CPP: Fix metadata and add a change-note.

2025-12-24 04:36:35 +01:00 · 2023-12-04 12:19:31 +00:00
parent 3e9aeac004
commit f3f53570a4
2 changed files with 6 additions and 3 deletions
--- a/cpp/ql/src/Critical/IncorrectCheckScanf.ql
+++ b/cpp/ql/src/Critical/IncorrectCheckScanf.ql
@@ -5,11 +5,10 @@
 * @kind problem
 * @problem.severity warning
 * @security-severity 7.5
- * @precision medium
- * @id cpp/discarded-scanf
+ * @precision high
+ * @id cpp/incorrectly-checked-scanf
 * @tags security
 *       correctness
- *       external/cwe/cwe-252
 *       external/cwe/cwe-253
 */

--- a/cpp/ql/src/change-notes/2023-12-4-incorrectly-checked-scanf.md
+++ b/cpp/ql/src/change-notes/2023-12-4-incorrectly-checked-scanf.md
@@ -0,0 +1,4 @@
+---
+category: new-query
+---
+* The `cpp/incorrectly-checked-scanf` query has been added. This finds results where the return value of scanf is not checked correctly. Some of these were previously found by `cpp/missing-check-scanf` and will no longer be reported there.