From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@microsoft.com>,
Michael Kubacki <mikuback@linux.microsoft.com>,
Michael D Kinney <michael.d.kinney@intel.com>
Subject: [PATCH v4 11/12] .github/codeql/edk2.qls: Enable CWE 457, 676, and 758 queries
Date: Fri, 10 Mar 2023 13:42:37 -0500 [thread overview]
Message-ID: <20230310184238.2999-12-mikuback@linux.microsoft.com> (raw)
In-Reply-To: <20230310184238.2999-1-mikuback@linux.microsoft.com>
From: Michael Kubacki <michael.kubacki@microsoft.com>
The previous commits fixed issues with these queries across various
packages. Now that those are resolved, enable the queries in the
edk2 query set so regressions can be found in the future.
Enables:
1. cpp/conditionallyuninitializedvariable
- CWE: https://cwe.mitre.org/data/definitions/457.html
- @name Conditionally uninitialized variable
- @description An initialization function is used to initialize a
local variable, but the returned status code is
not checked. The variable may be left in an
uninitialized state, and reading the variable may
result in undefined behavior.
- @kind problem
- @problem.severity warning
- @security-severity 7.8
- @id cpp/conditionally-uninitialized-variable
- @tags security
- external/cwe/cwe-457
2. cpp/pointer-overflow-check
- CWE: https://cwe.mitre.org/data/definitions/758.html
- @name Pointer overflow check
- @description Adding a value to a pointer to check if it
overflows relies on undefined behavior and
may lead to memory corruption.
- @kind problem
- @problem.severity error
- @security-severity 2.1
- @precision high
- @id cpp/pointer-overflow-check
- @tags reliability
- security
- external/cwe/cwe-758
3. cpp/potential-buffer-overflow
- CWE: https://cwe.mitre.org/data/definitions/676.html
- @name Potential buffer overflow
- @description Using a library function that does not check
buffer bounds requires the surrounding program
to be very carefully written to avoid buffer
overflows.
- @kind problem
- @id cpp/potential-buffer-overflow
- @problem.severity warning
- @security-severity 10.0
- @tags reliability
- security
- external/cwe/cwe-676
- @deprecated This query is deprecated, use
Potentially overrunning write
(`cpp/overrunning-write`) and
Potentially overrunning write with float to string
conversion
(`cpp/overrunning-write-with-float`) instead.
Note that cpp/potential-buffer-overflow is deprecated. This query
will be updated to the succeeding queries in the next commit. The
query is used in this commit to show that we considered and tested
the query in history.
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
---
.github/codeql/edk2.qls | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index ef9aae790f5f..dc2d87764e93 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -8,7 +8,14 @@
# Enable individual queries below.
+- include:
+ id: cpp/conditionallyuninitializedvariable
- include:
id: cpp/infinite-loop-with-unsatisfiable-exit-condition
- include:
id: cpp/overflow-buffer
+- include:
+ id: cpp/pointer-overflow-check
+- include:
+ id: cpp/potential-buffer-overflow
+
--
2.39.2.windows.1
next prev parent reply other threads:[~2023-03-10 18:45 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-10 18:42 [PATCH v4 00/12] Enable New CodeQL Queries Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 01/12] MdeModulePkg/SmbiosDxe: Fix pointer and buffer overflow CodeQL alerts Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 02/12] BaseTools/PatchCheck.py: Add PCCTS to tab exemption list Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 03/12] BaseTools/VfrCompile: Fix potential buffer overwrites Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 04/12] CryptoPkg: Fix conditionally uninitialized variable Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 05/12] MdeModulePkg: Fix conditionally uninitialized variables Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 06/12] MdePkg: " Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 07/12] NetworkPkg: " Michael Kubacki
2023-03-10 20:01 ` Michael D Kinney
2023-03-10 18:42 ` [PATCH v4 08/12] PcAtChipsetPkg: " Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 09/12] ShellPkg: " Michael Kubacki
2023-03-10 18:42 ` [PATCH v4 10/12] UefiCpuPkg: " Michael Kubacki
2023-03-10 20:03 ` [edk2-devel] " Michael D Kinney
2023-03-10 22:59 ` Michael Kubacki
2023-03-21 14:25 ` Michael Kubacki
2023-03-24 15:50 ` Michael Kubacki
2023-03-24 15:54 ` Michael D Kinney
2023-03-10 18:42 ` Michael Kubacki [this message]
2023-03-10 18:42 ` [PATCH v4 12/12] .github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries Michael Kubacki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230310184238.2999-12-mikuback@linux.microsoft.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox