sqc 0.4.13

Software Code Quality - CERT C compliance checker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

/*
 * Rule: WIN05-C
 * Status: FAIL - CreateProcessA with unquoted path containing spaces
 */

typedef void *HANDLE;
typedef unsigned long DWORD;
typedef int BOOL;
typedef const char *LPCSTR;
typedef char *LPSTR;
typedef void *LPSECURITY_ATTRIBUTES;
typedef void *LPSTARTUPINFOA;
typedef void *LPPROCESS_INFORMATION;

BOOL CreateProcessA(LPCSTR, LPSTR, LPSECURITY_ATTRIBUTES,
    LPSECURITY_ATTRIBUTES, BOOL, DWORD, void*, LPCSTR,
    LPSTARTUPINFOA, LPPROCESS_INFORMATION);

void f(void) {
    CreateProcessA(
        0,
        "C:\\Program Files\\MyApp\\app.exe -flag",  /* VIOLATION: unquoted path with space */
        0, 0, 0, 0, 0, 0, 0, 0
    );
}