hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
54cd173da8ff558f6b70b7896544cf1ae5f674e5
codeql/change-notes/1.19/analysis-cpp.md
Jonas Jensen 54cd173da8 C++: Changelog entries for two new queries
2018-10-01 13:41:44 +02:00

1.3 KiB
Raw Blame History

Improvements to C/C++ analysis

General improvements

New queries

Query Tags Purpose
Cast between HRESULT and a Boolean type (cpp/hresult-boolean-conversion) external/cwe/cwe-253 Finds logic errors caused by mistakenly treating the Windows HRESULT type as a Boolean instead of testing it with the appropriate macros. Enabled by default.
Setting a DACL to NULL in a SECURITY_DESCRIPTOR (cpp/unsafe-dacl-security-descriptor) external/cwe/cwe-732 This query finds code that creates world-writable objects on Windows by setting their DACL to NULL. Enabled by default.

Changes to existing queries

Query Expected impact Change
Resource not released in destructor Fewer false positive results Placement new is now excluded from the query.

Changes to QL libraries

  • Added a hash consing library for structural comparison of expressions.