hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 08:37:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
c7976d5090cfd74f447719945f00a3eb7f2ba7ae
codeql/cpp/ql/test/query-tests/Security/CWE
History
Ben Rodes 939b2181d4 Wchar fp fixes (#107) 
* Adding tests and updated expected file with false positives to correct.

(cherry picked from commit 26e58532ee)

* Modifications to the query to address false positives.

(cherry picked from commit cc24f1ed9f)

* Updating expected file, false positives now resolved.

(cherry picked from commit 92c8d39ba3)

* Correct comment.

(cherry picked from commit 338ab96593)

* Changing from hasIntermediateType to getABaseType.

(cherry picked from commit c4737c7fbb)

* Switching to looking for explicit declaration of unsigned char, to avoid cases where unsigned char is the default char width for `char`.

(cherry picked from commit 51e787b316)

* Altering ordering for exists statement to be clearer.

(cherry picked from commit 31324fc778)

* Altering exists predicate ordering to be clearer.

(cherry picked from commit c91f7f4918)

* Changing name of predicate to be clearer, and removing an unused parameter.

(cherry picked from commit 318e75c094)

* Removing unnecessary bracket/singleton set literal.

(cherry picked from commit 162519185d)

* Formatting.

(cherry picked from commit c496503053)
2024-10-01 09:51:10 -04:00
..
CWE-014
C++: Make the tests more realistic by actually using the local variable for something. Otherwise it looks like a zero-initialization of a buffer, which the query now tries to exclude.
2021-02-26 09:19:05 +01:00
CWE-022
apply suggestions from code review, and the examples to the test
2024-05-08 19:34:50 +02:00
CWE-078
C++: Accept qltest .expected file changes.
2024-05-22 15:36:30 +02:00
CWE-079/semmle/CgiXss
C++: Accept test changes in paths.
2024-04-16 11:09:22 +01:00
CWE-089/SqlTainted
C++: Accept test changes in paths.
2024-04-16 11:09:22 +01:00
CWE-114
C++: Accept test changes.
2024-04-18 12:33:27 +01:00
CWE-119
2.19.0 upgrade
2024-09-18 14:28:42 -07:00
CWE-120/semmle
C++: Add empty provenance column to expected files.
2024-02-09 11:32:08 +01:00
CWE-121/semmle/tests
C++: Make the tests use more repetitions.
2022-10-06 09:14:24 +01:00
CWE-129
C++: Accept test changes in paths.
2024-04-16 11:09:22 +01:00
CWE-131/NoSpaceForZeroTerminator
C++: Update the queries.
2023-01-05 11:33:58 +00:00
CWE-134
C++: Accept test changes.
2024-04-18 12:33:27 +01:00
CWE-190
2.19.0 upgrade
2024-09-18 14:28:42 -07:00
CWE-191/UnsignedDifferenceExpressionComparedZero
C++: Accept test changes.
2024-07-16 13:05:45 +01:00
CWE-193
C++: Accept qltest .expected file changes.
2024-05-22 15:36:30 +02:00
CWE-197/SAMATE/IntegerOverflowTainted
C++: Accept test changes.
2023-11-16 13:54:13 +00:00
CWE-242/semmle/tests
C++: Fix pointer/pointee conflation and handle flow through '++' when tracking indirect flow.
2022-10-24 14:23:43 +02:00
CWE-253
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-290/semmle/AuthenticationBypass
C++: Accept test changes.
2024-04-18 12:33:27 +01:00
CWE-295
Merge pull request #7243 from geoffw0/sslquery2
2021-12-01 15:02:19 +00:00
CWE-311/semmle/tests
C++: Accept test changes.
2024-04-18 12:33:27 +01:00
CWE-319/UseOfHttp
C++: Accept test changes.
2024-04-18 12:33:27 +01:00
CWE-326
C++: Map operand nodes that are only used once onto the related instruction node
2023-02-07 14:17:54 +01:00
CWE-327
C++: Repair funcion call in a function call.
2021-06-17 14:33:16 +01:00
CWE-367/semmle
C++: Add test annotation
2023-12-04 17:53:08 +01:00
CWE-416/semmle/tests
C++: Add 'cpp/iterator-to-expired-container' FP.
2024-07-09 11:24:18 +01:00
CWE-428
C++: Typos.
2022-02-22 14:33:11 +00:00
CWE-457/semmle
2.19.0 upgrade
2024-09-18 14:28:42 -07:00
CWE-468/semmle
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-497
C++: Accept test changes. Nothing exciting to see here.
2024-06-21 14:04:06 +01:00
CWE-570
2.19.0 upgrade
2024-09-18 14:28:42 -07:00
CWE-611
C++: Accept qltest .expected file changes (interesting).
2024-05-22 15:35:28 +02:00
CWE-676
C++: Ignore gets'es with incorrect parameter counts
2024-06-04 11:15:07 +02:00
CWE-704
Wchar fp fixes (#107)
2024-10-01 09:51:10 -04:00
CWE-732
CPP: update expected output
2022-09-23 14:45:59 +02:00
CWE-764/semmle/tests
C++: Add mutex test case.
2021-03-30 15:39:21 +01:00
CWE-772
update the alert-message of cpp/file-may-not-be-closed based on feedback
2022-09-23 14:46:00 +02:00
CWE-807/semmle/TaintedCondition
C++: Accept test changes.
2024-04-18 12:33:27 +01:00
CWE-835/semmle/InfiniteLoopWithUnsatisfiableExitCondition
CPP: Add the Semmle security tests.
2018-11-26 17:52:34 +00:00
CWE-843
C++: Accept test changes.
2024-04-18 12:33:27 +01:00
README.md
C++: Subsection header.
2021-09-13 14:10:17 +01:00

README.md

CWE specific security tests

Source from the Juliet Test Suite

Some of the the files in these tests contain source code copied or derived from the public domain "Juliet Test Suite for C/C++" (provided by NIST / SAMATE Team at https://samate.nist.gov/SARD/testsuite.php). Such tests are typically in subdirectories named "SAMATE".