mirror of
https://github.com/github/codeql.git
synced 2026-07-05 19:45:29 +02:00
Compare commits
20 Commits
security-s
...
security-s
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
6c1337791e | ||
|
|
ef0ea247c4 | ||
|
|
3eba5b0aac | ||
|
|
00137f2905 | ||
|
|
a5cfdd2cfe | ||
|
|
f02c86cb22 | ||
|
|
9bfb0d93ca | ||
|
|
897105de02 | ||
|
|
93e55e2631 | ||
|
|
1797b6c7f9 | ||
|
|
0ec3ee29e4 | ||
|
|
bb58a50503 | ||
|
|
f2de440886 | ||
|
|
87cd72496c | ||
|
|
bc6685aa3f | ||
|
|
9acc71a7cb | ||
|
|
f3661c34ee | ||
|
|
946fcf1c82 | ||
|
|
897d12420b | ||
|
|
a7fcf52267 |
@@ -5,12 +5,12 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/offset-use-before-range-check
|
* @id cpp/offset-use-before-range-check
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
* external/cwe/cwe-125
|
* external/cwe/cwe-125
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/descriptor-may-not-be-closed
|
* @id cpp/descriptor-may-not-be-closed
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @tags efficiency
|
* @tags efficiency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-775
|
* external/cwe/cwe-775
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/descriptor-never-closed
|
* @id cpp/descriptor-never-closed
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @tags efficiency
|
* @tags efficiency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-775
|
* external/cwe/cwe-775
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/file-may-not-be-closed
|
* @id cpp/file-may-not-be-closed
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @tags efficiency
|
* @tags efficiency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-775
|
* external/cwe/cwe-775
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/file-never-closed
|
* @id cpp/file-never-closed
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @tags efficiency
|
* @tags efficiency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-775
|
* external/cwe/cwe-775
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/inconsistent-nullness-testing
|
* @id cpp/inconsistent-nullness-testing
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-476
|
* external/cwe/cwe-476
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/memory-may-not-be-freed
|
* @id cpp/memory-may-not-be-freed
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @tags efficiency
|
* @tags efficiency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-401
|
* external/cwe/cwe-401
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import MemoryFreed
|
import MemoryFreed
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/memory-never-freed
|
* @id cpp/memory-never-freed
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @tags efficiency
|
* @tags efficiency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-401
|
* external/cwe/cwe-401
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import MemoryFreed
|
import MemoryFreed
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/missing-null-test
|
* @id cpp/missing-null-test
|
||||||
* @problem.severity recommendation
|
* @problem.severity recommendation
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-476
|
* external/cwe/cwe-476
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -3,12 +3,12 @@
|
|||||||
* @description An object that was allocated with 'malloc' or 'new' is being freed using a mismatching 'free' or 'delete'.
|
* @description An object that was allocated with 'malloc' or 'new' is being freed using a mismatching 'free' or 'delete'.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/new-free-mismatch
|
* @id cpp/new-free-mismatch
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-401
|
* external/cwe/cwe-401
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import NewDelete
|
import NewDelete
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/overflow-calculated
|
* @id cpp/overflow-calculated
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-131
|
* external/cwe/cwe-131
|
||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,12 +5,12 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/overflow-destination
|
* @id cpp/overflow-destination
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision low
|
* @precision low
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-119
|
* external/cwe/cwe-119
|
||||||
* external/cwe/cwe-131
|
* external/cwe/cwe-131
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,13 +4,13 @@
|
|||||||
* may result in a buffer overflow.
|
* may result in a buffer overflow.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/static-buffer-overflow
|
* @id cpp/static-buffer-overflow
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-119
|
* external/cwe/cwe-119
|
||||||
* external/cwe/cwe-131
|
* external/cwe/cwe-131
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,13 +4,13 @@
|
|||||||
* an instance of the type of the pointer may result in a buffer overflow
|
* an instance of the type of the pointer may result in a buffer overflow
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/allocation-too-small
|
* @id cpp/allocation-too-small
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-131
|
* external/cwe/cwe-131
|
||||||
* external/cwe/cwe-122
|
* external/cwe/cwe-122
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,13 +4,13 @@
|
|||||||
* multiple instances of the type of the pointer may result in a buffer overflow
|
* multiple instances of the type of the pointer may result in a buffer overflow
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/suspicious-allocation-size
|
* @id cpp/suspicious-allocation-size
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-131
|
* external/cwe/cwe-131
|
||||||
* external/cwe/cwe-122
|
* external/cwe/cwe-122
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/use-after-free
|
* @id cpp/use-after-free
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-416
|
* external/cwe/cwe-416
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,7 +6,6 @@
|
|||||||
* to a larger type.
|
* to a larger type.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision very-high
|
* @precision very-high
|
||||||
* @id cpp/bad-addition-overflow-check
|
* @id cpp/bad-addition-overflow-check
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -14,6 +13,7 @@
|
|||||||
* security
|
* security
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
* external/cwe/cwe-192
|
* external/cwe/cwe-192
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* be a sign that the result can overflow the type converted from.
|
* be a sign that the result can overflow the type converted from.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/integer-multiplication-cast-to-long
|
* @id cpp/integer-multiplication-cast-to-long
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -15,6 +14,7 @@
|
|||||||
* external/cwe/cwe-192
|
* external/cwe/cwe-192
|
||||||
* external/cwe/cwe-197
|
* external/cwe/cwe-197
|
||||||
* external/cwe/cwe-681
|
* external/cwe/cwe-681
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,13 +6,13 @@
|
|||||||
* use the width of the base type, leading to misaligned reads.
|
* use the width of the base type, leading to misaligned reads.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @tags correctness
|
* @tags correctness
|
||||||
* reliability
|
* reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-119
|
* external/cwe/cwe-119
|
||||||
* external/cwe/cwe-843
|
* external/cwe/cwe-843
|
||||||
|
* security-severity/8.8
|
||||||
* @id cpp/upcast-array-pointer-arithmetic
|
* @id cpp/upcast-array-pointer-arithmetic
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|||||||
@@ -6,13 +6,13 @@
|
|||||||
* from an untrusted source, this can be used for exploits.
|
* from an untrusted source, this can be used for exploits.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity recommendation
|
* @problem.severity recommendation
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/non-constant-format
|
* @id cpp/non-constant-format
|
||||||
* @tags maintainability
|
* @tags maintainability
|
||||||
* correctness
|
* correctness
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-134
|
* external/cwe/cwe-134
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.cpp.dataflow.TaintTracking
|
import semmle.code.cpp.dataflow.TaintTracking
|
||||||
|
|||||||
@@ -3,13 +3,13 @@
|
|||||||
* @description Using alloca in a loop can lead to a stack overflow
|
* @description Using alloca in a loop can lead to a stack overflow
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/alloca-in-loop
|
* @id cpp/alloca-in-loop
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* correctness
|
* correctness
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-770
|
* external/cwe/cwe-770
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,10 +5,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/improper-null-termination
|
* @id cpp/improper-null-termination
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-170
|
* external/cwe/cwe-170
|
||||||
* external/cwe/cwe-665
|
* external/cwe/cwe-665
|
||||||
|
* security-severity/7.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -13,6 +13,7 @@
|
|||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
import semmle.code.cpp.dataflow.EscapesTree
|
import semmle.code.cpp.dataflow.EscapesTree
|
||||||
|
import semmle.code.cpp.models.interfaces.PointerWrapper
|
||||||
import semmle.code.cpp.dataflow.DataFlow
|
import semmle.code.cpp.dataflow.DataFlow
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -39,6 +40,10 @@ predicate hasNontrivialConversion(Expr e) {
|
|||||||
e instanceof ParenthesisExpr
|
e instanceof ParenthesisExpr
|
||||||
)
|
)
|
||||||
or
|
or
|
||||||
|
// A smart pointer can be stack-allocated while the data it points to is heap-allocated.
|
||||||
|
// So we exclude such "conversions" from this predicate.
|
||||||
|
e = any(PointerWrapper wrapper).getAnUnwrapperFunction().getACallToThisFunction()
|
||||||
|
or
|
||||||
hasNontrivialConversion(e.getConversion())
|
hasNontrivialConversion(e.getConversion())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* as the third argument may result in a buffer overflow.
|
* as the third argument may result in a buffer overflow.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/bad-strncpy-size
|
* @id cpp/bad-strncpy-size
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -13,6 +12,7 @@
|
|||||||
* external/cwe/cwe-676
|
* external/cwe/cwe-676
|
||||||
* external/cwe/cwe-119
|
* external/cwe/cwe-119
|
||||||
* external/cwe/cwe-251
|
* external/cwe/cwe-251
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* as the third argument may result in a buffer overflow.
|
* as the third argument may result in a buffer overflow.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/unsafe-strncat
|
* @id cpp/unsafe-strncat
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -13,6 +12,7 @@
|
|||||||
* external/cwe/cwe-676
|
* external/cwe/cwe-676
|
||||||
* external/cwe/cwe-119
|
* external/cwe/cwe-119
|
||||||
* external/cwe/cwe-251
|
* external/cwe/cwe-251
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,11 +5,11 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/uninitialized-local
|
* @id cpp/uninitialized-local
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-665
|
* external/cwe/cwe-665
|
||||||
* external/cwe/cwe-457
|
* external/cwe/cwe-457
|
||||||
|
* security-severity/7.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* may result in a buffer overflow
|
* may result in a buffer overflow
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/unsafe-strcat
|
* @id cpp/unsafe-strcat
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -13,6 +12,7 @@
|
|||||||
* external/cwe/cwe-676
|
* external/cwe/cwe-676
|
||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
* external/cwe/cwe-251
|
* external/cwe/cwe-251
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
* @id cpp/count-untrusted-data-external-api
|
* @id cpp/count-untrusted-data-external-api
|
||||||
* @kind table
|
* @kind table
|
||||||
* @tags security external/cwe/cwe-20
|
* @tags security external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
* @id cpp/count-untrusted-data-external-api-ir
|
* @id cpp/count-untrusted-data-external-api-ir
|
||||||
* @kind table
|
* @kind table
|
||||||
* @tags security external/cwe/cwe-20
|
* @tags security external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,8 +5,8 @@
|
|||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @precision low
|
* @precision low
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.6
|
|
||||||
* @tags security external/cwe/cwe-20
|
* @tags security external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,8 +5,8 @@
|
|||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @precision low
|
* @precision low
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.6
|
|
||||||
* @tags security external/cwe/cwe-20
|
* @tags security external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* attacker to access unexpected resources.
|
* attacker to access unexpected resources.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/path-injection
|
* @id cpp/path-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
@@ -12,6 +11,7 @@
|
|||||||
* external/cwe/cwe-023
|
* external/cwe/cwe-023
|
||||||
* external/cwe/cwe-036
|
* external/cwe/cwe-036
|
||||||
* external/cwe/cwe-073
|
* external/cwe/cwe-073
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,12 +5,12 @@
|
|||||||
* to command injection.
|
* to command injection.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision low
|
* @precision low
|
||||||
* @id cpp/command-line-injection
|
* @id cpp/command-line-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-078
|
* external/cwe/cwe-078
|
||||||
* external/cwe/cwe-088
|
* external/cwe/cwe-088
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* allows for a cross-site scripting vulnerability.
|
* allows for a cross-site scripting vulnerability.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 6.1
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/cgi-xss
|
* @id cpp/cgi-xss
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-079
|
* external/cwe/cwe-079
|
||||||
|
* security-severity/6.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,11 +5,11 @@
|
|||||||
* to SQL Injection.
|
* to SQL Injection.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/sql-injection
|
* @id cpp/sql-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-089
|
* external/cwe/cwe-089
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,11 +5,11 @@
|
|||||||
* commands.
|
* commands.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.2
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/uncontrolled-process-operation
|
* @id cpp/uncontrolled-process-operation
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-114
|
* external/cwe/cwe-114
|
||||||
|
* security-severity/8.2
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,12 +6,12 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/overflow-buffer
|
* @id cpp/overflow-buffer
|
||||||
* @problem.severity recommendation
|
* @problem.severity recommendation
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-119
|
* external/cwe/cwe-119
|
||||||
* external/cwe/cwe-121
|
* external/cwe/cwe-121
|
||||||
* external/cwe/cwe-122
|
* external/cwe/cwe-122
|
||||||
* external/cwe/cwe-126
|
* external/cwe/cwe-126
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.cpp.security.BufferWrite
|
import semmle.code.cpp.security.BufferWrite
|
||||||
|
|||||||
@@ -5,7 +5,6 @@
|
|||||||
* overflow.
|
* overflow.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.1
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/badly-bounded-write
|
* @id cpp/badly-bounded-write
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -13,6 +12,7 @@
|
|||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
* external/cwe/cwe-787
|
* external/cwe/cwe-787
|
||||||
* external/cwe/cwe-805
|
* external/cwe/cwe-805
|
||||||
|
* security-severity/9.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.cpp.security.BufferWrite
|
import semmle.code.cpp.security.BufferWrite
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* of data written may overflow.
|
* of data written may overflow.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/overrunning-write
|
* @id cpp/overrunning-write
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -12,6 +11,7 @@
|
|||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
* external/cwe/cwe-787
|
* external/cwe/cwe-787
|
||||||
* external/cwe/cwe-805
|
* external/cwe/cwe-805
|
||||||
|
* security-severity/9.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.cpp.security.BufferWrite
|
import semmle.code.cpp.security.BufferWrite
|
||||||
|
|||||||
@@ -5,7 +5,6 @@
|
|||||||
* take extreme values.
|
* take extreme values.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/overrunning-write-with-float
|
* @id cpp/overrunning-write-with-float
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -13,6 +12,7 @@
|
|||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
* external/cwe/cwe-787
|
* external/cwe/cwe-787
|
||||||
* external/cwe/cwe-805
|
* external/cwe/cwe-805
|
||||||
|
* security-severity/9.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.cpp.security.BufferWrite
|
import semmle.code.cpp.security.BufferWrite
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* of data written may overflow.
|
* of data written may overflow.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/unbounded-write
|
* @id cpp/unbounded-write
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -12,6 +11,7 @@
|
|||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
* external/cwe/cwe-787
|
* external/cwe/cwe-787
|
||||||
* external/cwe/cwe-805
|
* external/cwe/cwe-805
|
||||||
|
* security-severity/9.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.cpp.security.BufferWrite
|
import semmle.code.cpp.security.BufferWrite
|
||||||
|
|||||||
@@ -5,12 +5,12 @@
|
|||||||
* a specific value to terminate the argument list.
|
* a specific value to terminate the argument list.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/unterminated-variadic-call
|
* @id cpp/unterminated-variadic-call
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-121
|
* external/cwe/cwe-121
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,9 +6,9 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/unclear-array-index-validation
|
* @id cpp/unclear-array-index-validation
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-129
|
* external/cwe/cwe-129
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,7 +5,6 @@
|
|||||||
* terminator can cause a buffer overrun.
|
* terminator can cause a buffer overrun.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/no-space-for-terminator
|
* @id cpp/no-space-for-terminator
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
@@ -13,6 +12,7 @@
|
|||||||
* external/cwe/cwe-131
|
* external/cwe/cwe-131
|
||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
* external/cwe/cwe-122
|
* external/cwe/cwe-122
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,12 +5,12 @@
|
|||||||
* or data representation problems.
|
* or data representation problems.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/tainted-format-string
|
* @id cpp/tainted-format-string
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-134
|
* external/cwe/cwe-134
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,12 +5,12 @@
|
|||||||
* or data representation problems.
|
* or data representation problems.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cpp/tainted-format-string-through-global
|
* @id cpp/tainted-format-string-through-global
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-134
|
* external/cwe/cwe-134
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,9 +5,9 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/user-controlled-null-termination-tainted
|
* @id cpp/user-controlled-null-termination-tainted
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 5.5
|
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-170
|
* external/cwe/cwe-170
|
||||||
|
* security-severity/5.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,12 +4,12 @@
|
|||||||
* not validated can cause overflows.
|
* not validated can cause overflows.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision low
|
* @precision low
|
||||||
* @id cpp/tainted-arithmetic
|
* @id cpp/tainted-arithmetic
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
* external/cwe/cwe-191
|
* external/cwe/cwe-191
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,12 +4,12 @@
|
|||||||
* validated can cause overflows.
|
* validated can cause overflows.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/uncontrolled-arithmetic
|
* @id cpp/uncontrolled-arithmetic
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
* external/cwe/cwe-191
|
* external/cwe/cwe-191
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,12 +6,12 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/arithmetic-with-extreme-values
|
* @id cpp/arithmetic-with-extreme-values
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision low
|
* @precision low
|
||||||
* @tags security
|
* @tags security
|
||||||
* reliability
|
* reliability
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
* external/cwe/cwe-191
|
* external/cwe/cwe-191
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,13 +5,13 @@
|
|||||||
* @id cpp/comparison-with-wider-type
|
* @id cpp/comparison-with-wider-type
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
* external/cwe/cwe-197
|
* external/cwe/cwe-197
|
||||||
* external/cwe/cwe-835
|
* external/cwe/cwe-835
|
||||||
|
* security-severity/7.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,12 +5,12 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/integer-overflow-tainted
|
* @id cpp/integer-overflow-tainted
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision low
|
* @precision low
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
* external/cwe/cwe-197
|
* external/cwe/cwe-197
|
||||||
* external/cwe/cwe-681
|
* external/cwe/cwe-681
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,12 +4,12 @@
|
|||||||
* user can result in integer overflow.
|
* user can result in integer overflow.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/uncontrolled-allocation-size
|
* @id cpp/uncontrolled-allocation-size
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/unsigned-difference-expression-compared-zero
|
* @id cpp/unsigned-difference-expression-compared-zero
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.2
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @tags security
|
* @tags security
|
||||||
* correctness
|
* correctness
|
||||||
* external/cwe/cwe-191
|
* external/cwe/cwe-191
|
||||||
|
* security-severity/8.2
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,11 +5,11 @@
|
|||||||
* vulnerable to spoofing attacks.
|
* vulnerable to spoofing attacks.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.7
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/user-controlled-bypass
|
* @id cpp/user-controlled-bypass
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-290
|
* external/cwe/cwe-290
|
||||||
|
* security-severity/7.7
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.cpp.security.TaintTracking
|
import semmle.code.cpp.security.TaintTracking
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* to an attacker.
|
* to an attacker.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/cleartext-storage-buffer
|
* @id cpp/cleartext-storage-buffer
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-312
|
* external/cwe/cwe-312
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* to an attacker.
|
* to an attacker.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 6.5
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/cleartext-storage-file
|
* @id cpp/cleartext-storage-file
|
||||||
* @tags security
|
* @tags security
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* database can expose it to an attacker.
|
* database can expose it to an attacker.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 6.5
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/cleartext-storage-database
|
* @id cpp/cleartext-storage-database
|
||||||
* @tags security
|
* @tags security
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* an attacker to compromise security.
|
* an attacker to compromise security.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/weak-cryptographic-algorithm
|
* @id cpp/weak-cryptographic-algorithm
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-327
|
* external/cwe/cwe-327
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,12 +4,12 @@
|
|||||||
* attackers to retrieve portions of memory.
|
* attackers to retrieve portions of memory.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @precision very-high
|
* @precision very-high
|
||||||
* @id cpp/openssl-heartbleed
|
* @id cpp/openssl-heartbleed
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-327
|
* external/cwe/cwe-327
|
||||||
* external/cwe/cwe-788
|
* external/cwe/cwe-788
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -5,11 +5,11 @@
|
|||||||
* the two operations.
|
* the two operations.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.0
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/toctou-race-condition
|
* @id cpp/toctou-race-condition
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-367
|
* external/cwe/cwe-367
|
||||||
|
* security-severity/7.0
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -4,12 +4,12 @@
|
|||||||
* @id cpp/unsafe-create-process-call
|
* @id cpp/unsafe-create-process-call
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @msrc.severity important
|
* @msrc.severity important
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-428
|
* external/cwe/cwe-428
|
||||||
* external/microsoft/C6277
|
* external/microsoft/C6277
|
||||||
|
* security-severity/7.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,11 +6,11 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/incorrect-string-type-conversion
|
* @id cpp/incorrect-string-type-conversion
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-704
|
* external/cwe/cwe-704
|
||||||
* external/microsoft/c/c6276
|
* external/microsoft/c/c6276
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -3,11 +3,11 @@
|
|||||||
* @description Creating a file that is world-writable can allow an attacker to write to the file.
|
* @description Creating a file that is world-writable can allow an attacker to write to the file.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cpp/world-writable-file-creation
|
* @id cpp/world-writable-file-creation
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-732
|
* external/cwe/cwe-732
|
||||||
|
* security-severity/7.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -7,11 +7,11 @@
|
|||||||
* @id cpp/unsafe-dacl-security-descriptor
|
* @id cpp/unsafe-dacl-security-descriptor
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 7.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-732
|
* external/cwe/cwe-732
|
||||||
* external/microsoft/C6248
|
* external/microsoft/C6248
|
||||||
|
* security-severity/7.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,9 +6,9 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/infinite-loop-with-unsatisfiable-exit-condition
|
* @id cpp/infinite-loop-with-unsatisfiable-exit-condition
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-835
|
* external/cwe/cwe-835
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,10 +6,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/redundant-null-check-param
|
* @id cpp/redundant-null-check-param
|
||||||
* @problem.severity recommendation
|
* @problem.severity recommendation
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-476
|
* external/cwe/cwe-476
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -6,11 +6,11 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/late-check-of-function-argument
|
* @id cpp/late-check-of-function-argument
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.6
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @tags correctness
|
* @tags correctness
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-20
|
* external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -3,11 +3,11 @@
|
|||||||
* @description Use of one of the scanf functions without a specified length.
|
* @description Use of one of the scanf functions without a specified length.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @id cpp/memory-unsafe-function-scan
|
* @id cpp/memory-unsafe-function-scan
|
||||||
* @tags reliability
|
* @tags reliability
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-120
|
* external/cwe/cwe-120
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -3,12 +3,12 @@
|
|||||||
* @description Using a multiplication result that may overflow in the size of an allocation may lead to buffer overflows when the allocated memory is used.
|
* @description Using a multiplication result that may overflow in the size of an allocation may lead to buffer overflows when the allocated memory is used.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision low
|
* @precision low
|
||||||
* @tags security
|
* @tags security
|
||||||
* correctness
|
* correctness
|
||||||
* external/cwe/cwe-190
|
* external/cwe/cwe-190
|
||||||
* external/cwe/cwe-128
|
* external/cwe/cwe-128
|
||||||
|
* security-severity/8.1
|
||||||
* @id cpp/multiplication-overflow-in-alloc
|
* @id cpp/multiplication-overflow-in-alloc
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|||||||
@@ -6,10 +6,10 @@
|
|||||||
* from these methods is not checked.
|
* from these methods is not checked.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity recommendation
|
* @problem.severity recommendation
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @id cpp/drop-linux-privileges-outoforder
|
* @id cpp/drop-linux-privileges-outoforder
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-273
|
* external/cwe/cwe-273
|
||||||
|
* security-severity/9.8
|
||||||
* @precision medium
|
* @precision medium
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|||||||
@@ -5,11 +5,11 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cpp/memory-leak-on-failed-call-to-realloc
|
* @id cpp/memory-leak-on-failed-call-to-realloc
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.5
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @tags correctness
|
* @tags correctness
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-401
|
* external/cwe/cwe-401
|
||||||
|
* security-severity/7.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import cpp
|
import cpp
|
||||||
|
|||||||
@@ -189,3 +189,30 @@ int *&conversionInFlow() {
|
|||||||
int *&pRef = p; // has conversion in the middle of data flow
|
int *&pRef = p; // has conversion in the middle of data flow
|
||||||
return pRef; // BAD [NOT DETECTED]
|
return pRef; // BAD [NOT DETECTED]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
namespace std {
|
||||||
|
template<typename T>
|
||||||
|
class shared_ptr {
|
||||||
|
public:
|
||||||
|
shared_ptr() noexcept;
|
||||||
|
explicit shared_ptr(T*);
|
||||||
|
shared_ptr(const shared_ptr&) noexcept;
|
||||||
|
template<class U> shared_ptr(const shared_ptr<U>&) noexcept;
|
||||||
|
template<class U> shared_ptr(shared_ptr<U>&&) noexcept;
|
||||||
|
|
||||||
|
shared_ptr<T>& operator=(const shared_ptr<T>&) noexcept;
|
||||||
|
shared_ptr<T>& operator=(shared_ptr<T>&&) noexcept;
|
||||||
|
|
||||||
|
T& operator*() const noexcept;
|
||||||
|
T* operator->() const noexcept;
|
||||||
|
|
||||||
|
T* get() const noexcept;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
auto make_read_port()
|
||||||
|
{
|
||||||
|
auto port = std::shared_ptr<int>(new int);
|
||||||
|
auto ptr = port.get();
|
||||||
|
return ptr; // GOOD
|
||||||
|
}
|
||||||
@@ -3,12 +3,12 @@
|
|||||||
* @description Finds empty passwords in configuration files.
|
* @description Finds empty passwords in configuration files.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/empty-password-in-configuration
|
* @id cs/empty-password-in-configuration
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-258
|
* external/cwe/cwe-258
|
||||||
* external/cwe/cwe-862
|
* external/cwe/cwe-862
|
||||||
|
* security-severity/8.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -3,13 +3,13 @@
|
|||||||
* @description Finds passwords in configuration files.
|
* @description Finds passwords in configuration files.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 6.5
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/password-in-configuration
|
* @id cs/password-in-configuration
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-13
|
* external/cwe/cwe-13
|
||||||
* external/cwe/cwe-256
|
* external/cwe/cwe-256
|
||||||
* external/cwe/cwe-313
|
* external/cwe/cwe-313
|
||||||
|
* security-severity/6.5
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -3,13 +3,13 @@
|
|||||||
* @description Finds uses of file upload
|
* @description Finds uses of file upload
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity recommendation
|
* @problem.severity recommendation
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/web/file-upload
|
* @id cs/web/file-upload
|
||||||
* @tags security
|
* @tags security
|
||||||
* maintainability
|
* maintainability
|
||||||
* frameworks/asp.net
|
* frameworks/asp.net
|
||||||
* external/cwe/cwe-434
|
* external/cwe/cwe-434
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -5,12 +5,12 @@
|
|||||||
* but under some circumstances may also result in incorrect results.
|
* but under some circumstances may also result in incorrect results.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.0
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/thread-unsafe-icryptotransform-field-in-class
|
* @id cs/thread-unsafe-icryptotransform-field-in-class
|
||||||
* @tags concurrency
|
* @tags concurrency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-362
|
* external/cwe/cwe-362
|
||||||
|
* security-severity/7.0
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -6,12 +6,12 @@
|
|||||||
* but under some circumstances may also result in incorrect results.
|
* but under some circumstances may also result in incorrect results.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.0
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/thread-unsafe-icryptotransform-captured-in-lambda
|
* @id cs/thread-unsafe-icryptotransform-captured-in-lambda
|
||||||
* @tags concurrency
|
* @tags concurrency
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-362
|
* external/cwe/cwe-362
|
||||||
|
* security-severity/7.0
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* denial-of-service attacks.
|
* denial-of-service attacks.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.1
|
|
||||||
* @id cs/web/large-max-request-length
|
* @id cs/web/large-max-request-length
|
||||||
* @tags security
|
* @tags security
|
||||||
* frameworks/asp.net
|
* frameworks/asp.net
|
||||||
* external/cwe/cwe-16
|
* external/cwe/cwe-16
|
||||||
|
* security-severity/7.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -3,11 +3,11 @@
|
|||||||
* @description ASP.NET pages should not disable the built-in request validation.
|
* @description ASP.NET pages should not disable the built-in request validation.
|
||||||
* @kind problem
|
* @kind problem
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.1
|
|
||||||
* @id cs/web/request-validation-disabled
|
* @id cs/web/request-validation-disabled
|
||||||
* @tags security
|
* @tags security
|
||||||
* frameworks/asp.net
|
* frameworks/asp.net
|
||||||
* external/cwe/cwe-16
|
* external/cwe/cwe-16
|
||||||
|
* security-severity/7.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -6,9 +6,9 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cs/insecure-request-validation-mode
|
* @id cs/insecure-request-validation-mode
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 7.1
|
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-016
|
* external/cwe/cwe-016
|
||||||
|
* security-severity/7.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
* @id csharp/count-untrusted-data-external-api
|
* @id csharp/count-untrusted-data-external-api
|
||||||
* @kind table
|
* @kind table
|
||||||
* @tags security external/cwe/cwe-20
|
* @tags security external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,10 +4,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cs/serialization-check-bypass
|
* @id cs/serialization-check-bypass
|
||||||
* @problem.severity warning
|
* @problem.severity warning
|
||||||
* @problem.security-severity 8.6
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-20
|
* external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import semmle.code.csharp.serialization.Serialization
|
import semmle.code.csharp.serialization.Serialization
|
||||||
|
|||||||
@@ -5,8 +5,8 @@
|
|||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @precision low
|
* @precision low
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.6
|
|
||||||
* @tags security external/cwe/cwe-20
|
* @tags security external/cwe/cwe-20
|
||||||
|
* security-severity/8.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -3,7 +3,6 @@
|
|||||||
* @description Accessing paths influenced by users can allow an attacker to access unexpected resources.
|
* @description Accessing paths influenced by users can allow an attacker to access unexpected resources.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/path-injection
|
* @id cs/path-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
@@ -12,6 +11,7 @@
|
|||||||
* external/cwe/cwe-036
|
* external/cwe/cwe-036
|
||||||
* external/cwe/cwe-073
|
* external/cwe/cwe-073
|
||||||
* external/cwe/cwe-099
|
* external/cwe/cwe-099
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -6,10 +6,10 @@
|
|||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @id cs/zipslip
|
* @id cs/zipslip
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-022
|
* external/cwe/cwe-022
|
||||||
|
* security-severity/8.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,13 +4,13 @@
|
|||||||
* user to change the meaning of the command.
|
* user to change the meaning of the command.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/command-line-injection
|
* @id cs/command-line-injection
|
||||||
* @tags correctness
|
* @tags correctness
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-078
|
* external/cwe/cwe-078
|
||||||
* external/cwe/cwe-088
|
* external/cwe/cwe-088
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,13 +4,13 @@
|
|||||||
* user to change the meaning of the command.
|
* user to change the meaning of the command.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/stored-command-line-injection
|
* @id cs/stored-command-line-injection
|
||||||
* @tags correctness
|
* @tags correctness
|
||||||
* security
|
* security
|
||||||
* external/cwe/cwe-078
|
* external/cwe/cwe-078
|
||||||
* external/cwe/cwe-088
|
* external/cwe/cwe-088
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,12 +4,12 @@
|
|||||||
* scripting vulnerability if the data was originally user-provided.
|
* scripting vulnerability if the data was originally user-provided.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 6.1
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/web/stored-xss
|
* @id cs/web/stored-xss
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-079
|
* external/cwe/cwe-079
|
||||||
* external/cwe/cwe-116
|
* external/cwe/cwe-116
|
||||||
|
* security-severity/6.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,12 +4,12 @@
|
|||||||
* allows for a cross-site scripting vulnerability.
|
* allows for a cross-site scripting vulnerability.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 6.1
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/web/xss
|
* @id cs/web/xss
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-079
|
* external/cwe/cwe-079
|
||||||
* external/cwe/cwe-116
|
* external/cwe/cwe-116
|
||||||
|
* security-severity/6.1
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* of malicious SQL code by the user.
|
* of malicious SQL code by the user.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/second-order-sql-injection
|
* @id cs/second-order-sql-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-089
|
* external/cwe/cwe-089
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* malicious SQL code by the user.
|
* malicious SQL code by the user.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/sql-injection
|
* @id cs/sql-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-089
|
* external/cwe/cwe-089
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* malicious LDAP code by the user.
|
* malicious LDAP code by the user.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 5.4
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/ldap-injection
|
* @id cs/ldap-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* insertion of malicious LDAP code by the user.
|
* insertion of malicious LDAP code by the user.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 5.4
|
|
||||||
* @precision medium
|
* @precision medium
|
||||||
* @id cs/stored-ldap-injection
|
* @id cs/stored-ldap-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
|
|||||||
@@ -5,10 +5,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cs/xml-injection
|
* @id cs/xml-injection
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-091
|
* external/cwe/cwe-091
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,13 +4,13 @@
|
|||||||
* malicious code.
|
* malicious code.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/code-injection
|
* @id cs/code-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-094
|
* external/cwe/cwe-094
|
||||||
* external/cwe/cwe-095
|
* external/cwe/cwe-095
|
||||||
* external/cwe/cwe-096
|
* external/cwe/cwe-096
|
||||||
|
* security-severity/9.8
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,7 +4,6 @@
|
|||||||
* malicious user providing an unintended resource.
|
* malicious user providing an unintended resource.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 9.8
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/resource-injection
|
* @id cs/resource-injection
|
||||||
* @tags security
|
* @tags security
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* schema.
|
* schema.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity recommendation
|
* @problem.severity recommendation
|
||||||
* @problem.security-severity 4.3
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/xml/missing-validation
|
* @id cs/xml/missing-validation
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-112
|
* external/cwe/cwe-112
|
||||||
|
* security-severity/4.3
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -6,10 +6,10 @@
|
|||||||
* @kind problem
|
* @kind problem
|
||||||
* @id cs/assembly-path-injection
|
* @id cs/assembly-path-injection
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 8.2
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-114
|
* external/cwe/cwe-114
|
||||||
|
* security-severity/8.2
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
* insertion of forged log entries by a malicious user.
|
* insertion of forged log entries by a malicious user.
|
||||||
* @kind path-problem
|
* @kind path-problem
|
||||||
* @problem.severity error
|
* @problem.severity error
|
||||||
* @problem.security-severity 5.3
|
|
||||||
* @precision high
|
* @precision high
|
||||||
* @id cs/log-forging
|
* @id cs/log-forging
|
||||||
* @tags security
|
* @tags security
|
||||||
* external/cwe/cwe-117
|
* external/cwe/cwe-117
|
||||||
|
* security-severity/5.3
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import csharp
|
import csharp
|
||||||
|
|||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user