Soft Bus Security Guard - Code Review Skill

Trigger Conditions

⚠️ This skill is only invoked when the user's input contains "软总线安全卫士" (Soft Bus Security Guard)

Trigger Examples:

```
软总线安全卫士 请审查这个文件：D:\code\example.c
```
(Soft Bus Security Guard, please review this file: D:\code\example.c)
```
请使用软总线安全卫士检查这个目录
```
(Please use Soft Bus Security Guard to check this directory)
```
软总线安全卫士 检视lnn_lane_dfx.c文件
```
(Soft Bus Security Guard, review the lnn_lane_dfx.c file)

Skill Overview

This skill is a dedicated code review tool for the OpenHarmony distributed soft bus (dsoftbus) communication component, covering:

Logging Specification Check: 1 core rule
Secure Coding Check: 40+ rules, covering 11 major categories
General Code Quality Check: Code complexity, readability, concurrency security, etc.
Cross-File Call Analysis: Call chain tracking, resource transfer, data flow analysis
Control Flow Analysis: Path-sensitive analysis, unreachable code detection

⚠️ Core Principle: This skill is a read-only code review tool that only analyzes code and generates reports, without modifying any source files.

Applicable Scenarios

OpenHarmony dsoftbus component code
C/C++ system-level communication code
Code involving IPC, network communication, and multi-threading
Code requiring strict logging specifications and secure coding

Quick Reference: Key Rule Index

Locate relevant rules quickly based on code features:

Code Feature	Relevant Rules
Function returns SOFTBUS_ERR	Logging Specification-1
Pointer bitwise operations ( `&` , `	`,` ^ `,` ~ `,` << `,` >>`)
Use of `*ptr` or `ptr->`	Pointer Safety-3, Temporary Variables-1
`arr[index]` access	Array Subscript-1,2
`SoftBusMutexLock` / `SoftBusMutexUnlock`	Lock Management-1,2,3
`SoftBusSocketCreate` / `SoftBusSocketClose`	fd Management-1,2
`malloc` / `free` , `new` / `delete`	Memory Management-1~11
Sensitive information printed via `HILOG_INFO`	Sensitive Information-1,2,3
Unsigned number decrement ( `i--` )	Loop Variables-1
`memcpy_s` , `strcpy_s` , etc.	Secure Functions-1,2
Path operations ( `.` , `..` )	External Input-1
New IPC interface added	Permission Check-1

📚 Detailed Rule Explanations

For detailed explanations, code examples, and fix solutions for each rule, please refer to:

Rule Details and Examples - Complete documentation for 40+ rules
- Problem description, risk level, problematic examples, fix solutions, and inspection points for each rule
- Includes complete code examples and best practices
- Includes formatted print type matching table and list of commonly used secure functions

🏷️ Rule Categories (Quick Index)

💡 Quick Navigation: Click the link after each rule to view detailed explanations and code examples

1. Logging Specifications (1 rule)

Prohibit returning SOFTBUS_ERR → Detailed Explanation

2. Pointer Safety (4 rules)

Prohibit pointer bitwise operations → Detailed Explanation
Check sizeof usage → Detailed Explanation
Null pointer dereference check → Detailed Explanation
IPC result null check → Detailed Explanation

3. Temporary Variables (3 rules)

Pointer variable initialization → Detailed Explanation
Resource descriptor initialization → Detailed Explanation
bool variable initialization → Detailed Explanation

4. Array Subscripts (2 rules)

Array out-of-bounds risk → Detailed Explanation
External input subscript validation → Detailed Explanation

5. Lock Management (3 rules)

Lock/Unlock paired use → Detailed Explanation
Lock variable consistency → Detailed Explanation
Release lock in all return paths → Detailed Explanation

6. fd Management (2 rules)

SocketCreate/Close paired use → Detailed Explanation
Correct fd closure → Detailed Explanation

7. Memory Management (11 rules)

Size validity check before memory allocation → Detailed Explanation
SoftBusMalloc/SoftBusCalloc paired use with SoftBusFree → Detailed Explanation
new paired use with delete → Detailed Explanation
Null check after memory allocation → Detailed Explanation
Nullify global variables after release → Detailed Explanation
Nullify after release in loop bodies → Detailed Explanation
Specific resource management (regcomp/regfree, cJSON_Parse/Delete, etc.) → Detailed Explanation

8. Sensitive Information (3 rules)

Prohibit printing of keys, paths, addresses, etc. → Detailed Explanation
Clear stack keys after use → Detailed Explanation
Anonymized printing of sensitive identifiers → Detailed Explanation

9. Integer Operations (2 rules)

Risk of overflow, underflow, division by zero → Detailed Explanation
Prohibit bitwise operations on signed integers → Detailed Explanation

10. Loop Variables (2 rules)

Unsigned number infinite loop → Detailed Explanation
Validation of loops controlled by external data → Detailed Explanation

11. Secure Functions (2 rules)

Return value check for secure functions → Detailed Explanation
Buffer size consistency → Detailed Explanation

12. Permission Validation (1 rule)

Permission validation for new SDK IPC interfaces → Detailed Explanation

13. External Input Validation (4 rules)

Path normalization → See Details
TLV parsing length validity → See Details
Source buffer actual size check → See Details
Complete validation scheme → See Details

14. External Data Validity (3 rules)

Validation of addition/subtraction/memory allocation based on external input → See Details
Default length validation → See Details
TLV format length validation → See Details

15. Common Issues (5 rules)

Resource release in exception branches → See Details
Resource leaks in macro definitions → See Details
Function return value consistency → See Details
Formatted print type matching → See Details
Struct byte alignment → See Details

Code Review Workflow

Step 1: Interactive Selection of Review Scope

Scenario A: User Specifies Path

Check for modifications under the path:
```
git status --porcelain <path>
```
If there are modifications, provide options:
- Full review of all code in the path
- Incremental review of modified code (total N files)
If no modifications, directly perform full review

Scenario B: User Does Not Specify Path

Check for modifications in the current repository:
```
git status --porcelain
```
Provide options:
- Review all repository code
- Specify review path
- Review locally modified code (total N files)
Execute based on user selection

Step 2: Code Specification Check

Check item by item according to the 40+ rules, referring to:

Rule Details Document - Detailed explanations and code examples for each rule
Use Grep tool to search for violation patterns
Combine contextual analysis to avoid false positives

Step 3: Cross-File Call Analysis

Core Capabilities: Analyze function call chains, track cross-file data flow and resource transfer

Call graph construction
Cross-file resource tracking (separated malloc/free)
Cross-file data flow analysis
Cross-file error handling
Cross-file access to global variables

Step 4: Control Flow Analysis

Core Capabilities: Analyze code execution paths, identify unreachable code and path-sensitive issues

Control flow graph construction
Unreachable code detection
Path-sensitive analysis
Uninitialized variable analysis
Resource release path analysis

Step 5: Generate Fix Recommendations

⚠️ Important Restriction: Only generate fix recommendation code in the report; strictly prohibit direct modification of source files

Provide for each issue:

Complete function or code block fix examples
Comments on modification reasons
Multiple fix solutions (if available)

Step 6: Generate Review Report

Create report directory:

d:/code-review-YYYYMMDD-HHMMSS/

Report Files:

```
code_review_report.md
```
- Complete review report
```
code_fixes.patch
```
- All fix code (in Git patch format)
```
statistics.json
```
- Statistical data

Common Error Quick Reference

💡 Detailed Inspection Methods: For detailed inspection methods, code examples, and fix solutions for each error pattern, please refer to the Checklist

Error Pattern	Risk Level	Quick Detection	See Section
Null pointer dereference	🔴 Critical	No NULL check before `*ptr` or `ptr->`	Pointer Safety-3
Unreleased lock	🔴 Critical	No Unlock called before return	Lock Management-1
Memory leak	🔴 Critical	malloc not paired with free	Memory Management-2
Sensitive information leakage	🔴 Critical	Log printing of keys/udid	Sensitive Information-1
Array out-of-bounds	🔴 Critical	No range validation for `arr[index]`	Array Subscript-1
Unsigned infinite loop	🔴 Critical	`uint32_t i--`	Loop Variables-1
Pointer bitwise operation	🟡 Warning	`ptr & mask`	Pointer Safety-1
Integer overflow	🟡 Warning	No check for size + offset	Integer Operations-1
Returning SOFTBUS_ERR	🟡 Warning	return SOFTBUS_ERR	Logging Specification-1
Uninitialized variable	🟡 Warning	Declared without initial value	Temporary Variables-1

Inspection Principles

Contextual Analysis

Check the context to confirm if protective measures are already in place
Avoid false positives (e.g., global variables may be initialized elsewhere)

Flexible Application

In addition to the 40+ explicitly defined rules, perform general code quality checks
Code complexity, readability, concurrency security, performance issues, etc.

Key Focus Areas

Code paths handling external input
Resource usage in macro definitions
Problematic code in conditional compilation
High-risk security issues (null pointers, memory leaks, sensitive information leakage)

Priority Order

Secure coding issues > Logging specification issues
Critical issues > Warning issues > Hint issues

Core Restrictions

⚠️ Strictly Prohibit Modifying Source Code:

This skill only reads and analyzes code
Fix recommendations are only for inclusion in reports
Never directly modify any source files
Read-only operations: Only use read-only tools such as Read, Grep, Glob, etc.

📖 Reference Documents

Detailed Rule Explanations

Rule Details and Examples - Detailed explanations and code examples for 40+ rules
- Problem description, risk level, problematic examples, fix solutions, and inspection points for each rule
- Includes complete code examples and best practices
- Includes formatted print type matching table and list of commonly used secure functions

Additional Resources

Common Error Quick Reference - Quickly locate error patterns
Usage Tips - How to effectively use this skill

Usage Tips

Quickly Locate Issues: Use the "Quick Reference" table to find relevant rules based on code features
Deeply Learn Rules: Read
```
references/security_rules_explained.md
```
to understand detailed explanations and code examples for each rule
Categorized Review: Check item by item according to "Rule Categories" to avoid omissions
Prioritize Critical Issues: Refer to the "Common Error Quick Reference" to fix high-risk issues first
Use Workflow: Conduct reviews systematically following the "Code Review Workflow"

Report Requirements

Automatic Report Generation: Reports are automatically generated in the
```
d:/code-review-timestamp/
```
directory after review completion
Report Directory Format: Use timestamp in
```
YYYYMMDD-HHMMSS
```
format
File Encoding: Report files use UTF-8 encoding to ensure proper display of Chinese characters
Fix Code for Reference Only: All fix code appears only in code blocks within report files and is not written to the source code directory

dsoftbus_safety_guard

NPX Install

Tags

SKILL.md Content (Chinese)