hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

update alert-messages based on review feedback

Browse Source
This commit is contained in:
erik-krogh
2022-09-23 14:53:40 +02:00
parent edd03020c2
commit 96b46de7c8
8 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cpp/ql/src/Security/CWE/CWE-129/ImproperArrayIndexValidation.ql
View File

@@ -127,5 +127,5 @@ where
conf.hasFlowPath(source, sink) and
isFlowSource(source.getNode(), sourceType)
select sink.getNode(), source, sink,
"An array indexing expression depends on a $@ that might be outside the bounds of the array.",
"An array indexing expression depends on $@ that might be outside the bounds of the array.",
source.getNode(), lowerFirst(sourceType)

2
cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql
View File

@@ -87,4 +87,4 @@ class ExploitableUserModePtrParam extends SystemCallSource {
}
from ExploitableUserModePtrParam p
select p, "'unsafe_put_user' write user-mode pointer $@ without check.", p, p.toString()
select p, "This 'unsafe_put_user' writes a user-mode pointer without a security check."

2
cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql
View File

@@ -58,4 +58,4 @@ class ReallocCallLeak extends FunctionCall {
from ReallocCallLeak rcl
where not rcl.mayHandleByTermination()
select rcl, "Possible loss of original pointer on unsuccessful call realloc."
select rcl, "Possible loss of original pointer on unsuccessful call to 'realloc'."

2
cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql
View File

@@ -26,5 +26,5 @@ where
DataFlow::localFlow(DataFlow::parameterNode(p), sink) and
p.getUnspecifiedType().getSize() < 8
select call,
"This call passes an unsigned int to a function that requires a signed int: $@. And then used in pointer arithmetic: $@.",
"This call passes an unsigned int to a function that requires a signed int: $@. It's then used in pointer arithmetic: $@.",
f, f.toString(), sink, sink.toString()

6
cpp/ql/test/experimental/query-tests/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser/NoCheckBeforeUnsafePutUser.expected
View File

@@ -1,3 +1,3 @@
| test.cpp:20:21:20:22 | ref arg & ... | 'unsafe_put_user' write user-mode pointer $@ without check. | test.cpp:20:21:20:22 | ref arg & ... | ref arg & ... |
| test.cpp:41:21:41:22 | ref arg & ... | 'unsafe_put_user' write user-mode pointer $@ without check. | test.cpp:41:21:41:22 | ref arg & ... | ref arg & ... |
| test.cpp:69:21:69:27 | ref arg & ... | 'unsafe_put_user' write user-mode pointer $@ without check. | test.cpp:69:21:69:27 | ref arg & ... | ref arg & ... |
| test.cpp:20:21:20:22 | ref arg & ... | This 'unsafe_put_user' writes a user-mode pointer without a security check. |
| test.cpp:41:21:41:22 | ref arg & ... | This 'unsafe_put_user' writes a user-mode pointer without a security check. |
| test.cpp:69:21:69:27 | ref arg & ... | This 'unsafe_put_user' writes a user-mode pointer without a security check. |

16
cpp/ql/test/experimental/query-tests/Security/CWE/CWE-401/semmle/tests/MemoryLeakOnFailedCallToRealloc.expected
View File

@@ -1,8 +1,8 @@
| test.c:34:29:34:35 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:63:29:63:35 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:139:29:139:35 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:186:29:186:35 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:282:29:282:35 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:299:26:299:32 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:328:29:328:35 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:342:29:342:35 | call to realloc | Possible loss of original pointer on unsuccessful call realloc. |
| test.c:34:29:34:35 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |
| test.c:63:29:63:35 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |
| test.c:139:29:139:35 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |
| test.c:186:29:186:35 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |
| test.c:282:29:282:35 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |
| test.c:299:26:299:32 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |
| test.c:328:29:328:35 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |
| test.c:342:29:342:35 | call to realloc | Possible loss of original pointer on unsuccessful call to 'realloc'. |

2
cpp/ql/test/query-tests/Security/CWE/CWE-129/SAMATE/ImproperArrayIndexValidation/ImproperArrayIndexValidation.expected
View File

@@ -5,4 +5,4 @@ nodes
| CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:52:20:52:23 | data | semmle.label | data |
subpaths
#select
| CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:52:20:52:23 | data | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:30:19:30:29 | fgets output argument | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:52:20:52:23 | data | An array indexing expression depends on a $@ that might be outside the bounds of the array. | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:30:19:30:29 | fgets output argument | string read by fgets |
| CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:52:20:52:23 | data | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:30:19:30:29 | fgets output argument | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:52:20:52:23 | data | An array indexing expression depends on $@ that might be outside the bounds of the array. | CWE122_Heap_Based_Buffer_Overflow__c_CWE129_fgets_01.c:30:19:30:29 | fgets output argument | string read by fgets |

6
cpp/ql/test/query-tests/Security/CWE/CWE-129/semmle/ImproperArrayIndexValidation/ImproperArrayIndexValidation.expected
View File

@@ -21,6 +21,6 @@ nodes
| test1.c:53:15:53:15 | j | semmle.label | j |
subpaths
#select
| test1.c:18:16:18:16 | i | test1.c:8:16:8:19 | argv | test1.c:18:16:18:16 | i | An array indexing expression depends on a $@ that might be outside the bounds of the array. | test1.c:8:16:8:19 | argv | a command-line argument |
| test1.c:33:11:33:11 | i | test1.c:8:16:8:19 | argv | test1.c:33:11:33:11 | i | An array indexing expression depends on a $@ that might be outside the bounds of the array. | test1.c:8:16:8:19 | argv | a command-line argument |
| test1.c:53:15:53:15 | j | test1.c:8:16:8:19 | argv | test1.c:53:15:53:15 | j | An array indexing expression depends on a $@ that might be outside the bounds of the array. | test1.c:8:16:8:19 | argv | a command-line argument |
| test1.c:18:16:18:16 | i | test1.c:8:16:8:19 | argv | test1.c:18:16:18:16 | i | An array indexing expression depends on $@ that might be outside the bounds of the array. | test1.c:8:16:8:19 | argv | a command-line argument |
| test1.c:33:11:33:11 | i | test1.c:8:16:8:19 | argv | test1.c:33:11:33:11 | i | An array indexing expression depends on $@ that might be outside the bounds of the array. | test1.c:8:16:8:19 | argv | a command-line argument |
| test1.c:53:15:53:15 | j | test1.c:8:16:8:19 | argv | test1.c:53:15:53:15 | j | An array indexing expression depends on $@ that might be outside the bounds of the array. | test1.c:8:16:8:19 | argv | a command-line argument |