1e9297d28Sopenharmony_ci**Description:**
2e9297d28Sopenharmony_ci
3e9297d28Sopenharmony_ci**Issue number:**
4e9297d28Sopenharmony_ci
5e9297d28Sopenharmony_ci**Test & Result:**
6e9297d28Sopenharmony_ci
7e9297d28Sopenharmony_ci**CodeCheck:**
8e9297d28Sopenharmony_ci<table>
9e9297d28Sopenharmony_ci    <tr>
10e9297d28Sopenharmony_ci        <th>类型</th><th>自检项</th><th>自检结果</th>
11e9297d28Sopenharmony_ci    </tr>
12e9297d28Sopenharmony_ci    <tr>
13e9297d28Sopenharmony_ci        <td rowspan="2">多线程相关</td><td>在类的成员变量中定义了vector/map/list等容器类型,且在多个成员函数中有操作时,需要加锁保护</td><td>自检结果:</td>
14e9297d28Sopenharmony_ci    </tr>
15e9297d28Sopenharmony_ci    <tr>
16e9297d28Sopenharmony_ci        <td>定义全局变量,在多个函数中都有操作时,需要加锁保护</td><td>自检结果:</td>
17e9297d28Sopenharmony_ci    </tr>
18e9297d28Sopenharmony_ci    <tr>
19e9297d28Sopenharmony_ci        <td rowspan="4">内存相关</td><td>调用外部接口时,确认是否对返回值做了判断,尤其外部接口返回了nullptr的情况,避免进程崩溃</td><td>自检结果:</td>
20e9297d28Sopenharmony_ci    </tr>
21e9297d28Sopenharmony_ci    <tr>
22e9297d28Sopenharmony_ci        <td>调用安全函数时,如memcpy_s等,是否检查其返回值</td><td>自检结果:</td>
23e9297d28Sopenharmony_ci    </tr>
24e9297d28Sopenharmony_ci    <tr>
25e9297d28Sopenharmony_ci        <td>检查函数中是否涉及了内存或资源申请(如文件句柄),注意每个异常退出流程,是否都已经将资源释放(推荐使用RAII)</td><td>自检结果:</td>
26e9297d28Sopenharmony_ci    </tr>
27e9297d28Sopenharmony_ci    </tr>
28e9297d28Sopenharmony_ci    <tr>
29e9297d28Sopenharmony_ci        <td>隐式内存分配场景:realpath、ReadParcelable序列化、cJSON相关函数时等,需主动释放或使用智能指针</td><td>自检结果:</td>
30e9297d28Sopenharmony_ci    </tr>
31e9297d28Sopenharmony_ci    <tr>
32e9297d28Sopenharmony_ci        <td rowspan="4">校验外部输入</td><td>使用nlohmann:json解析外部输入时,需判断参数类型是否符合预期</td><td>自检结果:</td>
33e9297d28Sopenharmony_ci    </tr>
34e9297d28Sopenharmony_ci    <tr>
35e9297d28Sopenharmony_ci        <td>所有外部输入均不可信,需判断外部输入是否直接作为内存分配的大小,数组下标、循环条件、SQL查询等</td><td>自检结果:</td>
36e9297d28Sopenharmony_ci    </tr>
37e9297d28Sopenharmony_ci    <tr>
38e9297d28Sopenharmony_ci        <td>外部输入的路径不可信,需使用realpath做标准化处理,并判断路径的合法性</td><td>自检结果:</td>
39e9297d28Sopenharmony_ci    </tr>
40e9297d28Sopenharmony_ci    <tr>
41e9297d28Sopenharmony_ci        <td>外部输入包括对外提供的接口,IPC的proxy/stub接口,序列化/反序列化接口等</td><td>自检结果:</td>
42e9297d28Sopenharmony_ci    </tr>
43e9297d28Sopenharmony_ci    </tr>
44e9297d28Sopenharmony_ci    <tr>
45e9297d28Sopenharmony_ci        <td rowspan="2">数学运算</td><td>代码中是否混合了加减乘除等运算,需检查是否可能导致整数溢出或符号翻转</td><td>自检结果:</td>
46e9297d28Sopenharmony_ci    </tr>
47e9297d28Sopenharmony_ci    <tr>
48e9297d28Sopenharmony_ci        <td>需检查代码是否有高精度数字转换为低精度的操作,如果必须,建议使用C++安全类型转换接口</td><td>自检结果:</td>
49e9297d28Sopenharmony_ci    </tr>
50e9297d28Sopenharmony_ci    </tr>
51e9297d28Sopenharmony_ci     <tr>
52e9297d28Sopenharmony_ci        <td rowspan="1">秘钥相关</td><td>如变量临时保存了口令、秘钥等,需要在使用完成后及时清空(内存memset掉)</td><td>自检结果:</td>
53e9297d28Sopenharmony_ci    </tr>
54e9297d28Sopenharmony_ci    <tr>
55e9297d28Sopenharmony_ci        <td rowspan="2">权限相关</td><td>作为系统服务对外提供了接口,是否做了权限保护和校验(如需要),只允许申请了权限的应用访问</td><td>自检结果:</td>
56e9297d28Sopenharmony_ci    </tr>
57e9297d28Sopenharmony_ci    <tr>
58e9297d28Sopenharmony_ci        <td>内核对外提供了设备节点,是否做了权限保护,只允许特定的系统服务访问</td><td>自检结果:</td>
59e9297d28Sopenharmony_ci    </tr>
60e9297d28Sopenharmony_ci    </tr>
61e9297d28Sopenharmony_ci    <tr>
62e9297d28Sopenharmony_ci        <td rowspan="3">内核操作</td><td>如有mmap操作,并使用remap_pfn_range进行地址映射时,校验起始地址是否是用户态输入且没有做合法性校验</td><td>自检结果:</td>
63e9297d28Sopenharmony_ci    </tr>
64e9297d28Sopenharmony_ci    <tr>
65e9297d28Sopenharmony_ci        <td>是否有copy_from_user,并对外部输入的数据做了长度校验,以防止缓冲区溢出</td><td>自检结果:</td>
66e9297d28Sopenharmony_ci    </tr>
67e9297d28Sopenharmony_ci    <tr>
68e9297d28Sopenharmony_ci        <td>是否有使用copy_to_user,并在返回到用户态时,对数据做了完整初始化,或使用memset清空后再赋值</td><td>自检结果:</td>
69e9297d28Sopenharmony_ci    </tr>
70e9297d28Sopenharmony_ci    </tr>
71e9297d28Sopenharmony_ci</table>
72