mirror of
https://github.com/acidanthera/audk.git
synced 2025-05-14 19:40:09 +02:00
d461137e22
Updates the CodeQL queries opted into by edk2 to a set of queries from the standard CodeQL query package `codeql/cpp-queries`. After testing a large number of queries the included set here were found to be the most useful with the least number of false positives. Some queries had a number of issues that led to them being placed on the exclusion list so that they are not considered in the future without the notes there being taken into account. General details about queries available in the pack are available here: https://codeql.github.com/codeql-query-help/cpp/ The issues found by these queries will need to be fixed over time. In the meantime, the results will show to those that have permission in the repo's GitHub Code Scanning area. The build will not fail due to CodeQL issues (since they are not all fixed) but that can be enabled in the future. Cc: Bob Feng <bob.c.feng@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Yuwei Chen <yuwei.chen@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Reviewed-by: Sean Brogan <sean.brogan@microsoft.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
119 lines
3.6 KiB
Plaintext
119 lines
3.6 KiB
Plaintext
---
|
|
- description: C++ queries
|
|
|
|
- queries: '.'
|
|
from: codeql/cpp-queries
|
|
|
|
##########################################################################################
|
|
# Queries
|
|
##########################################################################################
|
|
|
|
## Errors
|
|
- include:
|
|
id: cpp/badoverflowguard
|
|
- include:
|
|
id: cpp/infiniteloop
|
|
- include:
|
|
id: cpp/likely-bugs/memory-management/v2/conditionally-uninitialized-variable
|
|
- include:
|
|
id: cpp/missing-null-test
|
|
- include:
|
|
id: cpp/missing-return
|
|
- include:
|
|
id: cpp/no-space-for-terminator
|
|
- include:
|
|
id: cpp/pointer-overflow-check
|
|
- include:
|
|
id: cpp/redundant-null-check-simple
|
|
- include:
|
|
id: cpp/sizeof/const-int-argument
|
|
- include:
|
|
id: cpp/sizeof/sizeof-or-operation-as-argument
|
|
- include:
|
|
id: cpp/unguardednullreturndereferenc
|
|
- include:
|
|
id: cpp/very-likely-overrunning-write
|
|
|
|
## Warnings
|
|
- include:
|
|
id: cpp/comparison-with-wider-type
|
|
- include:
|
|
id: cpp/conditionallyuninitializedvariable
|
|
- include:
|
|
id: cpp/comparison-precedence
|
|
- include:
|
|
id: cpp/implicit-bitfield-downcast
|
|
- include:
|
|
id: cpp/infinite-loop-with-unsatisfiable-exit-condition
|
|
- include:
|
|
id: cpp/offset-use-before-range-check
|
|
- include:
|
|
id: cpp/overflow-buffer
|
|
- include:
|
|
id: cpp/overflow-calculated
|
|
- include:
|
|
id: cpp/overflow-destination
|
|
- include:
|
|
id: cpp/paddingbyteinformationdisclosure
|
|
- include:
|
|
id: cpp/return-stack-allocated-memory
|
|
- include:
|
|
id: cpp/static-buffer-overflow
|
|
- include:
|
|
id: cpp/unsigned-comparison-zero
|
|
- include:
|
|
id: cpp/uselesstest
|
|
|
|
## Recommendations
|
|
- include:
|
|
id: cpp/missing-header-guard
|
|
- include:
|
|
id: cpp/unused-local-variable
|
|
- include:
|
|
id: cpp/unused-static-function
|
|
- include:
|
|
id: cpp/unused-static-variable
|
|
|
|
# Note: Some queries above are not active by default with the below filter.
|
|
# Update the filter and run the queries again to get all results.
|
|
- include:
|
|
tags:
|
|
- "security"
|
|
- "correctness"
|
|
severity:
|
|
- "error"
|
|
- "warning"
|
|
- "recommendation"
|
|
|
|
# Specifically hide the results of these.
|
|
#
|
|
# The following rules have been evaluated and explicitly not included for the following reasons:
|
|
# - `cpp/allocation-too-small` - Appears to be hardcoded for C standard library functions `malloc`, `calloc`,
|
|
# `realloc`, so it consumes time without much value with custom allocation functions in the codebase.
|
|
# - `cpp/commented-out-code` - Triggers often. Needs further review.
|
|
# - `cpp/duplicate-include-guard` - The <Phase>EntryPoint.h files includes a common include guard value
|
|
# `__MODULE_ENTRY_POINT_H__`. This was the only occurrence found. So not very useful.
|
|
# - `cpp/invalid-pointer-deref` - Very limited results with what appear to be false positives.
|
|
# - `cpp/use-of-goto` - Goto is valid and allowed in the codebase.
|
|
# - `cpp/useless-expression` - Triggers too often on cases where a NULL lib implementation is provided for a function.
|
|
# Because the implementation simply returns, the check considers it useless.
|
|
# - `cpp/weak-crypto/*` - Crypto algorithms are tracked outside CodeQL.
|
|
- exclude:
|
|
id: cpp/allocation-too-small
|
|
- exclude:
|
|
id: cpp/commented-out-code
|
|
- exclude:
|
|
id: cpp/duplicate-include-guard
|
|
- exclude:
|
|
id: cpp/invalid-pointer-deref
|
|
- exclude:
|
|
id: cpp/use-of-goto
|
|
- exclude:
|
|
id: cpp/useless-expression
|
|
- exclude:
|
|
id: cpp/weak-crypto/banned-hash-algorithms
|
|
- exclude:
|
|
id: cpp/weak-crypto/capi/banned-modes
|
|
- exclude:
|
|
id: cpp/weak-crypto/openssl/banned-hash-algorithms
|