDENTIAL

CodeSecure Inc

Release Notes

CodeSonar Release 3.5, patchlevel 1: Release Notes

Major New Features
Notes on Upgrading
Notes on Installing
Other New Features
Other Changes
Details

Major New Features

Further Windows Support: The CodeSonar build/analysis and hub can now be run under Windows 7 and Windows Vista® (32- and 64-bit), and under 64-bit Windows XP.
"Build Security In" Checks: A number of new warning classes have been introduced to support the C/C++ coding rules provided by the Build Security In (BSI) software assurance initiative of the U.S. Department of Homeland Security. The manual section on "Build Security In" (BSI) Checks provides full details.

Notes on Upgrading

If you have edited any configuration files, see the manual section on updating configuration files.
The Windows installer will not install CodeSonar in a directory that already exists. If you intend to install in the same location as a a previous version of CodeSonar, and you have edited any files in the installation directory, make copies of those files before you uninstall CodeSonar and delete the directory.
Existing analysis results will be preserved when you upgrade, provided that your hub directory is not located under the CodeSonar installation directory. (If it is, move it before you upgrade.)

Notes on Installing

The Installation manual section provides instructions for installing CodeSonar.

For Windows users without Administrator privileges, some additional steps are required. The simplest solution is to acquire these privileges, but if this is not possible then the additional steps are as follows. Note that non-Administrators are not able to create Windows services, so it will not be possible to run the CodeSonar hub or launch daemon as services.

Make sure you specify an installation directory for which you have write permission. Your home directory is usually a suitable candidate; Program Files usually is not.
If you want to run the CodeSonar build/analysis, an Administrator must install the device driver:
hookcs.exe --uninstall --install
This is not necessary if the installation is only being used to run a hub.

Other New Features

New Warning Classes: A number of new warning classes have been introduced in this version of CodeSonar.
Expanded Web GUI Functionality: There are a number of extensions and improvements to the CodeSonar Web GUI.
armcpp Compiler Model: There is now a model for the ARM Real View Compiler Tools (RVCT) C++ compiler. By default, invocations of armcpp(.exe) are associated with this model. The armcpp model is the same as the armcc model, except that all files are compiled as C++.

Other Changes

This version of CodeSonar uses CWE v1.6 (released October 29, 2009).
Warning class changes: Some warning class names have changed, and there have been some changes to the warning mnemonic hierarchy.
The configuration file parameter previously called VOLATILE_IS_UNKNOWABLE is now called VOLATILE_TREATMENT.
Improvements to analysis results. Improvements to the analysis and enhanced understanding of standard functions have eliminated some false positives and false negatives.
Normalized AST Changes: There are some new normalized AST classes for representing C++, and the normalized form for array assignment has changed. These changes may affect users who have custom-written code for processing ASTs.

Details

New Warning Classes

A number of new warning classes have been introduced in this version of CodeSonar. Many of the new clases are in support of the "Build Security In" (BSI) Checks.

Double Initialization	ALLOC.DI
MAX_PATH Exceeded	MISC.PATHLENGTH
Missing Return Value	LANG.FUNCS.MRV
Null Security Descriptor	MISC.NULLDACL
Use of _exec	BADFUNC.PATH._EXEC
Use of _spawn	BADFUNC.PATH._SPAWN
Use of AddAccessAllowedAce	BADFUNC.ADDACCESSACE
Use of AddAccessDeniedAce	BADFUNC.ADDACCESSACE
Use of AfxLoadLibrary	BADFUNC.PATH.AFXLOADLIBRARY
Use of AfxParseURL	BADFUNC.AFXPARSEURL
Use of catopen	BADFUNC.CATOPEN
Use of CoLoadLibrary	BADFUNC.PATH.COLOADLIBRARY
Use of CreateFile	BADFUNC.CREATEFILE
Use of CreateProcess	BADFUNC.CREATEPROCESS
Use of CreateThread	BADFUNC.CREATETHREAD
Use of chroot	BADFUNC.CHROOT
Use of cuserid	BADFUNC.CUSERID
Use of execlp	BADFUNC.PATH.EXECLP
Use of execvp	BADFUNC.PATH.EXECVP
Use of getlogin	BADFUNC.GETLOGIN
Use of getopt	BADFUNC.BO.GETOPT
Use of getpass	BADFUNC.BO.GETPASS
Use of GetTempFileName	BADFUNC.TEMP.GETTEMPFILENAME
Use of getwd	BADFUNC.BO.GETWD
Use of LoadLibrary	BADFUNC.PATH.LOADLIBRARY
Use of LoadModule	BADFUNC.LOADMODULE
Use of memset	BADFUNC.MEMSET
Use of MoveFile	BADFUNC.MOVEFILE
Use of OemToChar	BADFUNC.OEMTOCHAR
Use of popen	BADFUNC.PATH.POPEN
Use of rand	BADFUNC.RANDOM.RAND
Use of rand48 Function	BADFUNC.RANDOM.RAND48
Use of random	BADFUNC.RANDOM.RANDOM
Use of realpath	BADFUNC.BO.REALPATH
Use of recvmsg	BADFUNC.BO.RECMSG
Use of setuid	BADFUNC.SETUID
Use of SHCreateProcessAsUserW	BADFUNC.PATH.SHCREATEPROCESSASUSERW
Use of ShellExecute	BADFUNC.PATH.SHELLEXECUTE
Use of signal	BADFUNC.SIGNAL
Use of strcat	BADFUNC.BO.STRCAT
Use of StrCatChainW	BADFUNC.BO.STRCATCHAINW
Use of strcmp	BADFUNC.BO.STRCMP
Use of strcpy	BADFUNC.BO.STRCPY
Use of strlen	BADFUNC.BO.STRLEN
Use of strtrns	BADFUNC.BO.STRTRNS
Use of syslog	BADFUNC.BO.SYSLOG
Use of system	BADFUNC.PATH.SYSTEM
Use of t_open	BADFUNC.T_OPEN
Use of ttyname	BADFUNC.TTYNAME
Use of vfork	BADFUNC.VFORK
Use of WinExec	BADFUNC.WINEXEC

Expanded Web GUI Functionality

There are a number of extensions and improvements to the CodeSonar Web GUI.

"Sticky" token highlighting for source code in the GUI Source Listing and Warning Report pages. Previously users could hover over any token to highlight all occurrences of that token in the source. They can now chose make this highlighting 'sticky' by clicking the highlight icon. Existing highlighting can be removed with the unhighlight icon.
Fingerprint field. Warning tables in the GUI Analysis and Search Results pages now make a Fingerprint column available.
Warning editing from a warning table. Warning properties can be edited directly from warning tables in the GUI Analysis and Search Results pages. Hover over a warning's Priority, State, Finding, or Owner to pop up a menu icon; click the icon to display a menu of the available settings; select a menu item to update the setting.
Multi-select functionality in Advanced Search. The GUI Advanced Search page now permits multiple values to be selected for Priority, State, and Finding.
Improved Problem column. The messages in the Warning Report Problem column shown in have been redesigned for improved human-readability.

Mnemonic Changes

The warning mnemonic hierarchy has been restructured for additional clarity. The following mnemonics have changed.

Previous Mnemonic	New Mnemonic	Class Name
LANG.ALLOC.DF	ALLOC.DF	Double Free
LANG.ALLOC.FNH	ALLOC.FNH	Free Non-Heap Variable
LANG.ALLOC.FNP	ALLOC.FNP	Free Null Pointer
LANG.ALLOC.IOAS	ALLOC.IOAS	Integer Overflow of Allocation Size
LANG.ALLOC.LEAK	ALLOC.LEAK	Leak
LANG.ALLOC.MO	ALLOC.MO	Misaligned Object
LANG.ALLOC.RPF	ALLOC.RPF	Return Pointer To Freed
LANG.ALLOC.TM	ALLOC.TM	Type Mismatch
LANG.ALLOC.UAF	ALLOC.UAF	Use After Free
LANG.TYPE.NEGCHAR	MISC.NEGCHAR	Negative Character Value
POSIX.FMT	MISC.FMT	Format String
POSIX.FUNCS.INSECURE	BADFUNC.BO.GETS	Use of gets
	BADFUNC.CRYPT	Use of crypt
	BADFUNC.TEMP.MKTEMP	Use of mktemp
	BADFUNC.TEMP.TMPFILE	Use of tmpfile
	BADFUNC.TEMP.TMPNAM	Use of tmpnam
POSIX.FUNCS.LONGJMP	BADFUNC.LONGJMP	Use of longjmp
POSIX.FUNCS.NOEFFECT	MISC.NOEFFECT	Function Call Has No Effect
POSIX.FUNCS.SETJMP	BADFUNC.SETJMP	Use of setjmp
POSIX.IO.DC	IO.DC	Double Close
POSIX.IO.NEGFD	IO.NEGFD	Negative File Descriptor
POSIX.IO.UAC	IO.UAC	Use After Close
POSIX.MEM.CU	MISC.MEM.SU	Unreasonable Size Argument
POSIX.MEM.LU	MISC.MEM.SU	Unreasonable Size Argument
POSIX.MEM.OR	MISC.MEM.OR	Overlapping Memory Regions
POSIX.RACE.AO	IO.RACE	File System Race Condition
POSIX.RACE.TOCTTOU	IO.RACE	File System Race Condition
POSIX.SOCK.STATE	IO.SOCK.STATE	Socket In Wrong State
POSIX.STRINGS.NTERM	MISC.MEM.NTERM	No Space For Null Terminator
POSIX.THREAD.DL	CONCURRENCY.DL	Double Lock
POSIX.THREAD.DU	CONCURRENCY.DU	Double Unlock
POSIX.THREAD.TL	CONCURRENCY.TL	Try-lock that will never succeed
WIN32.SYNC.DEADLOCK	CONCURRENCY.DEADLOCK	Deadlock

Class and Class Name Changes

Some classes have been restructured, and some class names changed.

Previous Class Name	New Class Name
accept on socket in wrong state	Socket In Wrong State
access After Open	File System Race Condition
alloca Buffer Length Unreasonable	Unreasonable Size Argument
bcopy Length Unreasonable	Unreasonable Size Argument
bind on socket in wrong state	Socket In Wrong State
Call to longjmp	Use of longjmp
Call to setjmp	Use of setjmp
calloc Object Count Unreasonable	Unreasonable Size Argument
calloc Object Length Unreasonable	Unreasonable Size Argument
chown After Open	File System Race Condition
connect on socket in wrong state	Socket In Wrong State
Dangerous Function	Use of gets
Insecure Randomness	Use of crypt
Insecure Temporary File	Use of mktemp
	Use of tmpfile
	Use of tmpnam
listen on socket in wrong state	Socket In Wrong State
malloc Buffer Length Unreasonable	Unreasonable Size Argument
memccpy Length Unreasonable	Unreasonable Size Argument
memccpy With Overlapping Regions	Overlapping Memory Regions
memcpy Length Unreasonable	Unreasonable Size Argument
memcpy With Overlapping Regions	Overlapping Memory Regions
realloc Buffer Length Unreasonable	Unreasonable Size Argument
recv on socket in wrong state	Socket In Wrong State
recvfrom on socket in wrong state	Socket In Wrong State
recvmsg on socket in wrong state	Socket In Wrong State
send on socket in wrong state	Socket In Wrong State
stat After Open	File System Race Condition
strcpy With Overlapping Regions	Overlapping Memory Regions
strncpy Does Not Null-terminate	No Space For Null Terminator
strncpy Length Unreasonable	Unreasonable Size Argument
strncpy With Overlapping Regions	Overlapping Memory Regions

Normalized AST Changes

Normalized Form Change

The normalized form for array assignment has changed. This may affect users who have custom-written code for processing ASTs.

	Normalized Form	RHS Type	Pattern
Old:	*&ar[0] = ( 1, 2, 3 )	int (element type)	(c:ptr :type ?lhs-type :1 (c:addr :1 (c:array-ref :1 (and (c:variable :type (and (c:array) ?array-type)) ?id) :2 (c:integer-value :value 0) ))) ))
New:	ar = ( 1, 2, 3 )	int[3] (expression type)	(and (c:variable :type (and (c:array) ?lhs-type ?array-type)) ?id)

Normalized Form

RHS Type

Pattern

Old:

*&ar[0] = ( 1, 2, 3 )

int (element type)

(c:ptr 
   :type ?lhs-type
   :1 (c:addr 
      :1 (c:array-ref
         :1 (and (c:variable :type (and (c:array) ?array-type)) ?id)
         :2 (c:integer-value :value 0)
      )))
))

New:

ar = ( 1, 2, 3 )

int[3] (expression type)

(and (c:variable :type (and (c:array) ?lhs-type ?array-type)) ?id)

AST Class Changes

The following new normalized AST classes have been added to the hierarchy.

The following normalized AST classes have been modified.

c:class : new child :base-classes
c:struct new child :base-classes
c:base-class new attributes :offset and :is-virtual