diff --git a/cpp/config/suites/c/code-review b/cpp/config/suites/c/code-review new file mode 100644 index 00000000000..d5ae6f9afea --- /dev/null +++ b/cpp/config/suites/c/code-review @@ -0,0 +1,31 @@ ++ semmlecode-cpp-queries/Likely Bugs/Conversion/LossyPointerCast.ql: /Critical/Critical_Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Best Practices/Likely Errors/Slicing.ql: /Critical/Critical_Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BadCheckOdd.ql: /Critical/Critical_Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/IntMultToLong.ql: /Critical/Critical_Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql: /Critical/Critical_Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql: /Critical/Critical_Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/AssignWhereCompareMeant.ql: /Critical/Critical_Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/CompareWhereAssignMeant.ql: /Critical/Critical_Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/ExprHasNoEffect.ql: /Critical/Critical_Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/ShortCircuitBitMask.ql: /Critical/Critical_Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/MissingEnumCaseInSwitch.ql: /Critical/Critical_Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BitwiseSignCheck.ql: /Critical/Critical_Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToMemset.ql: /Critical/Critical_Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousSizeof.ql: /Critical/Critical_Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/UnsafeUseOfStrcat.ql: /Critical/Critical_Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql: /Critical/Critical_Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/StrncpyFlippedArgs.ql: /Critical/Critical_Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/WrongNumberOfFormatArguments.ql: /Critical/Critical_Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/TooManyFormatArguments.ql: /Critical/Critical_Correctness/Use of Libraries ++ semmlecode-cpp-queries/jsf/4.21 Operators/AV Rule 166.ql: /Critical/Critical_Correctness/Use of Libraries # Sizeof with side effects ++ semmlecode-cpp-queries/jsf/4.07 Header Files/AV Rule 35.ql: /Critical/Critical_Maintainability/Coupling # Missing header guard ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/ComparisonPrecedence.ql: /Critical/Critical_Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/UnsignedGEZero.ql: /Critical/Critical_Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/PointlessComparison.ql: /Critical/Critical_Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql: /Critical/Critical_Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/PointlessSelfComparison.ql: /Critical/Critical_Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/DubiousNullCheck.ql: /Critical/Critical_Readability/Control Flow ++ semmlecode-cpp-queries/jsf/4.24 Control Flow Structures/AV Rule 197.ql: /Critical/Critical_Readability/Control Flow + +## FLinesOfCode.ql is used internally. ++ odasa-cpp-metrics/Files/FLinesOfCode.ql diff --git a/cpp/config/suites/c/correctness b/cpp/config/suites/c/correctness new file mode 100644 index 00000000000..f3f9bebf4a5 --- /dev/null +++ b/cpp/config/suites/c/correctness @@ -0,0 +1,38 @@ +# CORRECTNESS + # Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/LossyPointerCast.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Best Practices/Likely Errors/Slicing.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BadCheckOdd.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/IntMultToLong.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql: /Correctness/Dangerous Conversions + # Consistent Use ++ semmlecode-cpp-queries/Critical/ReturnValueIgnored.ql: /Correctness/Consistent Use ++ semmlecode-cpp-queries/Likely Bugs/InconsistentCheckReturnNull.ql: /Correctness/Consistent Use ++ semmlecode-cpp-queries/Likely Bugs/InconsistentCallOnResult.ql: /Correctness/Consistent Use + # Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/AssignWhereCompareMeant.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/CompareWhereAssignMeant.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/ExprHasNoEffect.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/ShortCircuitBitMask.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/MissingEnumCaseInSwitch.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/FloatComparison.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BitwiseSignCheck.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/NestedLoopSameVar.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/UseInOwnInitializer.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Critical/NewArrayDeleteMismatch.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Critical/NewDeleteArrayMismatch.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Critical/NewFreeMismatch.ql: /Correctness/Common Errors + # Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToMemset.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousSizeof.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/UnsafeUseOfStrcat.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/StrncpyFlippedArgs.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/WrongNumberOfFormatArguments.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/TooManyFormatArguments.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/WrongTypeFormatArguments.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/NonConstantFormat.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/SnprintfOverflow.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/jsf/4.21 Operators/AV Rule 166.ql: /Correctness/Use of Libraries # Sizeof with side effects diff --git a/cpp/config/suites/c/internal b/cpp/config/suites/c/internal new file mode 100644 index 00000000000..ba6a1573c32 --- /dev/null +++ b/cpp/config/suites/c/internal @@ -0,0 +1,5 @@ ++ odasa-cpp-metrics/Internal/CallableDisplayStrings.ql ++ odasa-cpp-metrics/Internal/CallableExtents.ql ++ odasa-cpp-metrics/Internal/CallableSourceLinks.ql ++ odasa-cpp-metrics/Internal/ReftypeDisplayStrings.ql ++ odasa-cpp-metrics/Internal/ReftypeSourceLinks.ql diff --git a/cpp/config/suites/c/maintainability b/cpp/config/suites/c/maintainability new file mode 100644 index 00000000000..a9d74de831f --- /dev/null +++ b/cpp/config/suites/c/maintainability @@ -0,0 +1,22 @@ +# MAINTAINABILITY + # Coupling ++ semmlecode-cpp-queries/jsf/4.06 Pre-Processing Directives/AV Rule 32.ql: /Maintainability/Coupling # Include header files only ++ semmlecode-cpp-queries/jsf/4.07 Header Files/AV Rule 35.ql: /Maintainability/Coupling # Missing header guard ++ semmlecode-cpp-queries/Header Cleanup/Cleanup-DuplicateIncludeGuard.ql: /Maintainability/Coupling # Duplicate header guards ++ semmlecode-cpp-queries/Architecture/FeatureEnvy.ql: /Maintainability/Coupling ++ semmlecode-cpp-queries/Architecture/InappropriateIntimacy.ql: /Maintainability/Coupling + # Size ++ semmlecode-cpp-queries/Architecture/Refactoring Opportunities/ClassesWithManyFields.ql: /Maintainability/Size + @name Structs with too many members + # Documentation ++ semmlecode-cpp-queries/Documentation/CommentedOutCode.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/TodoComments.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/FixmeComments.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/UncommentedFunction.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/DocumentApi.ql: /Maintainability/Documentation + # Declarations ++ semmlecode-cpp-queries/Best Practices/Magic Constants/MagicConstantsString.ql: /Maintainability/Declarations ++ semmlecode-cpp-queries/Best Practices/Magic Constants/MagicConstantsNumbers.ql: /Maintainability/Declarations ++ semmlecode-cpp-queries/Best Practices/SloppyGlobal.ql: /Maintainability/Declarations + # Memory management ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/StackAddressEscapes.ql: /Maintainability/Memory Management diff --git a/cpp/config/suites/c/metric-defects b/cpp/config/suites/c/metric-defects new file mode 100644 index 00000000000..0e344b98cd1 --- /dev/null +++ b/cpp/config/suites/c/metric-defects @@ -0,0 +1,17 @@ ++ odasa-cpp-metrics/Files/NumberOfPublicGlobals.ql: /Maintainability/Coupling + @warning-from 11 ++ odasa-cpp-metrics/Files/FEfferentCoupling.ql: /Maintainability/Coupling + @warning-from 120 ++ odasa-cpp-metrics/Functions/FunNumberOfParameters.ql: /Maintainability/Size + @warning-from 9 ++ odasa-cpp-metrics/Functions/FunLinesOfCode.ql: /Maintainability/Size + @warning-from 250 ++ odasa-cpp-metrics/Files/FLinesOfCode.ql: /Maintainability/Size + @warning-from 1500 + # Complexity ++ odasa-cpp-metrics/Functions/FunNumberOfCalls.ql: /Maintainability/Complexity + @warning-from 100 ++ odasa-cpp-metrics/Functions/StatementNestingDepth.ql: /Maintainability/Complexity + @recommendation-from 7 ++ odasa-cpp-metrics/Functions/FunCyclomaticComplexity.ql: /Maintainability/Complexity + @recommendation-from 100 diff --git a/cpp/config/suites/c/metrics b/cpp/config/suites/c/metrics new file mode 100644 index 00000000000..e9587e5ce98 --- /dev/null +++ b/cpp/config/suites/c/metrics @@ -0,0 +1,48 @@ +# DASHBOARD METRICS + +@import metrics-external + + # Build ++ odasa-cpp-metrics/Files/FTimeInFrontend.ql: /Metrics/Build + + # Complexity ++ odasa-cpp-metrics/Files/FCyclomaticComplexity.ql: /Metrics/Complexity + @treemap.warnOn highValues ++ odasa-cpp-metrics/Files/NumberOfParameters.ql: /Metrics/Complexity + @treemap.warnOn highValues ++ odasa-cpp-metrics/Functions/StatementNestingDepth.ql: /Metrics/Complexity + @treemap.warnOn highValues + + # Coupling ++ odasa-cpp-metrics/Files/FAfferentCoupling.ql: /Metrics/Coupling ++ odasa-cpp-metrics/Files/FEfferentCoupling.ql: /Metrics/Coupling ++ semmlecode-cpp-queries/Metrics/Files/FLinesOfDuplicatedCode.ql: /Metrics/Coupling + + # Documentation ++ odasa-cpp-metrics/Files/FCommentRatio.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Files/FLinesOfComments.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Files/FTodoComments.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Functions/FunLinesOfComments.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Functions/FunPercentageOfComments.ql: /Metrics/Documentation + @treemap.warnOn lowValues ++ odasa-cpp-metrics/Files/FLinesOfCommentedOutCode.ql: /Metrics/Documentation + + # Globals ++ odasa-cpp-metrics/Files/NumberOfFunctions.ql: /Metrics/Globals ++ odasa-cpp-metrics/Files/NumberOfGlobals.ql: /Metrics/Globals ++ odasa-cpp-metrics/Files/NumberOfPublicFunctions.ql: /Metrics/Globals ++ odasa-cpp-metrics/Files/NumberOfPublicGlobals.ql: /Metrics/Globals + + # Preprocessor ++ odasa-cpp-metrics/Files/FDirectIncludes.ql: /Metrics/Preprocessor + @treemap.warnOn highValues ++ odasa-cpp-metrics/Files/FMacroRatio.ql: /Metrics/Preprocessor ++ odasa-cpp-metrics/Files/FTransitiveIncludes.ql: /Metrics/Preprocessor + @treemap.warnOn highValues + + # Size ++ odasa-cpp-metrics/Files/FLinesOfCode.ql: /Metrics/Size ++ odasa-cpp-metrics/Files/FNumberOfTests.ql: /Metrics/Size ++ odasa-cpp-metrics/Functions/FunLinesOfCode.ql: /Metrics/Size ++ odasa-cpp-metrics/Functions/FunNumberOfStatements.ql: /Metrics/Size + @treemap.warnOn highValues diff --git a/cpp/config/suites/c/metrics-external b/cpp/config/suites/c/metrics-external new file mode 100644 index 00000000000..c3e528d04a8 --- /dev/null +++ b/cpp/config/suites/c/metrics-external @@ -0,0 +1,3 @@ ++ odasa-cpp-metrics/External/FileCompilationSourceLinks.ql ++ odasa-cpp-metrics/External/FileCompilationDisplayStrings.ql + diff --git a/cpp/config/suites/c/readability b/cpp/config/suites/c/readability new file mode 100644 index 00000000000..94468de6803 --- /dev/null +++ b/cpp/config/suites/c/readability @@ -0,0 +1,35 @@ +# READABILITY + # Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/ComparisonPrecedence.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/UnsignedGEZero.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/PointlessComparison.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/PointlessSelfComparison.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/ComparisonWithCancelingSubExpr.ql: /Readability/Expressions + # Control Flow ++ semmlecode-cpp-queries/Best Practices/Likely Errors/EmptyBlock.ql: /Readability/Control Flow ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/FutileConditional.ql: /Readability/Control Flow ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/DubiousNullCheck.ql: /Readability/Control Flow ++ semmlecode-cpp-queries/jsf/4.24 Control Flow Structures/AV Rule 197.ql: /Readability/Control Flow # Avoid floats in for loops ++ semmlecode-cpp-queries/jsf/4.24 Control Flow Structures/AV Rule 201.ql: /Readability/Control Flow # For loop variable changed in body ++ semmlecode-cpp-queries/jsf/4.24 Control Flow Structures/AV Rule 196.ql: /Readability/Control Flow # No trivial switch statements ++ semmlecode-cpp-queries/Likely Bugs/ShortLoopVarName.ql: /Readability/Control Flow + # Declarations ++ semmlecode-cpp-queries/Best Practices/Hiding/LocalVariableHidesGlobalVariable.ql: /Readability/Declarations ++ semmlecode-cpp-queries/Best Practices/Hiding/DeclarationHidesParameter.ql: /Readability/Declarations ++ semmlecode-cpp-queries/Best Practices/Hiding/DeclarationHidesVariable.ql: /Readability/Declarations ++ semmlecode-cpp-queries/jsf/4.13 Functions/AV Rule 107.ql: /Readability/Declarations # Function declared in block ++ semmlecode-cpp-queries/Critical/LargeParameter.ql: /Readability/Declarations + # Size ++ semmlecode-cpp-queries/Best Practices/SwitchLongCase.ql: /Readability/Size ++ semmlecode-cpp-queries/Best Practices/BlockWithTooManyStatements.ql: /Readability/Size ++ semmlecode-cpp-queries/Best Practices/ComplexCondition.ql: /Readability/Size + # Safe Language ++ semmlecode-cpp-queries/Likely Bugs/AmbiguouslySignedBitField.ql: /Readability/Safe Language # Ambiguously signed bit-field member ++ semmlecode-cpp-queries/jsf/4.17 Types/AV Rule 148.ql: /Readability/Safe Language # Use of integer where enum is preferred ++ semmlecode-cpp-queries/jsf/4.16 Initialization/AV Rule 145.ql: /Readability/Safe Language # Enum initialisation ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 97.ql: /Readability/Safe Language # No arrays in interfaces ++ semmlecode-cpp-queries/Likely Bugs/ReturnConstType.ql: /Readability/Safe Language ++ semmlecode-cpp-queries/jsf/4.13 Functions/AV Rule 114.ql: /Readability/Safe Language + @name Missing return statement ++ semmlecode-cpp-queries/Best Practices/UseOfGoto.ql: /Readability/Safe Language + diff --git a/cpp/config/suites/c/useless-code b/cpp/config/suites/c/useless-code new file mode 100644 index 00000000000..c04b5df6eec --- /dev/null +++ b/cpp/config/suites/c/useless-code @@ -0,0 +1,8 @@ +# USELESS CODE ++ semmlecode-cpp-queries/Best Practices/Unused Entities/UnusedStaticFunctions.ql: /Useless Code ++ semmlecode-cpp-queries/Best Practices/Unused Entities/UnusedStaticVariables.ql: /Useless Code ++ semmlecode-cpp-queries/Best Practices/Unused Entities/UnusedLocals.ql: /Useless Code ++ semmlecode-cpp-queries/external/DuplicateFunction.ql: /Useless Code/Duplicate Code ++ semmlecode-cpp-queries/external/MostlyDuplicateFile.ql: /Useless Code/Duplicate Code ++ semmlecode-cpp-queries/external/MostlyDuplicateFunction.ql: /Useless Code/Duplicate Code ++ semmlecode-cpp-queries/external/MostlySimilarFile.ql: /Useless Code/Duplicate Code diff --git a/cpp/config/suites/cpp/code-review b/cpp/config/suites/cpp/code-review new file mode 100644 index 00000000000..5e78b897635 --- /dev/null +++ b/cpp/config/suites/cpp/code-review @@ -0,0 +1,9 @@ ++ semmlecode-cpp-queries/Best Practices/Exceptions/AccidentalRethrow.ql: /Critical/Critical_Correctness/Exceptions ++ semmlecode-cpp-queries/Best Practices/Exceptions/CatchingByValue.ql: /Critical/Critical_Correctness/Exceptions ++ semmlecode-cpp-queries/Best Practices/Exceptions/LeakyCatch.ql: /Critical/Critical_Correctness/Exceptions ++ semmlecode-cpp-queries/Best Practices/Exceptions/ThrowingPointers.ql: /Critical/Critical_Correctness/Exceptions ++ semmlecode-cpp-queries/Likely Bugs/OO/ThrowInDestructor.ql: /Critical/Critical_Readability/Safe Language/C++ ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 95.ql: /Critical/Critical_Readability/JSF # Redefined default parameter + +@import ../c/code-review + diff --git a/cpp/config/suites/cpp/correctness b/cpp/config/suites/cpp/correctness new file mode 100644 index 00000000000..e1195442623 --- /dev/null +++ b/cpp/config/suites/cpp/correctness @@ -0,0 +1,45 @@ +# CORRECTNESS + # Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/LossyPointerCast.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Best Practices/Likely Errors/Slicing.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BadCheckOdd.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/IntMultToLong.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql: /Correctness/Dangerous Conversions ++ semmlecode-cpp-queries/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql: /Correctness/Dangerous Conversions + # Consistent Use ++ semmlecode-cpp-queries/Critical/ReturnValueIgnored.ql: /Correctness/Consistent Use ++ semmlecode-cpp-queries/Likely Bugs/InconsistentCheckReturnNull.ql: /Correctness/Consistent Use ++ semmlecode-cpp-queries/Likely Bugs/InconsistentCallOnResult.ql: /Correctness/Consistent Use + # Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/AssignWhereCompareMeant.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/CompareWhereAssignMeant.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/ExprHasNoEffect.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/ShortCircuitBitMask.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/MissingEnumCaseInSwitch.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/FloatComparison.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BitwiseSignCheck.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/NestedLoopSameVar.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Likely Bugs/UseInOwnInitializer.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Critical/NewArrayDeleteMismatch.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Critical/NewDeleteArrayMismatch.ql: /Correctness/Common Errors ++ semmlecode-cpp-queries/Critical/NewFreeMismatch.ql: /Correctness/Common Errors + # Exceptions ++ semmlecode-cpp-queries/Best Practices/Exceptions/AccidentalRethrow.ql: /Correctness/Exceptions ++ semmlecode-cpp-queries/Best Practices/Exceptions/CatchingByValue.ql: /Correctness/Exceptions ++ semmlecode-cpp-queries/Best Practices/Exceptions/LeakyCatch.ql: /Correctness/Exceptions ++ semmlecode-cpp-queries/Best Practices/Exceptions/ThrowingPointers.ql: /Correctness/Exceptions + # Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToMemset.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousSizeof.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/UnsafeUseOfStrcat.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/StrncpyFlippedArgs.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/ReturnCstrOfLocalStdString.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/WrongNumberOfFormatArguments.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/TooManyFormatArguments.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/WrongTypeFormatArguments.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/NonConstantFormat.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/Likely Bugs/Format/SnprintfOverflow.ql: /Correctness/Use of Libraries ++ semmlecode-cpp-queries/jsf/4.21 Operators/AV Rule 166.ql: /Correctness/Use of Libraries # Sizeof with side effects diff --git a/cpp/config/suites/cpp/internal b/cpp/config/suites/cpp/internal new file mode 100644 index 00000000000..ba6a1573c32 --- /dev/null +++ b/cpp/config/suites/cpp/internal @@ -0,0 +1,5 @@ ++ odasa-cpp-metrics/Internal/CallableDisplayStrings.ql ++ odasa-cpp-metrics/Internal/CallableExtents.ql ++ odasa-cpp-metrics/Internal/CallableSourceLinks.ql ++ odasa-cpp-metrics/Internal/ReftypeDisplayStrings.ql ++ odasa-cpp-metrics/Internal/ReftypeSourceLinks.ql diff --git a/cpp/config/suites/cpp/maintainability b/cpp/config/suites/cpp/maintainability new file mode 100644 index 00000000000..9b08f4de8d2 --- /dev/null +++ b/cpp/config/suites/cpp/maintainability @@ -0,0 +1,20 @@ +# MAINTAINABILITY + # Coupling ++ semmlecode-cpp-queries/jsf/4.06 Pre-Processing Directives/AV Rule 32.ql: /Maintainability/Coupling # Include header files only ++ semmlecode-cpp-queries/jsf/4.07 Header Files/AV Rule 35.ql: /Maintainability/Coupling # Missing header guard ++ semmlecode-cpp-queries/Header Cleanup/Cleanup-DuplicateIncludeGuard.ql: /Maintainability/Coupling # Duplicate header guards ++ semmlecode-cpp-queries/Architecture/FeatureEnvy.ql: /Maintainability/Coupling ++ semmlecode-cpp-queries/Architecture/InappropriateIntimacy.ql: /Maintainability/Coupling ++ semmlecode-cpp-queries/Architecture/Refactoring Opportunities/ClassesWithManyFields.ql: /Maintainability/Size + # Documentation ++ semmlecode-cpp-queries/Documentation/CommentedOutCode.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/TodoComments.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/FixmeComments.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/UncommentedFunction.ql: /Maintainability/Documentation ++ semmlecode-cpp-queries/Documentation/DocumentApi.ql: /Maintainability/Documentation + # Declarations ++ semmlecode-cpp-queries/Best Practices/Magic Constants/MagicConstantsString.ql: /Maintainability/Declarations ++ semmlecode-cpp-queries/Best Practices/Magic Constants/MagicConstantsNumbers.ql: /Maintainability/Declarations ++ semmlecode-cpp-queries/Best Practices/SloppyGlobal.ql: /Maintainability/Declarations + # Memory management ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/StackAddressEscapes.ql: /Maintainability/Memory Management diff --git a/cpp/config/suites/cpp/metric-defects b/cpp/config/suites/cpp/metric-defects new file mode 100644 index 00000000000..c15a205b527 --- /dev/null +++ b/cpp/config/suites/cpp/metric-defects @@ -0,0 +1,18 @@ ++ odasa-cpp-metrics/Files/NumberOfPublicGlobals.ql: /Maintainability/Coupling + @warning-from 7 ++ odasa-cpp-metrics/Files/FEfferentCoupling.ql: /Maintainability/Coupling + @warning-from 120 + # Size ++ odasa-cpp-metrics/Functions/FunNumberOfParameters.ql: /Maintainability/Size + @warning-from 11 ++ odasa-cpp-metrics/Functions/FunLinesOfCode.ql: /Maintainability/Size + @warning-from 200 ++ odasa-cpp-metrics/Files/FLinesOfCode.ql: /Maintainability/Size + @warning-from 1000 + # Complexity ++ odasa-cpp-metrics/Functions/FunNumberOfCalls.ql: /Maintainability/Complexity + @warning-from 100 ++ odasa-cpp-metrics/Functions/StatementNestingDepth.ql: /Maintainability/Complexity + @recommendation-from 6 ++ odasa-cpp-metrics/Functions/FunCyclomaticComplexity.ql: /Maintainability/Complexity + @recommendation-from 75 diff --git a/cpp/config/suites/cpp/metrics b/cpp/config/suites/cpp/metrics new file mode 100644 index 00000000000..e874ce6be14 --- /dev/null +++ b/cpp/config/suites/cpp/metrics @@ -0,0 +1,61 @@ +# DASHBOARD METRICS + +@import metrics-external + + # Build ++ odasa-cpp-metrics/Files/FTimeInFrontend.ql: /Metrics/Build + + # Complexity ++ odasa-cpp-metrics/Classes/CPercentageOfComplexCode.ql: /Metrics/Complexity ++ odasa-cpp-metrics/Classes/CResponse.ql : /Metrics/Complexity ++ odasa-cpp-metrics/Files/FCyclomaticComplexity.ql: /Metrics/Complexity + @treemap.warnOn highValues ++ odasa-cpp-metrics/Files/NumberOfParameters.ql: /Metrics/Complexity + @treemap.warnOn highValues ++ odasa-cpp-metrics/Functions/StatementNestingDepth.ql: /Metrics/Complexity + @treemap.warnOn highValues + + # Coupling ++ odasa-cpp-metrics/Classes/CAfferentCoupling.ql: /Metrics/Coupling ++ odasa-cpp-metrics/Classes/CEfferentCoupling.ql: /Metrics/Coupling ++ odasa-cpp-metrics/Files/FAfferentCoupling.ql: /Metrics/Coupling ++ odasa-cpp-metrics/Files/FEfferentCoupling.ql: /Metrics/Coupling ++ semmlecode-cpp-queries/Metrics/Files/FLinesOfDuplicatedCode.ql: /Metrics/Coupling + + # Documentation ++ odasa-cpp-metrics/Files/FCommentRatio.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Files/FLinesOfComments.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Files/FTodoComments.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Functions/FunLinesOfComments.ql: /Metrics/Documentation ++ odasa-cpp-metrics/Functions/FunPercentageOfComments.ql: /Metrics/Documentation + @treemap.warnOn lowValues ++ odasa-cpp-metrics/Files/FLinesOfCommentedOutCode.ql: /Metrics/Documentation + + # Encapsulation ++ odasa-cpp-metrics/Classes/CInheritanceDepth.ql: /Metrics/Encapsulation ++ odasa-cpp-metrics/Classes/CLackOfCohesionCK.ql: /Metrics/Encapsulation ++ odasa-cpp-metrics/Classes/CSizeOfAPI.ql: /Metrics/Encapsulation ++ odasa-cpp-metrics/Classes/CSpecialisation.ql: /Metrics/Encapsulation + + # Globals ++ odasa-cpp-metrics/Files/NumberOfFunctions.ql: /Metrics/Globals ++ odasa-cpp-metrics/Files/NumberOfGlobals.ql: /Metrics/Globals ++ odasa-cpp-metrics/Files/NumberOfPublicFunctions.ql: /Metrics/Globals ++ odasa-cpp-metrics/Files/NumberOfPublicGlobals.ql: /Metrics/Globals + + # Preprocessor ++ odasa-cpp-metrics/Files/FDirectIncludes.ql: /Metrics/Preprocessor + @treemap.warnOn highValues ++ odasa-cpp-metrics/Files/FMacroRatio.ql: /Metrics/Preprocessor ++ odasa-cpp-metrics/Files/FTransitiveIncludes.ql: /Metrics/Preprocessor + @treemap.warnOn highValues + + # Size ++ odasa-cpp-metrics/Files/FLinesOfCode.ql: /Metrics/Size ++ odasa-cpp-metrics/Files/FNumberOfTests.ql: /Metrics/Size ++ odasa-cpp-metrics/Functions/FunLinesOfCode.ql: /Metrics/Size ++ odasa-cpp-metrics/Functions/FunNumberOfStatements.ql: /Metrics/Size + @treemap.warnOn highValues ++ odasa-cpp-metrics/Classes/CLinesOfCode.ql: /Metrics/Size ++ odasa-cpp-metrics/Classes/CNumberOfFields.ql: /Metrics/Size ++ odasa-cpp-metrics/Classes/CNumberOfFunctions.ql: /Metrics/Size diff --git a/cpp/config/suites/cpp/metrics-external b/cpp/config/suites/cpp/metrics-external new file mode 100644 index 00000000000..c3e528d04a8 --- /dev/null +++ b/cpp/config/suites/cpp/metrics-external @@ -0,0 +1,3 @@ ++ odasa-cpp-metrics/External/FileCompilationSourceLinks.ql ++ odasa-cpp-metrics/External/FileCompilationDisplayStrings.ql + diff --git a/cpp/config/suites/cpp/readability b/cpp/config/suites/cpp/readability new file mode 100644 index 00000000000..336f3c7962d --- /dev/null +++ b/cpp/config/suites/cpp/readability @@ -0,0 +1,49 @@ +# READABILITY + # Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/ComparisonPrecedence.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/UnsignedGEZero.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/PointlessComparison.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/PointlessSelfComparison.ql: /Readability/Expressions ++ semmlecode-cpp-queries/Likely Bugs/Arithmetic/ComparisonWithCancelingSubExpr.ql: /Readability/Expressions + # Control Flow ++ semmlecode-cpp-queries/Best Practices/Likely Errors/EmptyBlock.ql: /Readability/Control Flow ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/FutileConditional.ql: /Readability/Control Flow ++ semmlecode-cpp-queries/Likely Bugs/Likely Typos/DubiousNullCheck.ql: /Readability/Control Flow ++ semmlecode-cpp-queries/jsf/4.24 Control Flow Structures/AV Rule 197.ql: /Readability/Control Flow # Avoid floats in for loops ++ semmlecode-cpp-queries/jsf/4.24 Control Flow Structures/AV Rule 201.ql: /Readability/Control Flow # For loop variable changed in body ++ semmlecode-cpp-queries/jsf/4.24 Control Flow Structures/AV Rule 196.ql: /Readability/Control Flow # No trivial switch statements ++ semmlecode-cpp-queries/Likely Bugs/ShortLoopVarName.ql: /Readability/Control Flow + # Declarations ++ semmlecode-cpp-queries/Best Practices/Hiding/LocalVariableHidesGlobalVariable.ql: /Readability/Declarations ++ semmlecode-cpp-queries/Best Practices/Hiding/DeclarationHidesParameter.ql: /Readability/Declarations ++ semmlecode-cpp-queries/Best Practices/Hiding/DeclarationHidesVariable.ql: /Readability/Declarations ++ semmlecode-cpp-queries/jsf/4.13 Functions/AV Rule 107.ql: /Readability/Declarations # Function declared in block ++ semmlecode-cpp-queries/Critical/LargeParameter.ql: /Readability/Declarations + # Size ++ semmlecode-cpp-queries/Best Practices/SwitchLongCase.ql: /Readability/Size ++ semmlecode-cpp-queries/Best Practices/BlockWithTooManyStatements.ql: /Readability/Size ++ semmlecode-cpp-queries/Best Practices/ComplexCondition.ql: /Readability/Size + # Safe Language ++ semmlecode-cpp-queries/Likely Bugs/AmbiguouslySignedBitField.ql: /Readability/Safe Language # Ambiguously signed bit-field member ++ semmlecode-cpp-queries/jsf/4.17 Types/AV Rule 148.ql: /Readability/Safe Language # Use of integer where enum is preferred ++ semmlecode-cpp-queries/jsf/4.16 Initialization/AV Rule 145.ql: /Readability/Safe Language # Enum initialisation ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 97.ql: /Readability/Safe Language # No arrays in interfaces ++ semmlecode-cpp-queries/Likely Bugs/ReturnConstType.ql: /Readability/Safe Language ++ semmlecode-cpp-queries/Best Practices/RuleOfTwo.ql: /Readability/Safe Language/C++ ++ semmlecode-cpp-queries/Likely Bugs/OO/IncorrectConstructorDelegation.ql: /Readability/Safe Language/C++ ++ semmlecode-cpp-queries/Likely Bugs/OO/ThrowInDestructor.ql: /Readability/Safe Language/C++ ++ semmlecode-cpp-queries/jsf/4.13 Functions/AV Rule 114.ql: /Readability/Safe Language + @name Missing return statement ++ semmlecode-cpp-queries/Best Practices/UseOfGoto.ql: /Readability/Safe Language + # Safe Language > C++ ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 78.ql: /Readability/Safe Language/C++ # No virtual destructor ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 71.1.ql: /Readability/Safe Language/C++ # Virtual call from constructor or destructor ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 77.1.ql: /Readability/Safe Language/C++ # Confusion with implicit copy constructor ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 82.ql: /Readability/Safe Language/C++ # Overloaded assignment does not return 'this' ++ semmlecode-cpp-queries/Likely Bugs/ReturnConstTypeMember.ql: /Readability/Safe Language/C++ + # JSF ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 79.ql: /Readability/JSF # Resource not released in destructor ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 88.ql: /Readability/JSF # Undisciplined multiple inheritance ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 89.ql: /Readability/JSF # Inconsistent virtual inheritance ++ semmlecode-cpp-queries/jsf/4.10 Classes/AV Rule 95.ql: /Readability/JSF # Redefined default parameter + diff --git a/cpp/config/suites/cpp/useless-code b/cpp/config/suites/cpp/useless-code new file mode 100644 index 00000000000..d0015f70632 --- /dev/null +++ b/cpp/config/suites/cpp/useless-code @@ -0,0 +1,10 @@ +# USELESS CODE ++ semmlecode-cpp-queries/Best Practices/Unused Entities/UnusedStaticFunctions.ql: /Useless Code ++ semmlecode-cpp-queries/Best Practices/Unused Entities/UnusedStaticVariables.ql: /Useless Code ++ semmlecode-cpp-queries/Best Practices/Unused Entities/UnusedLocals.ql: /Useless Code ++ semmlecode-cpp-queries/external/DuplicateFunction.ql: /Useless Code/Duplicate Code ++ semmlecode-cpp-queries/external/MostlyDuplicateClass.ql: /Useless Code/Duplicate Code ++ semmlecode-cpp-queries/external/MostlyDuplicateFile.ql: /Useless Code/Duplicate Code ++ semmlecode-cpp-queries/external/MostlyDuplicateFunction.ql: /Useless Code/Duplicate Code ++ semmlecode-cpp-queries/external/MostlySimilarFile.ql: /Useless Code/Duplicate Code + diff --git a/cpp/config/suites/default/c b/cpp/config/suites/default/c new file mode 100644 index 00000000000..5f6cc15ed18 --- /dev/null +++ b/cpp/config/suites/default/c @@ -0,0 +1,7 @@ +@import "../../suites/c/correctness" +@import "../../suites/c/maintainability" +@import "../../suites/c/readability" +@import "../../suites/c/useless-code" + +@import "../../suites/c/metrics" +@import "../../suites/c/metric-defects" diff --git a/cpp/config/suites/default/cpp b/cpp/config/suites/default/cpp new file mode 100644 index 00000000000..b8e9fdc6d80 --- /dev/null +++ b/cpp/config/suites/default/cpp @@ -0,0 +1,7 @@ +@import "../../suites/cpp/correctness" +@import "../../suites/cpp/maintainability" +@import "../../suites/cpp/readability" +@import "../../suites/cpp/useless-code" + +@import "../../suites/cpp/metrics" +@import "../../suites/cpp/metric-defects" diff --git a/cpp/config/suites/security/all b/cpp/config/suites/security/all new file mode 100644 index 00000000000..0dfc54047b4 --- /dev/null +++ b/cpp/config/suites/security/all @@ -0,0 +1,2 @@ +@import "default" +@import "secondary" diff --git a/cpp/config/suites/security/cwe-022 b/cpp/config/suites/security/cwe-022 new file mode 100644 index 00000000000..ebc89a91d1b --- /dev/null +++ b/cpp/config/suites/security/cwe-022 @@ -0,0 +1,3 @@ +# CWE-078: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') ++ semmlecode-cpp-queries/Security/CWE/CWE-022/TaintedPath.ql: /CWE/CWE-022 + @name Uncontrolled data used in path expression (CWE-022) \ No newline at end of file diff --git a/cpp/config/suites/security/cwe-078 b/cpp/config/suites/security/cwe-078 new file mode 100644 index 00000000000..4e758b73096 --- /dev/null +++ b/cpp/config/suites/security/cwe-078 @@ -0,0 +1,3 @@ +# CWE-078: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') ++ semmlecode-cpp-queries/Security/CWE/CWE-078/ExecTainted.ql: /CWE/CWE-078 + @name Uncontrolled data used in OS command (CWE-078) diff --git a/cpp/config/suites/security/cwe-079 b/cpp/config/suites/security/cwe-079 new file mode 100644 index 00000000000..42c0bcbf9c3 --- /dev/null +++ b/cpp/config/suites/security/cwe-079 @@ -0,0 +1,3 @@ +# CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') ++ semmlecode-cpp-queries/Security/CWE/CWE-079/CgiXss.ql: /CWE/CWE-079 + @name CGI script vulnerable to cross-site scripting (CWE-079) diff --git a/cpp/config/suites/security/cwe-089 b/cpp/config/suites/security/cwe-089 new file mode 100644 index 00000000000..05709902581 --- /dev/null +++ b/cpp/config/suites/security/cwe-089 @@ -0,0 +1,3 @@ +# CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ++ semmlecode-cpp-queries/Security/CWE/CWE-089/SqlTainted.ql: /CWE/CWE-089 + @name Uncontrolled data in SQL query (CWE-089) diff --git a/cpp/config/suites/security/cwe-114 b/cpp/config/suites/security/cwe-114 new file mode 100644 index 00000000000..4d31afc5d51 --- /dev/null +++ b/cpp/config/suites/security/cwe-114 @@ -0,0 +1,3 @@ +# CWE-114: Process Control ++ semmlecode-cpp-queries/Security/CWE/CWE-114/UncontrolledProcessOperation.ql: /CWE/CWE-114 + @name Uncontrolled process operation (CWE-114) diff --git a/cpp/config/suites/security/cwe-119 b/cpp/config/suites/security/cwe-119 new file mode 100644 index 00000000000..2f8849beb42 --- /dev/null +++ b/cpp/config/suites/security/cwe-119 @@ -0,0 +1,13 @@ +# CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ++ semmlecode-cpp-queries/Security/CWE/CWE-119/OverflowBuffer.ql: /CWE/CWE-119 + @name Call to memory access function may overflow buffer (CWE-119) ++ semmlecode-cpp-queries/Critical/OverflowStatic.ql: /CWE/CWE-119 + @name Static array access may cause overflow (CWE-119) +# + semmlecode-cpp-queries/Critical/OverflowDestination.ql: /CWE/CWE-119 +# ^ disabled due to timeout issue ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql: /CWE/CWE-119 + @name Potentially unsafe call to strncat (CWE-119) ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/StrncpyFlippedArgs.ql: /CWE/CWE-119 + @name Possibly wrong buffer size in string copy (CWE-119) ++ semmlecode-cpp-queries/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql: /CWE/CWE-119 + @name Upcast array used in pointer arithmetic (CWE-119) diff --git a/cpp/config/suites/security/cwe-120 b/cpp/config/suites/security/cwe-120 new file mode 100644 index 00000000000..0343041d79e --- /dev/null +++ b/cpp/config/suites/security/cwe-120 @@ -0,0 +1,13 @@ +# CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ++ semmlecode-cpp-queries/Security/CWE/CWE-120/UnboundedWrite.ql: /CWE/CWE-120 + @name Unbounded write (CWE-120) ++ semmlecode-cpp-queries/Security/CWE/CWE-120/BadlyBoundedWrite.ql: /CWE/CWE-120 + @name Badly bounded write (CWE-120) ++ semmlecode-cpp-queries/Security/CWE/CWE-120/OverrunWrite.ql: /CWE/CWE-120 + @name Potentially overrunning write (CWE-120) ++ semmlecode-cpp-queries/Security/CWE/CWE-120/OverrunWriteFloat.ql: /CWE/CWE-120 + @name Potentially overrunning write with float to string conversion (CWE-120) ++ semmlecode-cpp-queries/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql: /CWE/CWE-120 + @name Array offset used before range check (CWE-120) ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/UnsafeUseOfStrcat.ql: /CWE/CWE-120 + @name Potentially unsafe use of strcat (CWE-120) diff --git a/cpp/config/suites/security/cwe-121 b/cpp/config/suites/security/cwe-121 new file mode 100644 index 00000000000..c9f922d8c55 --- /dev/null +++ b/cpp/config/suites/security/cwe-121 @@ -0,0 +1,3 @@ +# CWE-121: Stack-based Buffer Overflow ++ semmlecode-cpp-queries/Security/CWE/CWE-121/UnterminatedVarargsCall.ql: /CWE/CWE-121 + @name Unterminated variadic call (CWE-121) diff --git a/cpp/config/suites/security/cwe-129 b/cpp/config/suites/security/cwe-129 new file mode 100644 index 00000000000..2ae414ef873 --- /dev/null +++ b/cpp/config/suites/security/cwe-129 @@ -0,0 +1,3 @@ +# CWE-129: Stack-based Buffer Overflow ++ semmlecode-cpp-queries/Security/CWE/CWE-129/ImproperArrayIndexValidation.ql: /CWE/CWE-129 + @name Unclear validation of array index (CWE-129) diff --git a/cpp/config/suites/security/cwe-131 b/cpp/config/suites/security/cwe-131 new file mode 100644 index 00000000000..ae675145902 --- /dev/null +++ b/cpp/config/suites/security/cwe-131 @@ -0,0 +1,7 @@ +# CWE-131: Incorrect Calculation of Buffer Size ++ semmlecode-cpp-queries/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql: /CWE/CWE-131 + @name No space for zero terminator (CWE-131) ++ semmlecode-cpp-queries/Critical/SizeCheck.ql: /CWE/CWE-131 + @name Not enough memory allocated for pointer type (CWE-131) ++ semmlecode-cpp-queries/Critical/SizeCheck2.ql: /CWE/CWE-131 + @name Not enough memory allocated for array of pointer type (CWE-131) diff --git a/cpp/config/suites/security/cwe-134 b/cpp/config/suites/security/cwe-134 new file mode 100644 index 00000000000..b6c1d5411a5 --- /dev/null +++ b/cpp/config/suites/security/cwe-134 @@ -0,0 +1,13 @@ +# CWE-134: Uncontrolled Format String ++ semmlecode-cpp-queries/Likely Bugs/Format/NonConstantFormat.ql: /CWE/CWE-134 + @name Non-constant format string (CWE-134) +# This one runs out of memory. See ODASA-608. +#+ semmlecode-cpp-queries/PointsTo/TaintedFormatStrings.ql: /CWE/CWE-134 ++ semmlecode-cpp-queries/Likely Bugs/Format/WrongNumberOfFormatArguments.ql: /CWE/CWE-134 + @name Wrong number of arguments to formatting function (CWE-134) ++ semmlecode-cpp-queries/Likely Bugs/Format/WrongTypeFormatArguments.ql: /CWE/CWE-134 + @name Wrong type of arguments to formatting function (CWE-134) ++ semmlecode-cpp-queries/Security/CWE/CWE-134/UncontrolledFormatString.ql: /CWE/CWE-134 + @name Uncontrolled format string (CWE-134) ++ semmlecode-cpp-queries/Security/CWE/CWE-134/UncontrolledFormatStringThroughGlobalVar.ql: /CWE/CWE-134 + @name Uncontrolled format string (through global variable) (CWE-134) diff --git a/cpp/config/suites/security/cwe-170 b/cpp/config/suites/security/cwe-170 new file mode 100644 index 00000000000..10dd17cfcaf --- /dev/null +++ b/cpp/config/suites/security/cwe-170 @@ -0,0 +1,5 @@ +# CWE-170: Improper Null Termination ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/ImproperNullTermination.ql: /CWE/CWE-170 + @name Potential improper null termination (CWE-170) ++ semmlecode-cpp-queries/Security/CWE/CWE-170/ImproperNullTerminationTainted.ql: /CWE/CWE-170 + @name User-controlled data may not be null terminated (CWE-170) diff --git a/cpp/config/suites/security/cwe-190 b/cpp/config/suites/security/cwe-190 new file mode 100644 index 00000000000..b0978c83c0d --- /dev/null +++ b/cpp/config/suites/security/cwe-190 @@ -0,0 +1,13 @@ +# CWE-190: Integer Overflow or Wraparound ++ semmlecode-cpp-queries/Security/CWE/CWE-190/ArithmeticTainted.ql: /CWE/CWE-190 + @name User-controlled data in arithmetic expression (CWE-190) ++ semmlecode-cpp-queries/Security/CWE/CWE-190/ArithmeticUncontrolled.ql: /CWE/CWE-190 + @name Uncontrolled data in arithmetic expression (CWE-190) ++ semmlecode-cpp-queries/Security/CWE/CWE-190/ArithmeticWithExtremeValues.ql: /CWE/CWE-190 + @name Use of extreme values in arithmetic expression (CWE-190) ++ semmlecode-cpp-queries/Security/CWE/CWE-190/TaintedAllocationSize.ql: /CWE/CWE-190 + @name Overflow in uncontrolled allocation size (CWE-190) ++ semmlecode-cpp-queries/Security/CWE/CWE-190/IntegerOverflowTainted.ql: /CWE/CWE-190 + @name Potential integer arithmetic overflow (CWE-190) ++ semmlecode-cpp-queries/Security/CWE/CWE-190/ComparisonWithWiderType.ql: /CWE/CWE-190 + @name Comparison of wide type with narrow type in loop condition (CWE-190) \ No newline at end of file diff --git a/cpp/config/suites/security/cwe-242 b/cpp/config/suites/security/cwe-242 new file mode 100644 index 00000000000..0a08d9620bf --- /dev/null +++ b/cpp/config/suites/security/cwe-242 @@ -0,0 +1,3 @@ +# CWE-242: Use of Inherently Dangerous Function ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/PotentialBufferOverflow.ql: /CWE/CWE-242 + @name Use of inherently dangerous function (CWE-242) diff --git a/cpp/config/suites/security/cwe-290 b/cpp/config/suites/security/cwe-290 new file mode 100644 index 00000000000..13019122555 --- /dev/null +++ b/cpp/config/suites/security/cwe-290 @@ -0,0 +1,3 @@ +# CWE-290: Authentication Bypass by Spoofing ++ semmlecode-cpp-queries/Security/CWE/CWE-290/AuthenticationBypass.ql: /CWE/CWE-290 + @name Authentication bypass by spoofing (CWE-290) diff --git a/cpp/config/suites/security/cwe-311 b/cpp/config/suites/security/cwe-311 new file mode 100644 index 00000000000..22d34f5fdc8 --- /dev/null +++ b/cpp/config/suites/security/cwe-311 @@ -0,0 +1,9 @@ +# CWE-311 Missing Encryption of Sensitive Data ++ semmlecode-cpp-queries/Security/CWE/CWE-311/CleartextBufferWrite.ql: /CWE/CWE-311 + @name Cleartext storage of sensitive information in buffer (CWE-311) + ++ semmlecode-cpp-queries/Security/CWE/CWE-311/CleartextFileWrite.ql: /CWE/CWE-311 + @name Cleartext storage of sensitive information in file (CWE-311) + ++ semmlecode-cpp-queries/Security/CWE/CWE-313/CleartextSqliteDatabase.ql: /CWE/CWE-311 + @name Cleartext storage of sensitive information in an SQLite database (CWE-311) diff --git a/cpp/config/suites/security/cwe-327 b/cpp/config/suites/security/cwe-327 new file mode 100644 index 00000000000..47b081afe13 --- /dev/null +++ b/cpp/config/suites/security/cwe-327 @@ -0,0 +1,5 @@ +# CWE-327: Use of a Broken or Risky Cryptographic Algorithm ++ semmlecode-cpp-queries/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql: /CWE/CWE-327 + @name Use of a broken or risky cryptographic algorithm (CWE-327) ++ semmlecode-cpp-queries/Security/CWE/CWE-327/OpenSslHeartbleed.ql: /CWE/CWE-327 + @name Use of a version of OpenSSL with Heartbleed (CWE-327) diff --git a/cpp/config/suites/security/cwe-367 b/cpp/config/suites/security/cwe-367 new file mode 100644 index 00000000000..d5e55ed1a2f --- /dev/null +++ b/cpp/config/suites/security/cwe-367 @@ -0,0 +1,3 @@ +# CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition ++ semmlecode-cpp-queries/Security/CWE/CWE-367/TOCTOUFilesystemRace.ql: /CWE/CWE-367 + @name Time-of-check time-of-use filesystem race condition (CWE-367) diff --git a/cpp/config/suites/security/cwe-416 b/cpp/config/suites/security/cwe-416 new file mode 100644 index 00000000000..0f5253812cb --- /dev/null +++ b/cpp/config/suites/security/cwe-416 @@ -0,0 +1,3 @@ +# CWE-416: Use After Free ++ semmlecode-cpp-queries/Critical/UseAfterFree.ql: /CWE/CWE-416 + @name Potential use after free (CWE-416) diff --git a/cpp/config/suites/security/cwe-457 b/cpp/config/suites/security/cwe-457 new file mode 100644 index 00000000000..b70f3686d66 --- /dev/null +++ b/cpp/config/suites/security/cwe-457 @@ -0,0 +1,3 @@ +# CWE-457: Use of Uninitialized Variable ++ semmlecode-cpp-queries/Likely Bugs/Memory Management/UninitializedLocal.ql: /CWE/CWE-457 + @name Potentially uninitialized local variable (CWE-457) \ No newline at end of file diff --git a/cpp/config/suites/security/cwe-468 b/cpp/config/suites/security/cwe-468 new file mode 100644 index 00000000000..72cac42de2b --- /dev/null +++ b/cpp/config/suites/security/cwe-468 @@ -0,0 +1,9 @@ +# CWE-468: Incorrect pointer scaling ++ semmlecode-cpp-queries/Security/CWE/CWE-468/IncorrectPointerScaling.ql: /CWE/CWE-468 + @name Suspicious pointer scaling (CWE-468) ++ semmlecode-cpp-queries/Security/CWE/CWE-468/IncorrectPointerScalingChar.ql: /CWE/CWE-468 + @name Suspicious pointer scaling to char (CWE-468) ++ semmlecode-cpp-queries/Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql: /CWE/CWE-468 + @name Suspicious pointer scaling to void (CWE-468) ++ semmlecode-cpp-queries/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql: /CWE/CWE-468 + @name Suspicious add with sizeof (CWE-468) diff --git a/cpp/config/suites/security/cwe-497-expensive b/cpp/config/suites/security/cwe-497-expensive new file mode 100644 index 00000000000..e9dd90c41ce --- /dev/null +++ b/cpp/config/suites/security/cwe-497-expensive @@ -0,0 +1,3 @@ +# CWE-497 Exposure of System Data to an Unauthorized Control Sphere ++ semmlecode-cpp-queries/Security/CWE/CWE-497/ExposedSystemData.ql: /CWE/CWE-497 + @name Exposure of system data to an unauthorized control sphere (CWE-497) diff --git a/cpp/config/suites/security/cwe-676 b/cpp/config/suites/security/cwe-676 new file mode 100644 index 00000000000..ad86d1a8998 --- /dev/null +++ b/cpp/config/suites/security/cwe-676 @@ -0,0 +1,5 @@ +# CWE-676: Use of Potentially Dangerous Function ++ semmlecode-cpp-queries/Security/CWE/CWE-676/DangerousUseOfCin.ql: /CWE/CWE-676 + @name Dangerous use of 'cin' (CWE-676) ++ semmlecode-cpp-queries/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql: /CWE/CWE-676 + @name Use of potentially dangerous function (CWE-676) diff --git a/cpp/config/suites/security/cwe-732 b/cpp/config/suites/security/cwe-732 new file mode 100644 index 00000000000..90af4998438 --- /dev/null +++ b/cpp/config/suites/security/cwe-732 @@ -0,0 +1,3 @@ +# CWE-732: Incorrect Permission Assignment for Critical Resource ++ semmlecode-cpp-queries/Security/CWE/CWE-732/DoNotCreateWorldWritable.ql: /CWE/CWE-732 + @name File created without restricting permissions (CWE-732) diff --git a/cpp/config/suites/security/cwe-764 b/cpp/config/suites/security/cwe-764 new file mode 100644 index 00000000000..3109956e7fb --- /dev/null +++ b/cpp/config/suites/security/cwe-764 @@ -0,0 +1,7 @@ +# CWE-764: Multiple Locks of a CriticalResource ++ semmlecode-cpp-queries/Security/CWE/CWE-764/UnreleasedLock.ql: /CWE/CWE-764 + @name Lock may not be released (CWE-764) ++ semmlecode-cpp-queries/Security/CWE/CWE-764/TwiceLocked.ql: /CWE/CWE-764 + @name Mutex locked twice (CWE-764) ++ semmlecode-cpp-queries/Security/CWE/CWE-764/LockOrderCycle.ql: /CWE/CWE-764 + @name Cyclic lock order dependency (CWE-764) diff --git a/cpp/config/suites/security/cwe-772 b/cpp/config/suites/security/cwe-772 new file mode 100644 index 00000000000..31de86f09a7 --- /dev/null +++ b/cpp/config/suites/security/cwe-772 @@ -0,0 +1,3 @@ +# CWE-772: Missing Release of Resource after Effective Lifetime ++ semmlecode-cpp-queries/Critical/NewFreeMismatch.ql: /CWE/CWE-772 + @name Mismatching new/free or malloc/delete (CWE-772) diff --git a/cpp/config/suites/security/cwe-772-expensive b/cpp/config/suites/security/cwe-772-expensive new file mode 100644 index 00000000000..50e791b63d9 --- /dev/null +++ b/cpp/config/suites/security/cwe-772-expensive @@ -0,0 +1,9 @@ +# CWE-772: Missing Release of Resource after Effective Lifetime ++ semmlecode-cpp-queries/Critical/FileMayNotBeClosed.ql: /CWE/CWE-772 + @name Open file may not be closed (CWE-772) ++ semmlecode-cpp-queries/Critical/FileNeverClosed.ql: /CWE/CWE-772 + @name Open file is not closed (CWE-772) ++ semmlecode-cpp-queries/Critical/MemoryMayNotBeFreed.ql: /CWE/CWE-772 + @name Memory may not be freed (CWE-772) ++ semmlecode-cpp-queries/Critical/MemoryNeverFreed.ql: /CWE/CWE-772 + @name Memory is never freed (CWE-772) diff --git a/cpp/config/suites/security/cwe-807 b/cpp/config/suites/security/cwe-807 new file mode 100644 index 00000000000..0213e0b4d5d --- /dev/null +++ b/cpp/config/suites/security/cwe-807 @@ -0,0 +1,3 @@ +# CWE-807: Reliance on Untrusted Inputs in a Security Decision ++ semmlecode-cpp-queries/Security/CWE/CWE-807/TaintedCondition.ql: /CWE/CWE-807 + @name Untrusted input for a condition (CWE-807) diff --git a/cpp/config/suites/security/cwe-835 b/cpp/config/suites/security/cwe-835 new file mode 100644 index 00000000000..067376b3437 --- /dev/null +++ b/cpp/config/suites/security/cwe-835 @@ -0,0 +1,3 @@ +# CWE-835: Infinite loop with unsatisfiable exit condition ++ semmlecode-cpp-queries/Security/CWE/CWE-835/InfiniteLoopWithUnsatisfiableExitCondition.ql: /CWE/CWE-835 + @name Infinite loop with unsatisfiable exit condition (CWE-835) diff --git a/cpp/config/suites/security/default b/cpp/config/suites/security/default new file mode 100644 index 00000000000..4225ae9808b --- /dev/null +++ b/cpp/config/suites/security/default @@ -0,0 +1,28 @@ +# All C++ security queries +@import "cwe-022" +@import "cwe-078" +@import "cwe-079" +@import "cwe-089" +@import "cwe-114" +@import "cwe-119" +@import "cwe-120" +@import "cwe-121" +@import "cwe-129" +@import "cwe-131" +@import "cwe-134" +@import "cwe-170" +@import "cwe-190" +@import "cwe-242" +@import "cwe-290" +@import "cwe-311" +@import "cwe-327" +@import "cwe-367" +@import "cwe-416" +@import "cwe-457" +@import "cwe-468" +@import "cwe-676" +@import "cwe-732" +@import "cwe-764" +@import "cwe-772" +@import "cwe-807" +@import "cwe-835" diff --git a/cpp/config/suites/security/secondary b/cpp/config/suites/security/secondary new file mode 100644 index 00000000000..19f450cb8bb --- /dev/null +++ b/cpp/config/suites/security/secondary @@ -0,0 +1,3 @@ +# Not in the default suite due to using expensive points-to analysis +@import "cwe-497-expensive" +@import "cwe-772-expensive"