Commit 1999602
File tree
- actions/ql/test/query-tests
- Models
- Security
- CWE-074
- CWE-077
- CWE-078
- CWE-088
- CWE-094
- CWE-1395
- CWE-200
- CWE-275
- CWE-284
- CWE-285
- CWE-312
- CWE-349
- CWE-367
- CWE-571
- CWE-829
- CWE-918
- SyntaxError
- Violations Of Best Practice/CodeQL
- cpp/ql/test
- examples
- BadLocking
- expressions
- experimental/query-tests/Security/CWE
- CWE-020
- NoCheckBeforeUnsafePutUser
- semmle/tests
- CWE-078
- CWE-1041/semmle/tests
- CWE-1126/semmle/tests
- CWE-1240
- CWE-125/semmle/tests
- CWE-190
- AllocMultiplicationOverflow
- DangerousUseOfTransformationAfterOperation
- IfStatementAdditionOverflow
- CWE-193
- array-access
- constant-size
- CWE-200
- test1
- test2
- test3
- CWE-243/semmle/tests
- CWE-266/semmle/tests
- CWE-285
- CWE-295
- CWE-359/semmle/tests
- CWE-369/semmle/tests
- CWE-377/semmle/tests
- CWE-401/semmle/tests
- CWE-409/DecompressionBombs
- CWE-415/semmle/tests
- CWE-476/semmle/tests
- CWE-561/semmle/tests
- CWE-670/semmle/tests
- CWE-675/semmle/tests
- CWE-691/semmle/tests
- CWE-703/semmle/tests
- CWE-754/semmle/tests
- CWE-758/semmle/tests
- CWE-783/semmle/tests
- CWE-788/semmle/tests
- CWE-805/semmle/tests
- semmle/tests
- library-tests
- c11_generic
- conversions
- extraction_errors
- ir
- ir
- ssa
- lossy_pointer_cast
- subscript_operator
- syntax-zoo
- types/integral_types_ms
- query-tests
- AlertSuppression
- Architecture
- FeatureEnvy
- InappropriateIntimacy
- Refactoring Opportunities
- ClassesWithManyFields
- ComplexFunctions
- Best Practices
- GuardedFree
- Hiding
- DeclarationHidesParameter
- DeclarationHidesVariable
- LocalVariableHidesGlobalVariable
- Likely Errors
- CommaBeforeMisleadingIndentation
- EmptyBlock
- OffsetUseBeforeRangeCheck
- Slicing
- Magic Constants
- Japanese Era
- MagicConstantsNumbers
- MagicConstantsString
- RuleOfTwo
- SloppyGlobal
- Unused Entities
- UnusedIncludes
- UnusedLocals
- UnusedStaticFunctions
- UnusedStaticVariables
- Critical
- DeadCodeFunction
- DeadCodeGoto
- FileClosed
- GlobalUseBeforeInit
- InitialisationNotRun
- LargeParameter
- MemoryFreed
- MissingCheckScanf
- MissingNullTest
- NewFree
- NotInitialised
- OverflowCalculated
- OverflowStatic
- ReturnValueIgnored
- SizeCheck
- UnsafeUseOfThis
- Diagnostics
- Documentation
- CommentedOutCode
- DocumentApi
- TodoComments
- Header Cleanup/Cleanup-DuplicateIncludeGuard
- JPL_C
- LOC-3
- Rule 13
- LimitedScopeFile
- LimitedScopeFunction
- Rule 17
- LOC-4
- Rule 29/NonConstFunctionPointer
- Rule 30/FunctionPointerConversions
- Likely Bugs
- AmbiguouslySignedBitField
- Arithmetic
- BadAdditionOverflowCheck
- BadCheckOdd
- BitwiseSignCheck
- ComparisonPrecedence
- FloatComparison
- IntMultToLong
- PointlessComparison
- UnsignedGEZero
- ContinueInFalseLoop
- Conversion
- ArrayArgSizeMismatch
- CastArrayPointerArithmetic
- ImplicitDowncastFromBitfield
- LossyFunctionResultCast
- Format
- NonConstantFormat
- SnprintfOverflow
- WrongNumberOfFormatArguments
- WrongTypeFormatArguments
- Buildless
- Builtin
- Linux_mixed_byte_wprintf
- Linux_mixed_word_size
- Linux_signed_chars
- Linux_two_byte_wprintf
- Linux_unsigned_chars
- Microsoft_no_wchar
- Microsoft
- InconsistentCheckReturnNull
- Leap Year
- Adding365DaysPerYear
- UncheckedLeapYearAfterYearModification
- UnsafeArrayForDaysOfYear
- Likely Typos
- AssignWhereCompareMeant
- CompareWhereAssignMeant
- DubiousNullCheck
- ExprHasNoEffect
- CMakeFiles/CMakeScratch/TryCompile-abcdef
- autoconf
- meson-private/tmp_abc
- IncorrectNotOperatorUsage
- ShortCircuitBitMask
- UsingStrcpyAsBoolean
- inconsistentLoopDirection
- Memory Management
- AllocaInLoop
- ImproperNullTermination
- NtohlArrayNoBound
- Padding
- More64BitWaste
- NonPortablePrintf
- Suboptimal64BitType
- PointerOverflow
- ReturnCstrOfLocalStdString
- ReturnStackAllocatedMemory
- StackAddressEscapes
- StrncpyFlippedArgs
- SuspiciousCallToMemset
- SuspiciousCallToStrncat
- SuspiciousSizeof
- UnsafeUseOfStrcat
- UsingExpiredStackAddress
- OO
- IncorrectConstructorDelegation
- NonVirtualDestructorInBaseClass
- ThrowInDestructor
- Protocols
- RedundantNullCheckSimple
- ReturnConstTypeMember
- ReturnConstType
- ShortLoopVarName
- Underspecified Functions
- UseInOwnInitializer
- Metrics/Functions
- Power of 10/Rule 2
- Security/CWE
- CWE-014
- CWE-022/SAMATE/TaintedPath
- CWE-078
- SAMATE/ExecTainted
- semmle/ExecTainted
- CWE-079/semmle/CgiXss
- CWE-114
- SAMATE/UncontrolledProcessOperation
- semmle/UncontrolledProcessOperation
- CWE-119
- SAMATE
- semmle/tests
- CWE-120/semmle
- UnsafeUseOfStrcat
- tests
- CWE-121/semmle/tests
- CWE-129
- SAMATE/ImproperArrayIndexValidation
- semmle/ImproperArrayIndexValidation
- CWE-131/NoSpaceForZeroTerminator
- CWE-134
- SAMATE
- semmle
- argv
- consts
- funcs
- globalVars
- ifs
- CWE-190
- SAMATE
- semmle
- ArithmeticUncontrolled
- ArithmeticWithExtremeValues
- ComparisonWithWiderType
- TaintedAllocationSize
- tainted
- CWE-191/UnsignedDifferenceExpressionComparedZero
- CWE-193
- CWE-197/SAMATE/IntegerOverflowTainted
- CWE-242/semmle/tests
- CWE-253
- CWE-290/semmle/AuthenticationBypass
- CWE-295
- CWE-311/semmle/tests
- CWE-319/UseOfHttp
- CWE-326
- CWE-327
- CWE-367/semmle
- CWE-416/semmle/tests
- IteratorToExpiredContainer
- UseAfterFree
- UseOfStringAfterLifetimeEnds
- UseOfUniquePtrAfterLifetimeEnds
- CWE-428
- CWE-457/semmle
- ConditionallyUninitializedVariable
- tests
- CWE-468/semmle
- IncorrectPointerScaling
- SuspiciousAddWithSizeof
- CWE-497
- SAMATE
- semmle/tests
- CWE-570
- CWE-611
- CWE-676
- SAMATE/DangerousUseOfCin
- semmle
- DangerousUseOfCin
- PotentiallyDangerousFunction
- CWE-732
- CWE-764/semmle/tests
- CWE-772
- SAMATE
- semmle
- tests-file
- tests-memory
- CWE-807/semmle/TaintedCondition
- CWE-835/semmle/InfiniteLoopWithUnsatisfiableExitCondition
- CWE-843
- Summary
- definitions
- jsf
- 3.02 Code Size and Complexity/AV Rule 1
- 4.04 Environment/AV Rule 13
- 4.06 Pre-Processing Directives/AV Rule 32
- 4.07 Header Files/AV Rule 35
- 4.09 Style/AV Rule 53 54
- 4.10 Classes
- AV Rule 73
- AV Rule 76
- AV Rule 77.1
- AV Rule 78
- AV Rule 79
- AV Rule 82
- AV Rule 85
- AV Rule 97
- 4.13 Functions
- AV Rule 107
- AV Rule 114
- 4.16 Initialization/AV Rule 145
- 4.21 Operators
- AV Rule 157
- AV Rule 164
- AV Rule 165
- AV Rule 166
- 4.22 Pointers and References/AV Rule 176
- 4.24 Control Flow Structures
- AV Rule 186
- AV Rule 193
- AV Rule 196
- AV Rule 201
- 4.28 Portable Code/AV Rule 210
- csharp/ql
- campaigns/Solorigate/test/Solorigate
- integration-tests/all-platforms
- standalone_buildless_option
- standalone
- test
- experimental
- CWE-918
- Security Features
- JsonWebTokenHandler
- Serialization
- backdoor
- library-tests
- arguments
- assignments
- attributes
- comments
- compilations
- constructors
- conversion/operator
- csharp11
- csharp6
- csharp7.1
- csharp7.2
- csharp7.3
- csharp7
- csharp8
- csharp9
- dataflow
- implicittostring
- tuples
- definitions
- delegates
- diagnostics
- dynamic
- enums
- events
- exceptions
- expressions
- extension
- fields
- filters/ClassifyFiles
- generics
- goto
- indexers
- initializers
- linq
- members
- methods
- nameof
- namespaces
- nestedtypes
- operators
- partial
- properties
- statements
- stringinterpolation
- types
- unsafe
- query-tests
- API Abuse
- CallToGCCollect
- CallToObsoleteMethod
- ClassDoesNotImplementEquals
- ClassImplementsICloneable
- DisposeNotCalledOnException
- InconsistentEqualsGetHashCode
- IncorrectCompareToSignature
- IncorrectEqualsSignature
- MissingDisposeCall
- MissingDisposeMethod
- NonOverridingMethod
- NullArgumentToEquals
- UncheckedReturnValue
- ASP
- BlockCodeResponseWrite
- ComplexInlineCode
- NonInternationalizedText
- SplitControlStructure
- AlertSuppression
- Architecture
- Dependencies/MutualDependency
- Refactoring Opportunities
- FeatureEnvy
- InappropriateIntimacy
- Bad Practices
- Comments
- CommentedOutCode
- TodoComments
- Declarations
- EmptyInterface
- LocalScopeVariableShadowsMember
- NoConstantsOnly
- TooManyRefParameters
- EmptyCatchBlock
- Implementation Hiding
- AbstractToConcreteCollection
- ExposeRepresentation
- StaticArray
- Naming Conventions
- ConfusingMethodNames
- VariableNameTooShort
- Path Combine
- VirtualCallInConstructorOrDestructor
- CSI/CompareIdenticalValues
- Concurrency
- FutileSyncOnField
- LockOrder
- LockThis
- LockedWait
- SynchSetUnsynchGet
- UnsafeLazyInitialization
- UnsynchronizedStaticAccess
- Configuration/PasswordInConfigurationFile
- Dead Code
- NonAssignedFields
- Tests
- Documentation
- EmptyBlock
- Language Abuse
- CatchOfGenericException
- ChainedIs
- DubiousTypeTestOfThis
- ForeachCapture
- MissedTernaryOpportunity
- NestedIf
- RethrowException
- SimplifyBoolExpr
- UselessCastToSelf
- UselessIsBeforeAs
- UselessNullCoalescingExpression
- UselessUpcast
- Likely Bugs
- BadCheckOdd
- Collections
- ContainerLengthCmpOffByOne
- ContainerSizeCmpZero
- DangerousNonShortCircuitLogic
- Dynamic
- EqualsArray
- EqualsUsesAs
- EqualsUsesIs
- IncomparableEquals
- InconsistentCompareTo
- MishandlingJapaneseEra
- NestedLoopsSameVariable
- ObjectComparison
- PossibleLossOfPrecision
- RandomUsedOnce
- RecursiveEquals
- SelfAssignment
- StaticFieldWrittenByInstance
- StringBuilderCharInit
- ThreadUnsafeICryptoTransformLambda
- ThreadUnsafeICryptoTransform
- UncheckedCastInEquals
- UnsafeYearConstruction
- Linq
- MissedCastOpportunity
- MissedWhereOpportunity
- MagicConstants
- Metrics
- Files/FLinesOfCommentedCode
- RefTypes/TNumberOfFields
- Summaries
- Performance
- StringBuilderInLoop
- StringConcatenationInLoop
- UseTryGetValue
- ReadOnlyContainer
- Security Features
- CWE-011
- CWE-016
- ASPNetMaxRequestLength
- ASPNetPagesValidateRequest
- ASPNetRequestValidationMode
- CWE-020
- CWE-079/XSSRazorPages
- CWE-119
- CWE-248/MissingASPNETGlobalErrorHandler
- WebConfigOffButGlobal
- WebConfigOff
- CWE-285/MissingAccessControl/WebFormsTests
- CWE-312
- CWE-327
- DontInstallRootCert
- InsecureSQLConnection
- InsufficientKeySize
- CWE-352
- global
- missing
- CWE-359
- CWE-384
- CWE-451/MissingXFrameOptions
- CodeAddedHeader
- NoHeader
- WebConfigAddedHeaderInLocation
- WebConfigAddedHeader
- CWE-539/PersistentCookie
- CWE-548
- CWE-614/RequireSSL
- AddedInCode
- AddedInForms
- HttpCookiesCorrect
- RequireSSLMissing
- CWE-639
- MVCTests
- WebFormsTests
- CWE-798
- Telemetry
- LibraryUsage
- SupportedExternalApis
- SupportedExternalSinks
- SupportedExternalSources
- UnusedPropertyValue
- UseBraces
- Useless Code/PointlessForwardingMethod
- WriteOnlyContainer
- standalone/Likely Bugs
- IncomparableEquals
- ObjectComparison
- utils/modeleditor
- javascript/ql/test
- experimental
- Security
- CWE-094-dataURL
- CWE-099
- EnvValueAndKeyInjection
- EnvValueInjection
- CWE-347
- localsource
- remotesource
- CWE-918
- StandardLibrary/MultipleArgumentsToSetConstructor
- library-tests/frameworks
- HTTP-heuristics
- Templating
- query-tests
- AlertSuppression
- Diagnostics
- Metrics
- ExternalDependencies
- FLinesOfCode
- Summary
- definitions
- filters/ClassifyFiles
- python/ql/test
- 2/query-tests
- Classes
- inconsistent-mro
- new-style
- undefined-attribute
- Exceptions
- general
- generators
- raising
- Expressions
- Functions
- Imports
- encoding_error
- syntax_error
- Lexical
- Statements
- Summary
- Variables
- LeakyComp
- undefined
- 3/query-tests
- Classes
- equals-attr
- inconsistent-mro
- undefined-attribute
- Expressions
- Arguments
- Formatting
- TruncatedDivision
- UseofApply
- Imports
- encoding_error
- syntax_error
- Statements
- general
- iter
- unreachable_suppressed
- unreachable
- Summary
- Variables/undefined
- experimental
- library-tests
- CallGraph-implicit-init
- CallGraph-imports
- CallGraph-type-annotations
- FindSubclass
- query-tests
- Classes/Naming
- Functions/general
- Security
- CWE-022-TarSlip
- CWE-074-RemoteCommandExecution
- CWE-079
- CWE-091-XsltInjection
- CWE-094
- CWE-1236
- CWE-176
- CWE-208
- TimingAttackAgainstHash
- TimingAttackAgainstHeaderValue
- TimingAttackAgainstSensitiveInfo
- CWE-287-ConstantSecretKey
- CWE-287
- CWE-327-UnsafeUsageOfClientSideEncryptionVersion
- CWE-338
- CWE-346
- CWE-347
- CWE-348
- CWE-522-global-option
- CWE-522
- CWE-611-SimpleXmlRpcServer
- CWE-770
- extractor-tests/overlay/basic-overlay-eval
- library-tests
- dataflow
- coverage-py2
- coverage-py3
- typetracking_imports
- frameworks
- django-orm
- gradio
- modelling
- query-tests
- Classes
- Arguments
- conflicting
- descriptors
- equals-attr
- init-calls-subclass-method
- overwriting-attribute
- should-be-context-manager
- undefined-attribute
- useless
- Diagnostics
- Exceptions/general
- Expressions
- Arguments
- Formatting
- Regex
- callable
- comparisons
- eq
- general
- strings
- super
- Functions
- ModificationOfParameterWithDefault
- general
- iterators
- overriding
- return_values
- Imports
- PyCheckerTests
- cyclic-module-annotations-fp
- cyclic-module-package-fp
- false-negative
- true-negative
- cyclic-module
- deprecated
- general
- unused
- Lexical
- ToDoComment
- commented_out_code
- Metrics
- cyclo
- functions
- imports
- lines
- ratios
- tests
- Security
- CWE-020-CookieInjection
- CWE-020-ExternalAPIs
- CWE-020-IncompleteHostnameRegExp
- CWE-020-IncompleteUrlSubstringSanitization
- CWE-020-SuspiciousRegexpRange
- CWE-022-TarSlip
- CWE-074-TemplateInjection
- CWE-078-CommandInjection-py2
- CWE-078-CommandInjection
- CWE-078-UnsafeShellCommandConstruction
- CWE-079-Jinja2WithoutEscaping
- CWE-079-ReflectedXss
- CWE-089-SqlInjection
- CWE-090-LdapInjection
- CWE-113-HeaderInjection/Tests2-with-wsgi-validator
- CWE-116-BadTagFilter
- CWE-117-LogInjection
- CWE-209-StackTraceExposure
- CWE-215-FlaskDebug
- CWE-285-PamAuthorization
- CWE-295-MissingHostKeyValidation
- CWE-295-RequestWithoutValidation
- CWE-312-CleartextLogging
- CWE-312-CleartextStorage-py3
- CWE-312-CleartextStorage
- CWE-326-WeakCryptoKey
- CWE-327-BrokenCryptoAlgorithm
- CWE-327-InsecureDefaultProtocol
- CWE-327-InsecureProtocol
- CWE-327-WeakSensitiveDataHashing
- CWE-377-InsecureTemporaryFile
- CWE-502-UnsafeDeserialization
- CWE-601-UrlRedirect
- CWE-611-Xxe
- CWE-643-XPathInjection
- CWE-730-PolynomialReDoS
- CWE-730-ReDoS
- CWE-730-RegexInjection
- CWE-732-WeakFilePermissions
- CWE-776-XmlBomb
- CWE-798-HardcodedCredentials
- CWE-942-CorsMisconfigurationMiddleware
- CWE-943-NoSqlInjection
- Statements
- DocStrings
- ReturnOrYieldOutsideFunction
- asserts
- exit
- general
- no_effect
- unreachable_nonlocal
- unreachable
- Testing
- Variables
- general
- multiple
- undefined
- unused_local_nonlocal
- unused
- analysis
- Consistency
- jump_to_defn
- pointsto
- suppression
- ruby/ql/test
- library-tests/dataflow/params
- query-tests
- AlertSuppression
- analysis
- diagnostics
- experimental
- CWE-522-DecompressionBombs
- ImproperLdapAuth
- InsecureRandomness
- LdapInjection
- TemplateInjection
- XPathInjection
- cwe-022-ZipSlip
- cwe-176
- cwe-347
- cwe-502
- manually-check-http-verb
- weak-params
- metrics/FLines
- performance/UseDetect
- security
- cwe-020
- IncompleteHostnameRegExp
- IncompleteUrlSubstringSanitization
- MissingFullAnchor
- MissingRegExpAnchor
- SuspiciousRegexpRange
- cwe-078
- KernelOpen
- NonConstantKernelOpen
- UnsafeShellCommandConstruction
- cwe-079
- cwe-089
- cwe-094/UnsafeCodeConstruction
- cwe-116
- BadTagFilter
- IncompleteSanitization
- cwe-117
- cwe-1333-exponential-redos
- cwe-1333-polynomial-redos
- cwe-1333-regexp-injection
- cwe-134
- cwe-209
- cwe-295
- cwe-312
- cwe-327
- cwe-352
- cwe-502
- oj-global-options
- ox-global-options
- unsafe-deserialization
- cwe-506
- cwe-598
- cwe-601
- cwe-611
- libxml-backend
- xxe
- cwe-732
- cwe-798
- cwe-807-user-controlled-bypass
- cwe-912
- cwe-915
- cwe-918
- decompression-api
- summary
- utils/modeleditor
- rust/ql
- integration-tests
- hello-project
- hello-workspace
- test
- extractor-tests
- macro-expansion
- macro-in-library
- query-tests/diagnostics
- swift/ql/test
- extractor-tests
- generated/decl/CapturedDecl
- updates
- library-tests
- ast
- elements/expr/methodlookup
- query-tests
- AlertSuppression
- Diagnostics
- Security
- CWE-020
- CWE-022/UnsafeUnpack
- CWE-078
- CWE-079
- CWE-089
- CWE-116
- CWE-1204
- CWE-1333
- CWE-134
- CWE-135
- CWE-259
- CWE-311
- CWE-312
- CWE-321
- CWE-327
- CWE-328
- CWE-730
- CWE-757
- CWE-760
- CWE-916
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
Lines changed: 1 addition & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
2 | | - | |
| 1 | + | |
Lines changed: 1 addition & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
2 | | - | |
| 1 | + | |
Lines changed: 1 addition & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
2 | | - | |
| 1 | + | |
Lines changed: 1 addition & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
2 | | - | |
| 1 | + | |
Lines changed: 1 addition & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
2 | | - | |
| 1 | + | |
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
0 commit comments