hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-22 15:36:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2d509eb345b69bbafe5244aa46bc14acfcc5bd2f
codeql/cpp/ql/src/CHANGELOG.md
Arthur Baars 58a2597c3a C++: move change note lines to correct query pack
2022-02-11 09:52:36 +01:00

2.9 KiB
Raw Blame History

0.0.9

New Queries

  • Added a new query, cpp/open-call-with-mode-argument, to detect when open or openat is called with the O_CREAT or O_TMPFILE flag but when the mode argument is omitted.

Minor Analysis Improvements

  • The "Cleartext transmission of sensitive information" (cpp/cleartext-transmission) query has been further improved to reduce false positive results, and upgraded from medium to high precision.
  • The "Cleartext transmission of sensitive information" (cpp/cleartext-transmission) query now finds more results, where a password is stored in a struct field or class member variable.
  • The cpp/cleartext-storage-file query has been improved, removing false positives where data is written to a standard output stream.
  • The cpp/cleartext-storage-buffer query has been updated to use the semmle.code.cpp.dataflow.TaintTracking library.
  • The cpp/world-writable-file-creation query now only detects open and openat calls with the O_CREAT or O_TMPFILE flag.

0.0.8

New Queries

  • The security tag has been added to the cpp/return-stack-allocated-memory query. As a result, its results will now appear by default.
  • The "Uncontrolled data in arithmetic expression" (cpp/uncontrolled-arithmetic) query has been enhanced to reduce false positive results and its @precision increased to high.
  • A new cpp/very-likely-overruning-write query has been added to the default query suite for C/C++. The query reports some results that were formerly flagged by cpp/overruning-write.

Minor Analysis Improvements

  • Fix an issue with the cpp/declaration-hides-variable query where it would report variables that are unnamed in a database.
  • The cpp/cleartext-storage-file query has been upgraded with non-local taint flow and has been converted to a path-problem query.
  • The cpp/return-stack-allocated-memory query has been improved to produce fewer false positives. The query has also been converted to a path-problem query.
  • The "Cleartext transmission of sensitive information" (cpp/cleartext-transmission) query has been improved in several ways to reduce false positive results.
  • The "Potential improper null termination" (cpp/improper-null-termination) query now produces fewer false positive results around control flow branches and loops.
  • Added exception for GLib's gboolean to cpp/ambiguously-signed-bit-field. This change reduces the number of false positives in the query.

0.0.7

0.0.6

0.0.5

New Queries

  • A new query cpp/certificate-not-checked has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.
  • A new query cpp/certificate-result-conflation has been added for C/C++. The query flags unsafe use of OpenSSL and similar libraries.

0.0.4

New Queries

  • A new query cpp/non-https-url has been added for C/C++. The query flags uses of http URLs that might be better replaced with https.