Skip to content

Navigation Menu

Sign in

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 01b11af

Browse filesBrowse files
lcarteylcartey
authored
Merge pull request #896 from github/lcartey/add-cert-extra-properties
CERT: Add query tags for "Risk Assessment" properties
2 parents 470909e + f7c77cb commit 01b11af
Copy full SHA for 01b11af

File tree

355 files changed

+3071
-465
lines changed
Filter options

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Dismiss banner

355 files changed

+3071
-465
lines changed

‎c/cert/src/codeql-suites/cert-c-l1.qls

Copy file name to clipboard
+12
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
- description: CERT C 2016 Level 1 Rules (Priority 12 - Priority 27)
2+
- qlpack: codeql/cert-c-coding-standards
3+
- include:
4+
kind:
5+
- problem
6+
- path-problem
7+
- external/cert/obligation/rule
8+
tags contain:
9+
- external/cert/level/l1
10+
- exclude:
11+
tags contain:
12+
- external/cert/default-disabled

‎c/cert/src/codeql-suites/cert-c-l2.qls

Copy file name to clipboard
+12
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
- description: CERT C 2016 Level 2 Rules (Priority 6 - Priority 9)
2+
- qlpack: codeql/cert-c-coding-standards
3+
- include:
4+
kind:
5+
- problem
6+
- path-problem
7+
- external/cert/obligation/rule
8+
tags contain:
9+
- external/cert/level/l2
10+
- exclude:
11+
tags contain:
12+
- external/cert/default-disabled

‎c/cert/src/codeql-suites/cert-c-l3.qls

Copy file name to clipboard
+12
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
- description: CERT C 2016 Level 3 Rules (Priority 1 - Priority 4)
2+
- qlpack: codeql/cert-c-coding-standards
3+
- include:
4+
kind:
5+
- problem
6+
- path-problem
7+
- external/cert/obligation/rule
8+
tags contain:
9+
- external/cert/level/l3
10+
- exclude:
11+
tags contain:
12+
- external/cert/default-disabled

‎c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/ARR30-C/DoNotFormOutOfBoundsPointersOrArraySubscripts.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/arr30-c
1010
* correctness
1111
* security
12+
* external/cert/severity/high
13+
* external/cert/likelihood/likely
14+
* external/cert/remediation-cost/high
15+
* external/cert/priority/p9
16+
* external/cert/level/l2
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/ARR32-C/VariableLengthArraySizeNotInValidRange.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/arr32-c
1010
* correctness
1111
* security
12+
* external/cert/severity/high
13+
* external/cert/likelihood/probable
14+
* external/cert/remediation-cost/high
15+
* external/cert/priority/p6
16+
* external/cert/level/l2
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/ARR36-C/DoNotRelatePointersThatDoNotReferToTheSameArray.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @problem.severity warning
99
* @tags external/cert/id/arr36-c
1010
* correctness
11+
* external/cert/severity/medium
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/medium
14+
* external/cert/priority/p8
15+
* external/cert/level/l2
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/ARR36-C/DoNotSubtractPointersThatDoNotReferToTheSameArray.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @problem.severity warning
99
* @tags external/cert/id/arr36-c
1010
* correctness
11+
* external/cert/severity/medium
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/medium
14+
* external/cert/priority/p8
15+
* external/cert/level/l2
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/ARR37-C/DoNotUsePointerArithmeticOnNonArrayObjectPointers.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @problem.severity error
99
* @tags external/cert/id/arr37-c
1010
* correctness
11+
* external/cert/severity/medium
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/medium
14+
* external/cert/priority/p8
15+
* external/cert/level/l2
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/ARR38-C/LibraryFunctionArgumentOutOfBounds.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/arr38-c
1010
* correctness
1111
* security
12+
* external/cert/severity/high
13+
* external/cert/likelihood/likely
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p18
16+
* external/cert/level/l1
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/ARR39-C/DoNotAddOrSubtractAScaledIntegerToAPointer.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @problem.severity error
99
* @tags external/cert/id/arr39-c
1010
* correctness
11+
* external/cert/severity/high
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/high
14+
* external/cert/priority/p6
15+
* external/cert/level/l2
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON30-C/CleanUpThreadSpecificStorage.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con30-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/medium
13+
* external/cert/likelihood/unlikely
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p4
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON31-C/DoNotAllowAMutexToGoOutOfScopeWhileLocked.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con31-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/medium
13+
* external/cert/likelihood/probable
14+
* external/cert/remediation-cost/high
15+
* external/cert/priority/p4
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON31-C/DoNotDestroyAMutexWhileItIsLocked.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @tags external/cert/id/con31-c
99
* correctness
1010
* concurrency
11+
* external/cert/severity/medium
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/high
14+
* external/cert/priority/p4
15+
* external/cert/level/l3
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON32-C/PreventDataRacesWithMultipleThreads.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con32-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/medium
13+
* external/cert/likelihood/probable
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p8
16+
* external/cert/level/l2
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON33-C/RaceConditionsWhenUsingLibraryFunctions.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @tags external/cert/id/con33-c
99
* correctness
1010
* concurrency
11+
* external/cert/severity/medium
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/high
14+
* external/cert/priority/p4
15+
* external/cert/level/l3
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON34-C/AppropriateThreadObjectStorageDurations.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con34-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/medium
13+
* external/cert/likelihood/probable
14+
* external/cert/remediation-cost/high
15+
* external/cert/priority/p4
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON34-C/ThreadObjectStorageDurationsNotInitialized.ql
+5
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,11 @@
1010
* external/cert/audit
1111
* correctness
1212
* concurrency
13+
* external/cert/severity/medium
14+
* external/cert/likelihood/probable
15+
* external/cert/remediation-cost/high
16+
* external/cert/priority/p4
17+
* external/cert/level/l3
1318
* external/cert/obligation/rule
1419
*/
1520

‎c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON35-C/DeadlockByLockingInPredefinedOrder.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con35-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/low
13+
* external/cert/likelihood/probable
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p4
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON36-C/WrapFunctionsThatCanSpuriouslyWakeUpInLoop.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con36-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/low
13+
* external/cert/likelihood/unlikely
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p2
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON37-C/DoNotCallSignalInMultithreadedProgram.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con37-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/low
13+
* external/cert/likelihood/probable
14+
* external/cert/remediation-cost/low
15+
* external/cert/priority/p6
16+
* external/cert/level/l2
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON38-C/PreserveSafetyWhenUsingConditionVariables.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con38-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/low
13+
* external/cert/likelihood/unlikely
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p2
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON39-C/ThreadWasPreviouslyJoinedOrDetached.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con39-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/low
13+
* external/cert/likelihood/likely
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p6
16+
* external/cert/level/l2
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON40-C/AtomicVariableTwiceInExpression.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con40-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/medium
13+
* external/cert/likelihood/probable
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p8
16+
* external/cert/level/l2
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/CON41-C/WrapFunctionsThatCanFailSpuriouslyInLoop.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* @tags external/cert/id/con41-c
1010
* correctness
1111
* concurrency
12+
* external/cert/severity/low
13+
* external/cert/likelihood/unlikely
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p2
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL30-C/AppropriateStorageDurationsFunctionReturn.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @problem.severity error
99
* @tags external/cert/id/dcl30-c
1010
* correctness
11+
* external/cert/severity/high
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/high
14+
* external/cert/priority/p6
15+
* external/cert/level/l2
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL30-C/AppropriateStorageDurationsStackAdressEscape.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @problem.severity error
99
* @tags external/cert/id/dcl30-c
1010
* correctness
11+
* external/cert/severity/high
12+
* external/cert/likelihood/probable
13+
* external/cert/remediation-cost/high
14+
* external/cert/priority/p6
15+
* external/cert/level/l2
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL31-C/DeclareIdentifiersBeforeUsingThem.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @tags external/cert/id/dcl31-c
99
* correctness
1010
* readability
11+
* external/cert/severity/low
12+
* external/cert/likelihood/unlikely
13+
* external/cert/remediation-cost/low
14+
* external/cert/priority/p3
15+
* external/cert/level/l3
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/DCL37-C/DoNotDeclareOrDefineAReservedIdentifier.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL37-C/DoNotDeclareOrDefineAReservedIdentifier.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* correctness
1010
* maintainability
1111
* readability
12+
* external/cert/severity/low
13+
* external/cert/likelihood/unlikely
14+
* external/cert/remediation-cost/low
15+
* external/cert/priority/p3
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL38-C/DeclaringAFlexibleArrayMember.ql
+5
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,11 @@
1010
* correctness
1111
* maintainability
1212
* readability
13+
* external/cert/severity/low
14+
* external/cert/likelihood/unlikely
15+
* external/cert/remediation-cost/low
16+
* external/cert/priority/p3
17+
* external/cert/level/l3
1318
* external/cert/obligation/rule
1419
*/
1520

‎c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.md
+1-1
Original file line numberDiff line numberDiff line change
@@ -249,7 +249,7 @@ In addition, this solution assumes that there are no integer padding bits in an
249249

250250
From this situation, it can be seen that special care must be taken because no solution to the bit-field padding issue will be 100% portable.
251251

252-
Risk Assessment
252+
## Risk Assessment
253253

254254
Padding units might contain sensitive data because the C Standard allows any padding to take [unspecified values](https://wiki.sei.cmu.edu/confluence/display/c/BB.+Definitions#BB.Definitions-unspecifiedvalue). A pointer to such a structure could be passed to other functions, causing information leakage.
255255

‎c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL39-C/InformationLeakageAcrossTrustBoundariesC.ql
+5
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@
88
* @problem.severity error
99
* @tags external/cert/id/dcl39-c
1010
* security
11+
* external/cert/severity/low
12+
* external/cert/likelihood/unlikely
13+
* external/cert/remediation-cost/high
14+
* external/cert/priority/p1
15+
* external/cert/level/l3
1116
* external/cert/obligation/rule
1217
*/
1318

‎c/cert/src/rules/DCL40-C/ExcessLengthNamesIdentifiersNotDistinct.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL40-C/ExcessLengthNamesIdentifiersNotDistinct.ql
+5
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@
99
* correctness
1010
* maintainability
1111
* readability
12+
* external/cert/severity/low
13+
* external/cert/likelihood/unlikely
14+
* external/cert/remediation-cost/medium
15+
* external/cert/priority/p2
16+
* external/cert/level/l3
1217
* external/cert/obligation/rule
1318
*/
1419

‎c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql

Copy file name to clipboardExpand all lines: c/cert/src/rules/DCL40-C/IncompatibleFunctionDeclarations.ql
+5
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,11 @@
1111
* correctness
1212
* maintainability
1313
* readability
14+
* external/cert/severity/low
15+
* external/cert/likelihood/unlikely
16+
* external/cert/remediation-cost/medium
17+
* external/cert/priority/p2
18+
* external/cert/level/l3
1419
* external/cert/obligation/rule
1520
*/
1621

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.