CPP: Fix typos.

cpp/ql/src/Likely Bugs/Memory Management/Buffer Overflow/BufferAccess.qll

@@ -52,7 +52,7 @@ private class BufferWithSizeConfig extends TaintTracking::Configuration {
 }
 
 /**
- * An access(read or write) to a buffer, provided as a pair of
+ * An access (read or write) to a buffer, provided as a pair of
  * a pointer to the buffer and the length of data to be read or written.
  * Extend this class to support different kinds of buffer access.
  */

csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.qhelp

@@ -6,7 +6,7 @@
 <p>Finds uses of insecure SQL Connections string by not enabling the <code>Encrypt</code> option.</p>
 
   <p>
-    SQL Server connections where the client is not enforcing the encryption in transit are subsceptible to multiple attacks, including a man-in-the-middle, that would potentially compromise the user credentails and/or the TDS session.
+    SQL Server connections where the client is not enforcing the encryption in transit are susceptible to multiple attacks, including a man-in-the-middle, that would potentially compromise the user credentials and/or the TDS session.
   </p>
 
 </overview>
@@ -22,7 +22,7 @@
 <sample src="InsecureSQLConnectionBad.cs" />
 
   <p>
-    The following example shows a SQL connection string that si explicitly enabling the <code>Encrypt</code> setting to force encryption in transit.
+    The following example shows a SQL connection string that is explicitly enabling the <code>Encrypt</code> setting to force encryption in transit.
   </p>
 
   <sample src="InsecureSQLConnectionGood.cs" />

csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.qhelp

@@ -17,7 +17,7 @@ as denial-of-service or remote code execution.</p>
 
 <p>In this example, a string is deserialized using a
 <code>JavaScriptSerializer</code> with a simple type resolver. Using a type resolver
-means that arbitrary code may be executed</p>
+means that arbitrary code may be executed.</p>
 
 <sample src="UnsafeDeserializationBad.cs" />
 

csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.qhelp

@@ -18,7 +18,7 @@ to use a safe deserialization framework.</p>
 
 <p>In this example, text from an HTML text box is deserialized using a
 <code>JavaScriptSerializer</code> with a simple type resolver. Using a type resolver
-means that arbitrary code may be executed</p>
+means that arbitrary code may be executed.</p>
 
 <sample src="UnsafeDeserializationUntrustedInputBad.cs" />
 

csharp/ql/src/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlow.qll

@@ -71,13 +71,13 @@ module EncryptionKeyDataFlow {
   class SymmetricKeyTaintTrackingConfiguration extends TaintTracking::Configuration {
     SymmetricKeyTaintTrackingConfiguration() { this = "SymmetricKeyTaintTracking" }
 
-    /** holds if the node is a key source. */
+    /** Holds if the node is a key source. */
     override predicate isSource(DataFlow::Node src) { src instanceof KeySource }
 
-    /** holds if the node is a symmetric encryption key sink. */
+    /** Holds if the node is a symmetric encryption key sink. */
     override predicate isSink(DataFlow::Node sink) { sink instanceof SymmetricEncryptionKeySink }
 
-    /** holds if the node is a key sanitizer. */
+    /** Holds if the node is a key sanitizer. */
     override predicate isSanitizer(DataFlow::Node sanitizer) { sanitizer instanceof KeySanitizer }
   }
 }

csharp/ql/src/semmle/code/csharp/serialization/Deserializers.qll

@@ -1,5 +1,5 @@
 /**
- * Provides a library of known unsafe deserializers, based on
+ * Provides a library of known unsafe deserializers.
  * See https://www.blackhat.com/docs/us-17/thursday/us-17-Munoz-Friday-The-13th-Json-Attacks.pdf.
  */