From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web09.672.1667953332196717263
 for <devel@edk2.groups.io>;
 Tue, 08 Nov 2022 16:22:12 -0800
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@linux.microsoft.com header.s=default header.b=a+mvaBMA;
 spf=pass (domain: linux.microsoft.com, ip: 13.77.154.182, mailfrom: mikuback@linux.microsoft.com)
Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 63EE920B9F81;
	Tue,  8 Nov 2022 16:22:11 -0800 (PST)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 63EE920B9F81
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com;
	s=default; t=1667953331;
	bh=l9/yizWwB5tZ2/06U4o15fRKtRrShM5LqJFUvTfypcc=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=a+mvaBMA5BNsG1a2Q6tSrkAbNbMWOFf0j60kHWj0XI4abRe+Jopitcr6vhTedtNES
	 UbzqLTgpk+Nohu+ThDpkmket9XWS6BBsC24G4k0NLwdx2YH1AK9wunXj1sW1ar9sfP
	 YTVa48vQOBrpLuTY09g6L4iLW52uC0RJcQOskt7E=
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
	Michael D Kinney <michael.d.kinney@intel.com>
Subject: [PATCH v2 2/2] edk2.qls: Allow error severity results and add new queries
Date: Tue,  8 Nov 2022 19:21:41 -0500
Message-Id: <20221109002141.1804-3-mikuback@linux.microsoft.com>
X-Mailer: git-send-email 2.28.0.windows.1
In-Reply-To: <20221109002141.1804-1-mikuback@linux.microsoft.com>
References: <20221109002141.1804-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

From: Michael Kubacki <michael.kubacki@microsoft.com>

The query cpp/conditionallyuninitializedvariable was initially
enabled with the CodeQL code because work was in progress on those
changes. The results were filtered out so CodeQL passed so we could
verify the CodeQL workflow without impacting CI results.

This change allows error severity messages and substitutes that query
with two queries that do not return failures. This allows these
queries to find future problems and prepares the CodeQL workflow to
catch future failures as queries are enabled.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
---
 .github/codeql/codeql-config.yml | 1 -
 .github/codeql/edk2.qls          | 4 +++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-con=
fig.yml
index 3e27c2fb0d28..a51db141ebe3 100644
--- a/.github/codeql/codeql-config.yml
+++ b/.github/codeql/codeql-config.yml
@@ -25,6 +25,5 @@ queries:
 query-filters:
 - exclude:
     problem.severity:
-      - error
       - warning
       - recommendation
diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index 0efc7dca52db..ef9aae790f5f 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -9,4 +9,6 @@
 # Enable individual queries below.
=20
 - include:
-    id: cpp/conditionallyuninitializedvariable
+    id: cpp/infinite-loop-with-unsatisfiable-exit-condition
+- include:
+    id: cpp/overflow-buffer
--=20
2.28.0.windows.1