C++: Add more CWE tags to queries in the code scanning suite.

MathiasVP · MathiasVP · commit 2912c2e7f560 · 2021-05-03T16:58:47.000+02:00
diff --git a/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql b/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql
@@ -9,6 +9,8 @@
  * @id cpp/signed-overflow-check
  * @tags correctness
  *       security
+ *       external/cwe/cwe-128
+ *       external/cwe/cwe-190
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql b/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql
@@ -7,12 +7,12 @@
  * @kind path-problem
  * @problem.severity warning
  * @precision high
+ * @id cpp/upcast-array-pointer-arithmetic
  * @tags correctness
  *       reliability
  *       security
  *       external/cwe/cwe-119
  *       external/cwe/cwe-843
- * @id cpp/upcast-array-pointer-arithmetic
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/Format/SnprintfOverflow.ql b/cpp/ql/src/Likely Bugs/Format/SnprintfOverflow.ql
@@ -8,6 +8,10 @@
  * @tags reliability
  *       correctness
  *       security
+ *       external/cwe/cwe-190
+ *       external/cwe/cwe-253
+ *       external/cwe/cwe-573
+ *       external/cwe/cwe-754
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql b/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql
@@ -9,6 +9,8 @@
  * @tags reliability
  *       correctness
  *       security
+ *       external/cwe/cwe-233
+ *       external/cwe/cwe-234
  *       external/cwe/cwe-685
  */
 
diff --git a/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql b/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql
@@ -8,6 +8,8 @@
  * @id cpp/pointer-overflow-check
  * @tags reliability
  *       security
+ *       external/cwe/cwe-758
+ *       external/cwe/cwe-119
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql b/cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql
@@ -10,6 +10,7 @@
  * @tags correctness
  *       language-features
  *       security
+ *       external/cwe/cwe-670
  */
 
 import cpp
diff --git a/cpp/ql/src/Likely Bugs/Underspecified Functions/TooFewArguments.ql b/cpp/ql/src/Likely Bugs/Underspecified Functions/TooFewArguments.ql
@@ -12,6 +12,9 @@
  * @tags correctness
  *       maintainability
  *       security
+ *       external/cwe/cwe-233
+ *       external/cwe/cwe-234
+ *       external/cwe/cwe-685
  */
 
 import cpp
diff --git a/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql b/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql
@@ -7,6 +7,8 @@
  * @precision high
  * @tags security
  *       external/cwe/cwe-253
+ *       external/cwe/cwe-573
+ *       external/cwe/cwe-754
  *       external/microsoft/C6214
  *       external/microsoft/C6215
  *       external/microsoft/C6216
diff --git a/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql b/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
@@ -9,6 +9,7 @@
  * @id cpp/suspicious-add-sizeof
  * @tags security
  *       external/cwe/cwe-468
+ *       external/cwe/cwe-682
  */
 
 import cpp
