Skip to content

Address pre-existing CodeQL alerts surfaced by PR #5235 #5243

New issue
New issue
Open
Task
#5244
Open
Address pre-existing CodeQL alerts surfaced by PR #5235#5243
Task
#5244
Labels
enhancement
Milestone
Release 1.16.0
@matejk

Description

@matejk
matejk
opened on Mar 15, 2026

Summary

PR #5235 (C++17 nested namespace declarations) touches 1114 files with purely syntactic changes. Because of the large diff, CodeQL flagged 93 pre-existing alerts that are unrelated to the PR itself. This issue tracks resolving them.

CodeQL check run: https://github.com/pocoproject/poco/runs/66753749980

Errors (9)

Authentication bypass by spoofing (2)

  • Net/src/HTTPClientSession.cpp:284
  • Net/src/IPAddress.cpp:585

Cleartext transmission of sensitive information (1)

  • Net/src/SocketImpl.cpp:373

Duplicate include guard (2)

  • Net/testsuite/src/FTPClientSessionTest.h:13
  • NetSSL_OpenSSL/testsuite/src/FTPSClientSessionTest.h:13

Inconsistent nullness check (2)

  • Net/src/PollSet.cpp:286
  • Net/src/PollSet.cpp:294

Redefined default parameter (1)

  • Data/testsuite/src/Extractor.h:422

XML external entity expansion (1)

  • XML/src/SAXParser.cpp:198

Warnings (28)

Comparison result is always the same (6)

  • Data/src/SQLChannel.cpp:267
  • Net/src/ICMPv4PacketImpl.cpp:218
  • Net/src/ICMPv4PacketImpl.cpp:229
  • Net/src/ICMPv4PacketImpl.cpp:236
  • Net/src/IPAddress.cpp:567
  • Net/src/MessageHeader.cpp:96

Inconsistent definition of copy constructor and assignment ('Rule of Two') (1)

  • Net/src/HTTPAuthenticationParams.cpp:102

Local variable address stored in non-local memory (15)

  • Net/include/Poco/Net/SocketConnector.h:117
  • Prometheus/src/Registry.cpp:36
  • Util/src/Application.cpp:118
  • XML/src/AbstractContainerNode.cpp:103
  • XML/src/AbstractContainerNode.cpp:106
  • XML/src/AbstractContainerNode.cpp:117
  • XML/src/Element.cpp:120
  • XML/src/Event.cpp:80
  • XML/src/Event.cpp:91
  • XML/src/ParserEngine.cpp:151
  • XML/src/ParserEngine.cpp:186
  • XML/src/ParserEngine.cpp:192
  • XML/src/ParserEngine.cpp:198
  • XML/src/ParserEngine.cpp:204
  • XML/src/ParserEngine.cpp:210

Use of integer where enum is preferred (2)

  • Net/src/ICMPv4PacketImpl.cpp:215
  • Net/src/IPAddress.cpp:656

Virtual call from constructor or destructor (4)

  • Foundation/src/SplitterChannel.cpp:32
  • Net/src/FTPClientSession.cpp:64
  • Net/src/SocketImpl.cpp:126
  • Util/src/Application.cpp:89

Notices (56)

Commented-out code (27)

  • Foundation/src/Var.cpp:625
  • Foundation/src/VarIterator.cpp:17
  • JSON/include/Poco/JSON/Object.h:610
  • JSON/include/Poco/JSON/Object.h:616
  • JSON/include/Poco/JSON/Object.h:622
  • JSON/include/Poco/JSON/Object.h:750
  • JSON/include/Poco/JSON/Object.h:756
  • JSON/include/Poco/JSON/Object.h:762
  • JSON/include/Poco/JSON/Parser.h:122
  • JSON/include/Poco/JSON/Parser.h:125
  • JSON/include/Poco/JSON/ParserImpl.h:85
  • JSON/include/Poco/JSON/ParserImpl.h:88
  • JSON/src/Object.cpp:242
  • JSON/src/Object.cpp:253
  • Net/include/Poco/Net/ICMPPacket.h:44
  • Net/include/Poco/Net/ICMPPacket.h:56
  • Net/include/Poco/Net/ICMPv4PacketImpl.h:135
  • Net/include/Poco/Net/SocketNotifier.h:65
  • Net/src/DNS.cpp:532
  • Net/src/DNS.cpp:554
  • Net/src/DNS.cpp:671
  • Net/src/Net.cpp:75
  • Net/src/Net.cpp:81
  • Net/src/NetworkInterface.cpp:1253
  • Net/src/NetworkInterface.cpp:1713
  • Prometheus/include/Poco/Prometheus/Histogram.h:68
  • XML/include/Poco/DOM/Document.h:96

Complex condition (1)

  • XML/src/DOMImplementation.cpp:48

Declaration hides parameter (3)

  • Net/src/MailMessage.cpp:351
  • Util/src/AbstractConfiguration.cpp:545
  • XML/src/XMLStreamParser.cpp:771

Declaration hides variable (2)

  • Zip/src/Compress.cpp:183
  • Zip/src/Compress.cpp:301

Equality test on floating-point values (5)

  • Data/src/Row.cpp:310
  • Foundation/include/Poco/Dynamic/Var.h:1862
  • Foundation/include/Poco/Dynamic/Var.h:1870
  • Foundation/include/Poco/Dynamic/Var.h:1966
  • Foundation/include/Poco/Dynamic/Var.h:1974

FIXME comment (2)

  • Net/src/MessageHeader.cpp:377
  • Net/src/MessageHeader.cpp:413

Long switch case (1)

  • Foundation/src/Var.cpp:562

No raw arrays in interfaces (13)

  • XML/include/Poco/SAX/ContentHandler.h:129
  • XML/include/Poco/SAX/ContentHandler.h:161
  • XML/include/Poco/SAX/LexicalHandler.h:110
  • XML/src/DefaultHandler.cpp:78
  • XML/src/DefaultHandler.cpp:83
  • XML/src/WhitespaceFilter.cpp:103
  • XML/src/WhitespaceFilter.cpp:131
  • XML/src/WhitespaceFilter.cpp:195
  • XML/src/XMLFilterImpl.cpp:239
  • XML/src/XMLFilterImpl.cpp:246
  • XML/src/XMLWriter.cpp:314
  • XML/src/XMLWriter.cpp:364
  • XML/src/XMLWriter.cpp:458

No trivial switch statements (1)

  • XML/src/XMLStreamParser.cpp:528

Unused local variable (1)

  • Net/src/PollSet.cpp:238

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancement

    Type

    Task

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions