Skip to content

Commit dab33b2

Browse files
atorralbaatorralba
authored
Merge branch 'main' into atorralba/promote-mvel-injection
2 parents 34a8383 + 9b84a8e commit dab33b2

File tree

800 files changed

+15529
-6266
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

800 files changed

+15529
-6266
lines changed

.codeqlmanifest.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
{ "provide": [ "*/ql/src/qlpack.yml",
22
"*/ql/test/qlpack.yml",
3+
"cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/qlpack.yml",
34
"*/ql/examples/qlpack.yml",
45
"*/upgrades/qlpack.yml",
56
"misc/legacy-support/*/qlpack.yml",

.github/workflows/csv-coverage.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -70,8 +70,8 @@ jobs:
7070
with:
7171
name: rst-flow-model-coverage
7272
path: flow-model-coverage-*.rst
73-
- name: Check coverage files
74-
if: github.event.pull_request
75-
run: |
76-
python script/misc/scripts/library-coverage/compare-files.py codeqlModels
73+
# - name: Check coverage files
74+
# if: github.event.pull_request
75+
# run: |
76+
# python script/misc/scripts/library-coverage/compare-files.py codeqlModels
7777

cpp/change-notes/2021-06-10-std-types.md

Lines changed: 4 additions & 0 deletions

cpp/ql/src/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
* @kind problem
66
* @id cpp/offset-use-before-range-check
77
* @problem.severity warning
8+
* @security-severity 5.9
89
* @precision medium
910
* @tags reliability
1011
* security

cpp/ql/src/Critical/DescriptorMayNotBeClosed.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
* @kind problem
55
* @id cpp/descriptor-may-not-be-closed
66
* @problem.severity warning
7+
* @security-severity 5.9
78
* @tags efficiency
89
* security
910
* external/cwe/cwe-775

cpp/ql/src/Critical/DescriptorNeverClosed.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
* @kind problem
55
* @id cpp/descriptor-never-closed
66
* @problem.severity warning
7+
* @security-severity 5.9
78
* @tags efficiency
89
* security
910
* external/cwe/cwe-775

cpp/ql/src/Critical/FileMayNotBeClosed.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
* @kind problem
55
* @id cpp/file-may-not-be-closed
66
* @problem.severity warning
7+
* @security-severity 5.9
78
* @tags efficiency
89
* security
910
* external/cwe/cwe-775

cpp/ql/src/Critical/FileNeverClosed.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
* @kind problem
55
* @id cpp/file-never-closed
66
* @problem.severity warning
7+
* @security-severity 5.9
78
* @tags efficiency
89
* security
910
* external/cwe/cwe-775

cpp/ql/src/Critical/GlobalUseBeforeInit.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
* @kind problem
55
* @id cpp/global-use-before-init
66
* @problem.severity warning
7+
* @security-severity 6.9
78
* @tags reliability
89
* security
910
* external/cwe/cwe-457

cpp/ql/src/Critical/InconsistentNullnessTesting.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
* @kind problem
55
* @id cpp/inconsistent-nullness-testing
66
* @problem.severity warning
7+
* @security-severity 3.6
78
* @tags reliability
89
* security
910
* external/cwe/cwe-476

0 commit comments

Comments
 (0)