hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ad7fb9c061cb38304af413272eeec87401195ae1
codeql/cpp/ql/lib/change-notes/released/5.0.0.md
github-actions[bot] bfb91e95e3 Release preparation for version 2.21.4
2025-05-27 17:22:05 +00:00

1.4 KiB
Raw Blame History

5.0.0

Breaking Changes

  • Deleted the deprecated userInputArgument predicate and its convenience accessor from the Security.qll.
  • Deleted the deprecated userInputReturned predicate and its convenience accessor from the Security.qll.
  • Deleted the deprecated userInputReturn predicate from the Security.qll.
  • Deleted the deprecated isUserInput predicate and its convenience accessor from the Security.qll.
  • Deleted the deprecated userInputArgument predicate from the SecurityOptions.qll.
  • Deleted the deprecated userInputReturned predicate from the SecurityOptions.qll.

New Features

  • Added local flow source models for ReadFile, ReadFileEx, MapViewOfFile, MapViewOfFile2, MapViewOfFile3, MapViewOfFile3FromApp, MapViewOfFileEx, MapViewOfFileFromApp, MapViewOfFileNuma2, and NtReadFile.
  • Added the pCmdLine arguments of WinMain and wWinMain as local flow sources.
  • Added source models for GetCommandLineA, GetCommandLineW, GetEnvironmentStringsA, GetEnvironmentStringsW, GetEnvironmentVariableA, and GetEnvironmentVariableW.
  • Added summary models for CommandLineToArgvA and CommandLineToArgvW.
  • Added support for wmain as part of the ArgvSource model.

Bug Fixes

  • Fixed a problem where asExpr() on DataFlow::Node would never return ArrayAggregateLiterals.
  • Fixed a problem where asExpr() on DataFlow::Node would never return ClassAggregateLiterals.