Re: [PATCH v1 12/12] .github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries


Michael D Kinney
 

Reviewed-by: Michael D Kinney <michael.d.kinney@...>

-----Original Message-----
From: mikuback@... <mikuback@...>
Sent: Wednesday, November 9, 2022 9:33 AM
To: devel@edk2.groups.io
Cc: Sean Brogan <sean.brogan@...>; Michael Kubacki <mikuback@...>; Kinney, Michael D
<michael.d.kinney@...>
Subject: [PATCH v1 12/12] .github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries

From: Michael Kubacki <michael.kubacki@...>

As recommended by CodeQL this change replaces
cpp/potential-buffer-overflow with cpp/overrunning-write-with-float
and cpp/overrunning-write.

Enables:

1. cpp/overrunning-write
- @name Likely overrunning write
- @description Buffer write operations that do not control the length
data written may overflow
- @kind problem
- @problem.severity error
- @security-severity 9.3
- @precision high
- @id cpp/very-likely-overrunning-write
- @tags reliability
- security
- external/cwe/cwe-120
- external/cwe/cwe-787
- external/cwe/cwe-805
2. cpp/overrunning-write-with-float
- @name Potentially overrunning write with float to string conversion
- @description Buffer write operations that do not control the length
of data written may overflow when floating point inputs
take extreme values.
- @kind problem
- @problem.severity error
- @security-severity 9.3
- @precision medium
- @id cpp/overrunning-write-with-float
- @tags reliability
- security
- external/cwe/cwe-120
- external/cwe/cwe-787
- external/cwe/cwe-805
3. cpp/very-likely-overrunning-write
- @name Likely overrunning write
- @description Buffer write operations that do not control the length
of data written may overflow
- @kind problem
- @problem.severity error
- @security-severity 9.3
- @precision high
- @id cpp/very-likely-overrunning-write
- @tags reliability
- security
- external/cwe/cwe-120
- external/cwe/cwe-787
- external/cwe/cwe-805

- CWEs:
- https://cwe.mitre.org/data/definitions/120.html
- https://cwe.mitre.org/data/definitions/787.html
- https://cwe.mitre.org/data/definitions/805.html

Cc: Sean Brogan <sean.brogan@...>
Cc: Michael Kubacki <mikuback@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Signed-off-by: Michael Kubacki <michael.kubacki@...>
---
.github/codeql/edk2.qls | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index dc2d87764e93..9bea9ba01f24 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -14,8 +14,11 @@
id: cpp/infinite-loop-with-unsatisfiable-exit-condition
- include:
id: cpp/overflow-buffer
+- include:
+ id: cpp/overrunning-write
+- include:
+ id: cpp/overrunning-write-with-float
- include:
id: cpp/pointer-overflow-check
- include:
- id: cpp/potential-buffer-overflow
-
+ id: cpp/very-likely-overrunning-write
--
2.28.0.windows.1

Join devel@edk2.groups.io to automatically receive all group messages.