hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
5280d69500eb2d573bbbec5b5da006ab2cfa89fd
codeql/cpp/ql/test/query-tests/Security/CWE
History
Mathias Vorreiter Pedersen 18c0bcec0b Merge pull request #14669 from MathiasVP/no-dtt-in-unbounded-write 
C++: Rewrite `cpp/unbounded-write` away from `DefaultTaintTracking`
2023-11-10 15:08:42 +00:00
..
CWE-014
C++: Make the tests more realistic by actually using the local variable for something. Otherwise it looks like a zero-initialization of a buffer, which the query now tries to exclude.
2021-02-26 09:19:05 +01:00
CWE-022
CPP: Update tests for argv change
2023-08-25 13:05:10 +01:00
CWE-078
C++: Accept path changes.
2023-10-30 12:44:30 +00:00
CWE-079/semmle/CgiXss
C++: Rewrite cpp/cgi-xss to not use default taint tracking
2023-10-10 11:56:39 +02:00
CWE-089/SqlTainted
Adding sql injection test for ODBC.
2023-11-02 13:27:42 -04:00
CWE-114
C++: Fix hasRemoteFlowSource for fgets
2023-11-10 11:56:23 +01:00
CWE-119
C++: Accept path changes.
2023-10-30 12:44:30 +00:00
CWE-120/semmle
C++: Rewrite 'cpp/unbounded-write' away from DefaultTaintTracking.
2023-11-08 14:57:04 +00:00
CWE-121/semmle/tests
C++: Make the tests use more repetitions.
2022-10-06 09:14:24 +01:00
CWE-129
CPP: Update tests for argv change
2023-08-25 13:05:10 +01:00
CWE-131/NoSpaceForZeroTerminator
C++: Update the queries.
2023-01-05 11:33:58 +00:00
CWE-134
C++: Update expected test changes after frontend update
2023-10-19 10:45:13 +02:00
CWE-190
C++: Update expected test results after outputting less loads from the extractor
2023-10-19 10:45:14 +02:00
CWE-191/UnsignedDifferenceExpressionComparedZero
C++: Add more dataflow cases to replace the loss.
2021-04-13 15:09:12 +01:00
CWE-193
C++: Accept test changes.
2023-11-07 14:57:30 +00:00
CWE-197/SAMATE/IntegerOverflowTainted
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-242/semmle/tests
C++: Fix pointer/pointee conflation and handle flow through '++' when tracking indirect flow.
2022-10-24 14:23:43 +02:00
CWE-253
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-290/semmle/AuthenticationBypass
Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow
2023-01-23 15:49:36 +00:00
CWE-295
Merge pull request #7243 from geoffw0/sslquery2
2021-12-01 15:02:19 +00:00
CWE-311/semmle/tests
C++: When we generate a string for the node we avoid multiple results by only using the 0'th result from the 'asExpr' predicate. However, when we want to convert between nodes and expressions we don't care about which one we get.
2023-09-01 14:04:52 +01:00
CWE-319/UseOfHttp
C++: Use the index to to get the 'most converted' and 'least converted' instruction in a bunch of places.
2023-09-01 13:47:06 +01:00
CWE-326
C++: Map operand nodes that are only used once onto the related instruction node
2023-02-07 14:17:54 +01:00
CWE-327
C++: Repair funcion call in a function call.
2021-06-17 14:33:16 +01:00
CWE-367/semmle
C++: Add tests.
2021-10-08 14:30:27 +01:00
CWE-416/semmle/tests
Merge branch 'main' into deduplicate-dataflow-results-take-3
2023-09-11 09:55:11 +01:00
CWE-428
C++: Typos.
2022-02-22 14:33:11 +00:00
CWE-457/semmle
C++: Add some more tests.
2023-11-07 17:31:01 +00:00
CWE-468/semmle
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-497
C++: Accept test changes.
2023-10-31 11:18:35 +00:00
CWE-570
Update cpp/ql/test/query-tests/Security/CWE/CWE-570/test.cpp
2021-08-11 16:18:18 +02:00
CWE-611
C++: Accept path changes.
2023-10-30 12:44:30 +00:00
CWE-676
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-704
Updates based on feedback
2018-10-02 11:17:23 -07:00
CWE-732
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-764/semmle/tests
C++: Add mutex test case.
2021-03-30 15:39:21 +01:00
CWE-772
update the alert-message of cpp/file-may-not-be-closed based on feedback
2022-09-23 14:46:00 +02:00
CWE-807/semmle/TaintedCondition
Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow
2022-11-07 15:03:26 +01:00
CWE-835/semmle/InfiniteLoopWithUnsatisfiableExitCondition
CPP: Add the Semmle security tests.
2018-11-26 17:52:34 +00:00
README.md
C++: Subsection header.
2021-09-13 14:10:17 +01:00

README.md

CWE specific security tests

Source from the Juliet Test Suite

Some of the the files in these tests contain source code copied or derived from the public domain "Juliet Test Suite for C/C++" (provided by NIST / SAMATE Team at https://samate.nist.gov/SARD/testsuite.php). Such tests are typically in subdirectories named "SAMATE".