hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-08 07:01:36 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ec336a0334009a4a28aebcb7e46faa008dc3eb63
codeql/cpp/ql/src/change-notes/released/0.0.9.md
Arthur Baars 58a2597c3a C++: move change note lines to correct query pack
2022-02-11 09:52:36 +01:00

1018 B
Raw Blame History

0.0.9

New Queries

  • Added a new query, cpp/open-call-with-mode-argument, to detect when open or openat is called with the O_CREAT or O_TMPFILE flag but when the mode argument is omitted.

Minor Analysis Improvements

  • The "Cleartext transmission of sensitive information" (cpp/cleartext-transmission) query has been further improved to reduce false positive results, and upgraded from medium to high precision.
  • The "Cleartext transmission of sensitive information" (cpp/cleartext-transmission) query now finds more results, where a password is stored in a struct field or class member variable.
  • The cpp/cleartext-storage-file query has been improved, removing false positives where data is written to a standard output stream.
  • The cpp/cleartext-storage-buffer query has been updated to use the semmle.code.cpp.dataflow.TaintTracking library.
  • The cpp/world-writable-file-creation query now only detects open and openat calls with the O_CREAT or O_TMPFILE flag.