Merge pull request github#14360 from MathiasVP/promote-use-after-free-and-double-free

MathiasVP · web-flow · commit dbe3bd0c50c3 · 2023-10-03T11:52:23.000+02:00
C++: Promote `cpp/double-free` and `cpp/use-after-free` to Code Scanning
diff --git a/cpp/ql/src/Critical/DoubleFree.ql b/cpp/ql/src/Critical/DoubleFree.ql
@@ -2,7 +2,7 @@
  * @name Potential double free
  * @description Freeing a resource more than once can lead to undefined behavior and cause memory corruption.
  * @kind path-problem
- * @precision medium
+ * @precision high
  * @id cpp/double-free
  * @problem.severity warning
  * @security-severity 9.3
diff --git a/cpp/ql/src/Critical/UseAfterFree.ql b/cpp/ql/src/Critical/UseAfterFree.ql
@@ -2,7 +2,7 @@
  * @name Potential use after free
  * @description An allocated memory block is used after it has been freed. Behavior in such cases is undefined and can cause memory corruption.
  * @kind path-problem
- * @precision medium
+ * @precision high
  * @id cpp/use-after-free
  * @problem.severity warning
  * @security-severity 9.3
diff --git a/cpp/ql/src/change-notes/2023-10-03-double-free.md b/cpp/ql/src/change-notes/2023-10-03-double-free.md
@@ -0,0 +1,4 @@
+---
+category: queryMetadata
+---
+* The `cpp/double-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`.
diff --git a/cpp/ql/src/change-notes/2023-10-03-use-after-free.md b/cpp/ql/src/change-notes/2023-10-03-use-after-free.md
@@ -0,0 +1,4 @@
+---
+category: queryMetadata
+---
+* The `cpp/use-after-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`.

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: queryMetadata
 +---
 +* The `cpp/double-free` query has been further improved to reduce false positives and its precision has been increased from `medium` to `high`.