C++: Add two recent queries to query suites

2026-05-02 12:15:17 +02:00 · 2018-10-01 13:38:13 +02:00
parent 54cd173da8
commit 308631e8ff
5 changed files with 8 additions and 0 deletions
--- a/cpp/config/suites/c/correctness
+++ b/cpp/config/suites/c/correctness
@@ -6,6 +6,7 @@
 + semmlecode-cpp-queries/Likely Bugs/Arithmetic/IntMultToLong.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql: /Correctness/Dangerous Conversions
+ semmlecode-cpp-queries/Security/CWE/CWE-253/HResultBooleanConversion.ql: /Correctness/Dangerous Conversions
  # Consistent Use 
 + semmlecode-cpp-queries/Critical/ReturnValueIgnored.ql: /Correctness/Consistent Use
 + semmlecode-cpp-queries/Likely Bugs/InconsistentCheckReturnNull.ql: /Correctness/Consistent Use
--- a/cpp/config/suites/cpp/correctness
+++ b/cpp/config/suites/cpp/correctness
@@ -7,6 +7,7 @@
 + semmlecode-cpp-queries/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql: /Correctness/Dangerous Conversions
 + semmlecode-cpp-queries/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql: /Correctness/Dangerous Conversions
+ semmlecode-cpp-queries/Security/CWE/CWE-253/HResultBooleanConversion.ql: /Correctness/Dangerous Conversions
  # Consistent Use 
 + semmlecode-cpp-queries/Critical/ReturnValueIgnored.ql: /Correctness/Consistent Use
 + semmlecode-cpp-queries/Likely Bugs/InconsistentCheckReturnNull.ql: /Correctness/Consistent Use
--- a/cpp/config/suites/security/cwe-253
+++ b/cpp/config/suites/security/cwe-253
@@ -0,0 +1,3 @@
+# CWE-253: Incorrect Check of Function Return Value
+ semmlecode-cpp-queries/Security/CWE/CWE-253/HResultBooleanConversion.ql: /CWE/CWE-253
+    @name Cast between HRESULT and a Boolean type (CWE-253)
--- a/cpp/config/suites/security/cwe-732
+++ b/cpp/config/suites/security/cwe-732
@@ -1,3 +1,5 @@
 # CWE-732: Incorrect Permission Assignment for Critical Resource
 + semmlecode-cpp-queries/Security/CWE/CWE-732/DoNotCreateWorldWritable.ql: /CWE/CWE-732
    @name File created without restricting permissions (CWE-732)
+ semmlecode-cpp-queries/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql: /CWE/CWE-732
+    @name Setting a DACL to NULL in a SECURITY_DESCRIPTOR (CWE-732)
--- a/cpp/config/suites/security/default
+++ b/cpp/config/suites/security/default
@@ -13,6 +13,7 @@
@import "cwe-170"
@import "cwe-190"
@import "cwe-242"
+@import "cwe-253"
@import "cwe-290"
@import "cwe-311"
@import "cwe-327"