Merge branch 'main' into idrissrio/preprocessor-multiline

2025-12-16 16:53:25 +01:00 · 2025-03-21 10:28:24 +01:00
parent 878e621a38 7bd1c4d2ae
commit 99d9b87b33
400 changed files with 6262 additions and 4638 deletions
--- a/cpp/ql/lib/CHANGELOG.md
+++ b/cpp/ql/lib/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 4.0.3
+
+No user-facing changes.
+
+## 4.0.2
+
+### Minor Analysis Improvements
+
+* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class.
+* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer.
+
 ## 4.0.1

 No user-facing changes.
--- a/cpp/ql/lib/change-notes/2025-02-20-getbuffersize.md
+++ b/cpp/ql/lib/change-notes/2025-02-20-getbuffersize.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer.
--- a/cpp/ql/lib/change-notes/2025-02-25-getbuffersize.md
+++ b/cpp/ql/lib/change-notes/2025-02-25-getbuffersize.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class.
--- a/cpp/ql/lib/change-notes/released/4.0.2.md
+++ b/cpp/ql/lib/change-notes/released/4.0.2.md
@@ -0,0 +1,6 @@
+## 4.0.2
+
+### Minor Analysis Improvements
+
+* Modified the `getBufferSize` predicate in `commons/Buffer.qll` to be more tolerant in some cases involving member variables in a larger struct or class.
+* Fixed an issue where the `getBufferSize` predicate in `commons/Buffer.qll` was returning results for references inside `offsetof` expressions, which are not accesses to a buffer.
--- a/cpp/ql/lib/change-notes/released/4.0.3.md
+++ b/cpp/ql/lib/change-notes/released/4.0.3.md
@@ -0,0 +1,3 @@
+## 4.0.3
+
+No user-facing changes.
--- a/cpp/ql/lib/codeql-pack.release.yml
+++ b/cpp/ql/lib/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 4.0.1
+lastReleaseVersion: 4.0.3
--- a/cpp/ql/lib/qlpack.yml
+++ b/cpp/ql/lib/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-all
-version: 4.0.2-dev
+version: 4.0.4-dev
 groups: cpp
 dbscheme: semmlecode.cpp.dbscheme
 extractor: cpp
--- a/cpp/ql/src/CHANGELOG.md
+++ b/cpp/ql/src/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 1.3.6
+
+No user-facing changes.
+
+## 1.3.5
+
+### Minor Analysis Improvements
+
+* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation.
+* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues.
+
 ## 1.3.4

 No user-facing changes.
--- a/cpp/ql/src/change-notes/2025-02-20-overflow-buffer.md
+++ b/cpp/ql/src/change-notes/2025-02-20-overflow-buffer.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues.
--- a/cpp/ql/src/change-notes/2025-02-27-static-buffer-overflow.md
+++ b/cpp/ql/src/change-notes/2025-02-27-static-buffer-overflow.md
@@ -1,4 +0,0 @@
---
-category: minorAnalysis
---
-* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation.
--- a/cpp/ql/src/change-notes/released/1.3.5.md
+++ b/cpp/ql/src/change-notes/released/1.3.5.md
@@ -0,0 +1,6 @@
+## 1.3.5
+
+### Minor Analysis Improvements
+
+* Due to changes in libraries the query "Static array access may cause overflow" (`cpp/static-buffer-overflow`) will no longer report cases where multiple fields of a struct or class are written with a single `memset` or similar operation.
+* The query "Call to memory access function may overflow buffer" (`cpp/overflow-buffer`) has been added to the security-extended query suite. The query detects a range of buffer overflow and underflow issues.
--- a/cpp/ql/src/change-notes/released/1.3.6.md
+++ b/cpp/ql/src/change-notes/released/1.3.6.md
@@ -0,0 +1,3 @@
+## 1.3.6
+
+No user-facing changes.
--- a/cpp/ql/src/codeql-pack.release.yml
+++ b/cpp/ql/src/codeql-pack.release.yml
@@ -1,2 +1,2 @@
 ---
-lastReleaseVersion: 1.3.4
+lastReleaseVersion: 1.3.6
--- a/cpp/ql/src/qlpack.yml
+++ b/cpp/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: codeql/cpp-queries
-version: 1.3.5-dev
+version: 1.3.7-dev
 groups:
  - cpp
  - queries