From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 5BD1BAC1819 for ; Thu, 2 Nov 2023 20:03:57 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=KAYkJKbNMCReGPxJYi+mfJetHvnTvcMG76iSJHUj+o4=; c=relaxed/simple; d=groups.io; h=DKIM-Filter:From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1698955436; v=1; b=shTIdGWfl+RASrb/g017SsHc/WuUZ8u8B8P7QjS1jXW+qhUuzIrO/W6r2w+dfJ/TsaucCfEK kz18GvCpiJhIFNb3nngdKbwYATxZowiKAhy2EjBSxXV+DlSEZzsu/Cg/FGG0A4j0K8ZPVtTb2W3 fgVdOn4eDdUz5W7WygC7v3c0= X-Received: by 127.0.0.2 with SMTP id aPzXYY7687511xvQWnRAvcYT; Thu, 02 Nov 2023 13:03:56 -0700 X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by mx.groups.io with SMTP id smtpd.web10.42738.1698955435626981582 for ; Thu, 02 Nov 2023 13:03:55 -0700 X-Received: from localhost.localdomain (unknown [47.201.241.95]) by linux.microsoft.com (Postfix) with ESMTPSA id 8800C20B74C0; Thu, 2 Nov 2023 13:03:54 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 8800C20B74C0 From: "Michael Kubacki" To: devel@edk2.groups.io Cc: Bob Feng , Liming Gao , Michael D Kinney , Rebecca Cran , Sean Brogan , Yuwei Chen Subject: [edk2-devel] [PATCH v4 7/8] BaseTools/Plugin/CodeQL: Enable 30 queries Date: Thu, 2 Nov 2023 16:03:11 -0400 Message-ID: <20231102200313.1010-8-mikuback@linux.microsoft.com> In-Reply-To: <20231102200313.1010-1-mikuback@linux.microsoft.com> References: <20231102200313.1010-1-mikuback@linux.microsoft.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: k0pUWyazisunWUNh0p5fSZ4hx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=shTIdGWf; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=linux.microsoft.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io From: Michael Kubacki Updates the CodeQL queries opted into by edk2 to a set of queries from the standard CodeQL query package `codeql/cpp-queries`. After testing a large number of queries the included set here were found to be the most useful with the least number of false positives. Some queries had a number of issues that led to them being placed on the exclusion list so that they are not considered in the future without the notes there being taken into account. General details about queries available in the pack are available here: https://codeql.github.com/codeql-query-help/cpp/ The issues found by these queries will need to be fixed over time. In the meantime, the results will show to those that have permission in the repo's GitHub Code Scanning area. The build will not fail due to CodeQL issues (since they are not all fixed) but that can be enabled in the future. Cc: Bob Feng Cc: Liming Gao Cc: Michael D Kinney Cc: Rebecca Cran Cc: Sean Brogan Cc: Yuwei Chen Signed-off-by: Michael Kubacki Acked-by: Michael D Kinney --- BaseTools/Plugin/CodeQL/CodeQlQueries.qls | 57 +++++++++++++++++--- 1 file changed, 50 insertions(+), 7 deletions(-) diff --git a/BaseTools/Plugin/CodeQL/CodeQlQueries.qls b/BaseTools/Plugin= /CodeQL/CodeQlQueries.qls index 3f97bcd583d5..1a5098322193 100644 --- a/BaseTools/Plugin/CodeQL/CodeQlQueries.qls +++ b/BaseTools/Plugin/CodeQL/CodeQlQueries.qls @@ -8,28 +8,71 @@ # Queries ########################################################################= ################## =20 -## Enable When Time is Available to Fix Issues -# Hundreds of issues. Most appear valid. Type: Recommendation. -#- include: -# id: cpp/missing-null-test - ## Errors - include: - id: cpp/overrunning-write + id: cpp/badoverflowguard - include: - id: cpp/overrunning-write-with-float + id: cpp/infiniteloop +- include: + id: cpp/likely-bugs/memory-management/v2/conditionally-uninitialized= -variable +- include: + id: cpp/missing-null-test +- include: + id: cpp/missing-return +- include: + id: cpp/no-space-for-terminator - include: id: cpp/pointer-overflow-check +- include: + id: cpp/redundant-null-check-simple +- include: + id: cpp/sizeof/const-int-argument +- include: + id: cpp/sizeof/sizeof-or-operation-as-argument +- include: + id: cpp/unguardednullreturndereferenc - include: id: cpp/very-likely-overrunning-write =20 ## Warnings +- include: + id: cpp/comparison-with-wider-type - include: id: cpp/conditionallyuninitializedvariable +- include: + id: cpp/comparison-precedence +- include: + id: cpp/implicit-bitfield-downcast - include: id: cpp/infinite-loop-with-unsatisfiable-exit-condition +- include: + id: cpp/offset-use-before-range-check - include: id: cpp/overflow-buffer +- include: + id: cpp/overflow-calculated +- include: + id: cpp/overflow-destination +- include: + id: cpp/paddingbyteinformationdisclosure +- include: + id: cpp/return-stack-allocated-memory +- include: + id: cpp/static-buffer-overflow +- include: + id: cpp/unsigned-comparison-zero +- include: + id: cpp/uselesstest + +## Recommendations +- include: + id: cpp/missing-header-guard +- include: + id: cpp/unused-local-variable +- include: + id: cpp/unused-static-function +- include: + id: cpp/unused-static-variable =20 # Note: Some queries above are not active by default with the below filt= er. # Update the filter and run the queries again to get all results. --=20 2.42.0.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110572): https://edk2.groups.io/g/devel/message/110572 Mute This Topic: https://groups.io/mt/102350798/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-