diff options
author | Michael Kubacki <michael.kubacki@microsoft.com> | 2022-11-10 01:32:46 +0800 |
---|---|---|
committer | Liming Gao <gaoliming@byosoft.com.cn> | 2022-12-23 13:52:00 +0800 |
commit | 9b6b8a53b717b6b27f97ea0b5db68010faf68b3d (patch) | |
tree | 35defc0f224eaf7027fbc4131e955e9761942f0d /MdePkg/Include/Pi | |
parent | d27cf840cae1c9cb23ea2f4c41ffc62470fd08be (diff) | |
download | edk2-12m23.tar.gz edk2-12m23.tar.bz2 edk2-12m23.zip |
.github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries12m23
As recommended by CodeQL this change replaces
cpp/potential-buffer-overflow with cpp/overrunning-write-with-float
and cpp/overrunning-write.
Enables:
1. cpp/overrunning-write
- @name Likely overrunning write
- @description Buffer write operations that do not control the length
data written may overflow
- @kind problem
- @problem.severity error
- @security-severity 9.3
- @precision high
- @id cpp/very-likely-overrunning-write
- @tags reliability
- security
- external/cwe/cwe-120
- external/cwe/cwe-787
- external/cwe/cwe-805
2. cpp/overrunning-write-with-float
- @name Potentially overrunning write with float to string conversion
- @description Buffer write operations that do not control the length
of data written may overflow when floating point inputs
take extreme values.
- @kind problem
- @problem.severity error
- @security-severity 9.3
- @precision medium
- @id cpp/overrunning-write-with-float
- @tags reliability
- security
- external/cwe/cwe-120
- external/cwe/cwe-787
- external/cwe/cwe-805
3. cpp/very-likely-overrunning-write
- @name Likely overrunning write
- @description Buffer write operations that do not control the length
of data written may overflow
- @kind problem
- @problem.severity error
- @security-severity 9.3
- @precision high
- @id cpp/very-likely-overrunning-write
- @tags reliability
- security
- external/cwe/cwe-120
- external/cwe/cwe-787
- external/cwe/cwe-805
- CWEs:
- https://cwe.mitre.org/data/definitions/120.html
- https://cwe.mitre.org/data/definitions/787.html
- https://cwe.mitre.org/data/definitions/805.html
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Diffstat (limited to 'MdePkg/Include/Pi')
0 files changed, 0 insertions, 0 deletions