codeql/cpp/ql/src/change-notes/released/0.4.0.md

0.4.0

New Queries

• Added a new medium-precision query, cpp/missing-check-scanf, which detects scanf output variables that are used without a proper return-value check to see that they were actually written. A variation of this query was originally contributed as an experimental query by @ihsinme.

Minor Analysis Improvements

• Modernizations from "Cleartext storage of sensitive information in buffer" (cpp/cleartext-storage-buffer) have been ported to the "Cleartext storage of sensitive information in file" (cpp/cleartext-storage-file), "Cleartext transmission of sensitive information" (cpp/cleartext-transmission) and "Cleartext storage of sensitive information in an SQLite database" (cpp/cleartext-storage-database) queries. These changes may result in more correct results and fewer false positive results from these queries.
• The alert message of many queries have been changed to make the message consistent with other languages.