Tag all security queries in supported languages' experimental directories with an experimental tag

2025-12-24 04:36:35 +01:00 · 2022-12-14 17:15:50 +01:00
parent a92acf5218
commit 4ec401a3f6
148 changed files with 155 additions and 3 deletions
--- a/Bugs/ArrayAccessProductFlow.ql
+++ b/Bugs/ArrayAccessProductFlow.ql
@@ -6,6 +6,7 @@
 * @id cpp/off-by-one-array-access
 * @tags reliability
 *       security
+ *       experimental
 */

 import cpp
--- a/Bugs/OverrunWriteProductFlow.ql
+++ b/Bugs/OverrunWriteProductFlow.ql
@@ -7,6 +7,7 @@
 * @id cpp/overrun-write
 * @tags reliability
 *       security
+ *       experimental
 *       external/cwe/cwe-119
 *       external/cwe/cwe-131
 */
--- a/Bugs/RedundantNullCheckParam.ql
+++ b/Bugs/RedundantNullCheckParam.ql
@@ -9,6 +9,7 @@
 * @tags reliability
 *       security
 *       external/cwe/cwe-476
+ *       experimental
 */

 import cpp
--- a/cpp/ql/src/experimental/Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql
@@ -9,6 +9,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-20
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql
@@ -11,6 +11,7 @@
 * @problem.severity warning
 * @security-severity 7.5
 * @tags security
+ *       experimental
 *       external/cwe/cwe-020
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql
@@ -8,6 +8,7 @@
 * @precision high
 * @id cpp/wordexp-injection
 * @tags security
+ *       experimental
 *       external/cwe/cwe-078
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql
@@ -8,6 +8,7 @@
 * @tags correctness
 *       maintainability
 *       security
+ *       experimental
 *       external/cwe/cwe-1041
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql
@@ -9,6 +9,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-1126
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql
@@ -6,6 +6,7 @@
 * @id cpp/memory-unsafe-function-scan
 * @tags reliability
 *       security
+ *       experimental
 *       external/cwe/cwe-120
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-125
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql
@@ -6,6 +6,7 @@
 * @precision low
 * @tags security
 *       correctness
+ *       experimental
 *       external/cwe/cwe-190
 *       external/cwe/cwe-128
 * @id cpp/multiplication-overflow-in-alloc
--- a/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-190
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql
@@ -7,6 +7,7 @@
 * @id cpp/constant-array-overflow
 * @tags reliability
 *       security
+ *       experimental
 */

 import experimental.semmle.code.cpp.semantic.analysis.RangeAnalysis
--- a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql
@@ -8,6 +8,7 @@
 * @id cpp/invalid-pointer-deref
 * @tags reliability
 *       security
+ *       experimental
 *       external/cwe/cwe-119
 *       external/cwe/cwe-125
 *       external/cwe/cwe-193
--- a/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql
@@ -8,6 +8,7 @@
 * @tags correctness
 *       maintainability
 *       security
+ *       experimental
 *       external/cwe/cwe-200
 *       external/cwe/cwe-264
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-243
 *       external/cwe/cwe-252
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql
@@ -8,6 +8,7 @@
 * @tags correctness
 *       maintainability
 *       security
+ *       experimental
 *       external/cwe/cwe-266
 *       external/cwe/cwe-264
 *       external/cwe/cwe-200
--- a/cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql
@@ -8,6 +8,7 @@
 * @problem.severity recommendation
 * @id cpp/drop-linux-privileges-outoforder
 * @tags security
+ *       experimental
 *       external/cwe/cwe-273
 * @precision medium
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql
@@ -5,6 +5,7 @@
 * @problem.severity error
 * @id cpp/pam-auth-bypass
 * @tags security
+ *       experimental
 *       external/cwe/cwe-285
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql
@@ -6,6 +6,7 @@
 * @problem.severity error
 * @id cpp/private-cleartext-write
 * @tags security
+ *       experimental
 *       external/cwe/cwe-359
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql
@@ -11,6 +11,7 @@
 * @problem.severity warning
 * @security-severity 7.5
 * @tags security
+ *       experimental
 *       external/cwe/cwe-362
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-377/InsecureTemporaryFile.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-377/InsecureTemporaryFile.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-377
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql
@@ -8,6 +8,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-401
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql
@@ -6,6 +6,7 @@
 * @problem.severity warning
 * @precision medium
 * @tags security
+ *       experimental
 *       external/cwe/cwe-415
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-476
 *       external/cwe/cwe-415
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql
@@ -8,6 +8,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-561
 *       external/cwe/cwe-691
 *       external/cwe/cwe-478
--- a/cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-670
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql
@@ -6,6 +6,7 @@
 * @problem.severity warning
 * @precision medium
 * @tags security
+ *       experimental
 *       external/cwe/cwe-675
 *       external/cwe/cwe-666
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql
@@ -10,6 +10,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-691
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql
@@ -8,6 +8,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-691
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-703
 *       external/cwe/cwe-248
 *       external/cwe/cwe-390
--- a/cpp/ql/src/experimental/Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql
@@ -7,6 +7,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-754
 *       external/cwe/cwe-908
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql
@@ -8,6 +8,7 @@
 * @problem.severity warning
 * @precision medium
 * @tags security
+ *       experimental
 *       external/cwe/cwe-758
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql
@@ -8,6 +8,7 @@
 * @precision medium
 * @tags maintainability
 *       readability
+ *       experimental
 *       external/cwe/cwe-783
 *       external/cwe/cwe-480
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql
@@ -8,6 +8,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-783
 *       external/cwe/cwe-480
 */
--- a/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql
@@ -6,6 +6,7 @@
 * @problem.severity warning
 * @tags reliability
 *       security
+ *       experimental
 *       external/cwe/cwe-787
 */

--- a/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql
+++ b/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql
@@ -8,6 +8,7 @@
 * @precision medium
 * @tags correctness
 *       security
+ *       experimental
 *       external/cwe/cwe-788
 */