From d7ed8ddaefda66e1be47d228ff8e05ef49d186cd Mon Sep 17 00:00:00 2001 From: docs-bot <77750099+docs-bot@users.noreply.github.com> Date: Thu, 27 Jun 2024 10:30:04 -0700 Subject: [PATCH 1/2] Update CodeQL CLI manual (#51377) Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com> --- .../codeql-cli/codeql-cli-manual/database-analyze.md | 8 ++++++++ .../codeql-cli/codeql-cli-manual/database-create.md | 2 +- .../codeql-cli/codeql-cli-manual/database-init.md | 2 +- .../codeql-cli-manual/database-interpret-results.md | 8 ++++++++ .../codeql-cli/codeql-cli-manual/database-run-queries.md | 8 ++++++++ .../codeql-cli/codeql-cli-manual/execute-queries.md | 8 ++++++++ .../codeql-cli/codeql-cli-manual/pack-publish.md | 2 +- .../codeql-cli/codeql-cli-manual/query-run.md | 8 ++++++++ .../codeql-cli-manual/resolve-extensions-by-pack.md | 6 ++++++ .../codeql-cli/codeql-cli-manual/resolve-extensions.md | 6 ++++++ 10 files changed, 55 insertions(+), 3 deletions(-) diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md b/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md index dce9be7fbc..9745238f10 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md @@ -244,6 +244,14 @@ during database creation from a Code Scanning configuration file. Download any missing queries before analyzing. +### Options to control the model packs to be used + +#### `--model-packs=<`>... + +A list of CodeQL pack names, each with an optional version range, to be +used as model packs to customize the queries that are about to be +evaluated. + ### Options to control the threat models to be used #### `--threat-model=...` diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-create.md b/content/code-security/codeql-cli/codeql-cli-manual/database-create.md index 82b43a87a7..3e1de32e3f 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/database-create.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/database-create.md @@ -95,7 +95,7 @@ Choose your build mode based on the language you are analyzing: `none`: The database will be created without building the source root. Available for JavaScript/TypeScript, Python, and Ruby. Also available in -beta for Java. +beta for C# and Java. `autobuild`: The database will be created by attempting to automatically build the source root. Available for C/C++, C#, Go, Java/Kotlin, and diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-init.md b/content/code-security/codeql-cli/codeql-cli-manual/database-init.md index 0655ebd6b1..08ec630707 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/database-init.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/database-init.md @@ -108,7 +108,7 @@ Choose your build mode based on the language you are analyzing: `none`: The database will be created without building the source root. Available for JavaScript/TypeScript, Python, and Ruby. Also available in -beta for Java. +beta for C# and Java. `autobuild`: The database will be created by attempting to automatically build the source root. Available for C/C++, C#, Go, Java/Kotlin, and diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md b/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md index dd00a30ac9..7779015b9a 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md @@ -245,6 +245,14 @@ variable. This overrides the GITHUB\_TOKEN environment variable. +### Options to specify which extensions to use when interpreting the results + +#### `--model-packs=<`>... + +A list of CodeQL pack names, each with an optional version range, to be +used as model packs to customize the queries that are about to be +evaluated. + ### Options for finding QL packs (which may be necessary to interpret query suites) #### `--search-path=[:...]` diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md b/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md index ae770bbfdb..a93ec00f1b 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md @@ -98,6 +98,14 @@ codebase. \[Advanced] Omit threat model configuration stored in the database during database creation from a Code Scanning configuration file. +### Options to control the model packs to be used + +#### `--model-packs=<`>... + +A list of CodeQL pack names, each with an optional version range, to be +used as model packs to customize the queries that are about to be +evaluated. + ### Options to control the threat models to be used #### `--threat-model=...` diff --git a/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md b/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md index 447c64817d..d125d7541f 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md @@ -81,6 +81,14 @@ human-readable representation of the results to standard output. Omit evaluation of queries that already seem to have a BQRS result stored in the output location. +### Options to control the model packs to be used + +#### `--model-packs=<`>... + +A list of CodeQL pack names, each with an optional version range, to be +used as model packs to customize the queries that are about to be +evaluated. + ### Options to control the threat models to be used #### `--threat-model=...` diff --git a/content/code-security/codeql-cli/codeql-cli-manual/pack-publish.md b/content/code-security/codeql-cli/codeql-cli-manual/pack-publish.md index df5dfe9ce5..ba8d288d25 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/pack-publish.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/pack-publish.md @@ -11,7 +11,7 @@ topics: type: reference product: '{% data reusables.gated-features.codeql %}' autogenerated: codeql-cli -intro: 'Publishes a QL library pack to a package registry.' +intro: Publishes a QL library pack to a package registry. redirect_from: - /code-security/codeql-cli/manual/pack-publish --- diff --git a/content/code-security/codeql-cli/codeql-cli-manual/query-run.md b/content/code-security/codeql-cli/codeql-cli-manual/query-run.md index f1a6501689..67906cf926 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/query-run.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/query-run.md @@ -357,6 +357,14 @@ variable. This overrides the GITHUB\_TOKEN environment variable. +### Options to control the extension packs + +#### `--model-packs=<`>... + +A list of CodeQL pack names, each with an optional version range, to be +used as model packs to customize the queries that are about to be +evaluated. + ### Common options #### `-h, --help` diff --git a/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions-by-pack.md b/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions-by-pack.md index 2d30a26279..146c27cf5f 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions-by-pack.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions-by-pack.md @@ -85,6 +85,12 @@ value. (Note: On Windows the path separator is `;`). +#### `--model-packs=<`>... + +A list of CodeQL pack names, each with an optional version range, to be +used as model packs to customize the queries that are about to be +evaluated. + #### `--threat-model=...` A list of threat models to enable or disable. diff --git a/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions.md b/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions.md index e60b5cbdb5..a6affc2004 100644 --- a/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions.md +++ b/content/code-security/codeql-cli/codeql-cli-manual/resolve-extensions.md @@ -105,6 +105,12 @@ value. (Note: On Windows the path separator is `;`). +#### `--model-packs=<`>... + +A list of CodeQL pack names, each with an optional version range, to be +used as model packs to customize the queries that are about to be +evaluated. + #### `--threat-model=...` A list of threat models to enable or disable. From acd573978f3b5ee6214cdf9a141ad7f13aec75e4 Mon Sep 17 00:00:00 2001 From: docs-bot <77750099+docs-bot@users.noreply.github.com> Date: Thu, 27 Jun 2024 10:30:12 -0700 Subject: [PATCH 2/2] Update CodeQL query tables (#51379) --- .../code-scanning/codeql-query-tables/cpp.md | 72 +++++++++---------- .../codeql-query-tables/csharp.md | 2 +- .../code-scanning/codeql-query-tables/go.md | 4 +- .../code-scanning/codeql-query-tables/java.md | 12 ++-- .../codeql-query-tables/python.md | 4 +- .../code-scanning/codeql-query-tables/ruby.md | 4 +- 6 files changed, 49 insertions(+), 49 deletions(-) diff --git a/data/reusables/code-scanning/codeql-query-tables/cpp.md b/data/reusables/code-scanning/codeql-query-tables/cpp.md index b5861f6478..bc664bbbb4 100644 --- a/data/reusables/code-scanning/codeql-query-tables/cpp.md +++ b/data/reusables/code-scanning/codeql-query-tables/cpp.md @@ -49,44 +49,44 @@ | [Use of unique pointer after lifetime ends](https://codeql.github.com/codeql-query-help/cpp/cpp-use-of-unique-pointer-after-lifetime-ends/) | 416, 664 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Wrong type of arguments to formatting function](https://codeql.github.com/codeql-query-help/cpp/cpp-wrong-type-format-argument/) | 686 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [XML external entity expansion](https://codeql.github.com/codeql-query-help/cpp/cpp-external-entity-expansion/) | 611 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Array offset used before range check](https://codeql.github.com/codeql-query-help/cpp/cpp-offset-use-before-range-check/) | 120, 125 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Array offset used before range check](https://codeql.github.com/codeql-query-help/cpp/cpp-offset-use-before-range-check/) | 120, 125 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Authentication bypass by spoofing](https://codeql.github.com/codeql-query-help/cpp/cpp-user-controlled-bypass/) | 290 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [boost::asio TLS settings misconfiguration](https://codeql.github.com/codeql-query-help/cpp/cpp-boost-tls-settings-misconfiguration/) | 326 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [boost::asio use of deprecated hardcoded protocol](https://codeql.github.com/codeql-query-help/cpp/cpp-boost-use-of-deprecated-hardcoded-security-protocol/) | 327 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Certificate not checked](https://codeql.github.com/codeql-query-help/cpp/cpp-certificate-not-checked/) | 295 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Certificate result conflation](https://codeql.github.com/codeql-query-help/cpp/cpp-certificate-result-conflation/) | 295 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Cleartext storage of sensitive information in an SQLite database](https://codeql.github.com/codeql-query-help/cpp/cpp-cleartext-storage-database/) | 313 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [boost::asio TLS settings misconfiguration](https://codeql.github.com/codeql-query-help/cpp/cpp-boost-tls-settings-misconfiguration/) | 326 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [boost::asio use of deprecated hardcoded protocol](https://codeql.github.com/codeql-query-help/cpp/cpp-boost-use-of-deprecated-hardcoded-security-protocol/) | 327 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Certificate not checked](https://codeql.github.com/codeql-query-help/cpp/cpp-certificate-not-checked/) | 295 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Certificate result conflation](https://codeql.github.com/codeql-query-help/cpp/cpp-certificate-result-conflation/) | 295 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Cleartext storage of sensitive information in an SQLite database](https://codeql.github.com/codeql-query-help/cpp/cpp-cleartext-storage-database/) | 313 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Cleartext storage of sensitive information in buffer](https://codeql.github.com/codeql-query-help/cpp/cpp-cleartext-storage-buffer/) | 312 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Comma before misleading indentation](https://codeql.github.com/codeql-query-help/cpp/cpp-comma-before-misleading-indentation/) | 1078, 670 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [File created without restricting permissions](https://codeql.github.com/codeql-query-help/cpp/cpp-world-writable-file-creation/) | 732 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Incorrect 'not' operator usage](https://codeql.github.com/codeql-query-help/cpp/cpp-incorrect-not-operator-usage/) | 480 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Incorrect allocation-error handling](https://codeql.github.com/codeql-query-help/cpp/cpp-incorrect-allocation-error-handling/) | 570, 252, 755 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Invalid pointer dereference](https://codeql.github.com/codeql-query-help/cpp/cpp-invalid-pointer-deref/) | 119, 125, 193, 787 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Iterator to expired container](https://codeql.github.com/codeql-query-help/cpp/cpp-iterator-to-expired-container/) | 416, 664 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Missing return-value check for a 'scanf'-like function](https://codeql.github.com/codeql-query-help/cpp/cpp-missing-check-scanf/) | 252, 253 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Non-constant format string](https://codeql.github.com/codeql-query-help/cpp/cpp-non-constant-format/) | 134 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Not enough memory allocated for array of pointer type](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-allocation-size/) | 131, 122 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Not enough memory allocated for pointer type](https://codeql.github.com/codeql-query-help/cpp/cpp-allocation-too-small/) | 131, 122 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [NULL application name with an unquoted path in call to CreateProcess](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-create-process-call/) | 428 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Overflow in uncontrolled allocation size](https://codeql.github.com/codeql-query-help/cpp/cpp-uncontrolled-allocation-size/) | 190, 789 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Overrunning write](https://codeql.github.com/codeql-query-help/cpp/cpp-overrun-write/) | 119, 131 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Possibly wrong buffer size in string copy](https://codeql.github.com/codeql-query-help/cpp/cpp-bad-strncpy-size/) | 676, 119, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Potential exposure of sensitive system data to an unauthorized control sphere](https://codeql.github.com/codeql-query-help/cpp/cpp-potential-system-data-exposure/) | 497 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Potentially overrunning write](https://codeql.github.com/codeql-query-help/cpp/cpp-overrunning-write/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Potentially overrunning write with float to string conversion](https://codeql.github.com/codeql-query-help/cpp/cpp-overrunning-write-with-float/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Potentially uninitialized local variable](https://codeql.github.com/codeql-query-help/cpp/cpp-uninitialized-local/) | 665, 457 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Potentially unsafe call to strncat](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-strncat/) | 788, 676, 119, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Potentially unsafe use of strcat](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-strcat/) | 676, 120, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Suspicious 'sizeof' use](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-sizeof/) | 467 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Comma before misleading indentation](https://codeql.github.com/codeql-query-help/cpp/cpp-comma-before-misleading-indentation/) | 1078, 670 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [File created without restricting permissions](https://codeql.github.com/codeql-query-help/cpp/cpp-world-writable-file-creation/) | 732 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Incorrect 'not' operator usage](https://codeql.github.com/codeql-query-help/cpp/cpp-incorrect-not-operator-usage/) | 480 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Incorrect allocation-error handling](https://codeql.github.com/codeql-query-help/cpp/cpp-incorrect-allocation-error-handling/) | 570, 252, 755 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Invalid pointer dereference](https://codeql.github.com/codeql-query-help/cpp/cpp-invalid-pointer-deref/) | 119, 125, 193, 787 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Iterator to expired container](https://codeql.github.com/codeql-query-help/cpp/cpp-iterator-to-expired-container/) | 416, 664 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Missing return-value check for a 'scanf'-like function](https://codeql.github.com/codeql-query-help/cpp/cpp-missing-check-scanf/) | 252, 253 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Non-constant format string](https://codeql.github.com/codeql-query-help/cpp/cpp-non-constant-format/) | 134 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Not enough memory allocated for array of pointer type](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-allocation-size/) | 131, 122 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Not enough memory allocated for pointer type](https://codeql.github.com/codeql-query-help/cpp/cpp-allocation-too-small/) | 131, 122 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [NULL application name with an unquoted path in call to CreateProcess](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-create-process-call/) | 428 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Overflow in uncontrolled allocation size](https://codeql.github.com/codeql-query-help/cpp/cpp-uncontrolled-allocation-size/) | 190, 789 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Overrunning write](https://codeql.github.com/codeql-query-help/cpp/cpp-overrun-write/) | 119, 131 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Possibly wrong buffer size in string copy](https://codeql.github.com/codeql-query-help/cpp/cpp-bad-strncpy-size/) | 676, 119, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Potential exposure of sensitive system data to an unauthorized control sphere](https://codeql.github.com/codeql-query-help/cpp/cpp-potential-system-data-exposure/) | 497 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Potentially overrunning write](https://codeql.github.com/codeql-query-help/cpp/cpp-overrunning-write/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Potentially overrunning write with float to string conversion](https://codeql.github.com/codeql-query-help/cpp/cpp-overrunning-write-with-float/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Potentially uninitialized local variable](https://codeql.github.com/codeql-query-help/cpp/cpp-uninitialized-local/) | 665, 457 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Potentially unsafe call to strncat](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-strncat/) | 788, 676, 119, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Potentially unsafe use of strcat](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-strcat/) | 676, 120, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Suspicious 'sizeof' use](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-sizeof/) | 467 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Suspicious pointer scaling](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-pointer-scaling/) | 468 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Suspicious pointer scaling to void](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-pointer-scaling-void/) | 468 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Type confusion](https://codeql.github.com/codeql-query-help/cpp/cpp-type-confusion/) | 843 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Unbounded write](https://codeql.github.com/codeql-query-help/cpp/cpp-unbounded-write/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/cpp/cpp-path-injection/) | 022, 023, 036, 073 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Uncontrolled process operation](https://codeql.github.com/codeql-query-help/cpp/cpp-uncontrolled-process-operation/) | 114 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Unsigned difference expression compared to zero](https://codeql.github.com/codeql-query-help/cpp/cpp-unsigned-difference-expression-compared-zero/) | 191 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Unterminated variadic call](https://codeql.github.com/codeql-query-help/cpp/cpp-unterminated-variadic-call/) | 121 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Untrusted input for a condition](https://codeql.github.com/codeql-query-help/cpp/cpp-tainted-permissions-check/) | 807 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Use of potentially dangerous function](https://codeql.github.com/codeql-query-help/cpp/cpp-potentially-dangerous-function/) | 676 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Suspicious pointer scaling to void](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-pointer-scaling-void/) | 468 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Type confusion](https://codeql.github.com/codeql-query-help/cpp/cpp-type-confusion/) | 843 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Unbounded write](https://codeql.github.com/codeql-query-help/cpp/cpp-unbounded-write/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/cpp/cpp-path-injection/) | 022, 023, 036, 073 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Uncontrolled process operation](https://codeql.github.com/codeql-query-help/cpp/cpp-uncontrolled-process-operation/) | 114 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Unsigned difference expression compared to zero](https://codeql.github.com/codeql-query-help/cpp/cpp-unsigned-difference-expression-compared-zero/) | 191 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Unterminated variadic call](https://codeql.github.com/codeql-query-help/cpp/cpp-unterminated-variadic-call/) | 121 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Untrusted input for a condition](https://codeql.github.com/codeql-query-help/cpp/cpp-tainted-permissions-check/) | 807 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Use of potentially dangerous function](https://codeql.github.com/codeql-query-help/cpp/cpp-potentially-dangerous-function/) | 676 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% endrowheaders %} diff --git a/data/reusables/code-scanning/codeql-query-tables/csharp.md b/data/reusables/code-scanning/codeql-query-tables/csharp.md index b5bcb27b5d..17ca8fd103 100644 --- a/data/reusables/code-scanning/codeql-query-tables/csharp.md +++ b/data/reusables/code-scanning/codeql-query-tables/csharp.md @@ -28,7 +28,7 @@ | [Missing cross-site request forgery token validation](https://codeql.github.com/codeql-query-help/csharp/cs-web-missing-token-validation/) | 352 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Missing global error handler](https://codeql.github.com/codeql-query-help/csharp/cs-web-missing-global-error-handler/) | 12, 248 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Missing X-Frame-Options HTTP header](https://codeql.github.com/codeql-query-help/csharp/cs-web-missing-x-frame-options/) | 451, 829 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Page request validation is disabled](https://codeql.github.com/codeql-query-help/csharp/cs-web-request-validation-disabled/) | 16 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Page request validation is disabled](https://codeql.github.com/codeql-query-help/csharp/cs-web-request-validation-disabled/) | 16 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Regular expression injection](https://codeql.github.com/codeql-query-help/csharp/cs-regex-injection/) | 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Resource injection](https://codeql.github.com/codeql-query-help/csharp/cs-resource-injection/) | 099 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [SQL query built from user-controlled sources](https://codeql.github.com/codeql-query-help/csharp/cs-sql-injection/) | 089 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | diff --git a/data/reusables/code-scanning/codeql-query-tables/go.md b/data/reusables/code-scanning/codeql-query-tables/go.md index 55f377cea8..901889e4b1 100644 --- a/data/reusables/code-scanning/codeql-query-tables/go.md +++ b/data/reusables/code-scanning/codeql-query-tables/go.md @@ -15,13 +15,13 @@ | [Incorrect conversion between integer types](https://codeql.github.com/codeql-query-help/go/go-incorrect-integer-conversion/) | 190, 681 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Information exposure through a stack trace](https://codeql.github.com/codeql-query-help/go/go-stack-trace-exposure/) | 209, 497 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure TLS configuration](https://codeql.github.com/codeql-query-help/go/go-insecure-tls/) | 327 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Missing JWT signature check](https://codeql.github.com/codeql-query-help/go/go-missing-jwt-signature-check/) | 347 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Missing JWT signature check](https://codeql.github.com/codeql-query-help/go/go-missing-jwt-signature-check/) | 347 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Missing regular expression anchor](https://codeql.github.com/codeql-query-help/go/go-regex-missing-regexp-anchor/) | 20 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Open URL redirect](https://codeql.github.com/codeql-query-help/go/go-unvalidated-url-redirection/) | 601 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Potentially unsafe quoting](https://codeql.github.com/codeql-query-help/go/go-unsafe-quoting/) | 078, 089, 094 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Reflected cross-site scripting](https://codeql.github.com/codeql-query-help/go/go-reflected-xss/) | 079, 116 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Size computation for allocation may overflow](https://codeql.github.com/codeql-query-help/go/go-allocation-size-overflow/) | 190 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Slice memory allocation with excessive size value](https://codeql.github.com/codeql-query-help/go/go-uncontrolled-allocation-size/) | 770 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Slice memory allocation with excessive size value](https://codeql.github.com/codeql-query-help/go/go-uncontrolled-allocation-size/) | 770 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Suspicious characters in a regular expression](https://codeql.github.com/codeql-query-help/go/go-suspicious-character-in-regex/) | 20 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Uncontrolled data used in network request](https://codeql.github.com/codeql-query-help/go/go-request-forgery/) | 918 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/go/go-path-injection/) | 022, 023, 036, 073, 099 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | diff --git a/data/reusables/code-scanning/codeql-query-tables/java.md b/data/reusables/code-scanning/codeql-query-tables/java.md index a185ed3121..d5e4c4be08 100644 --- a/data/reusables/code-scanning/codeql-query-tables/java.md +++ b/data/reusables/code-scanning/codeql-query-tables/java.md @@ -32,7 +32,7 @@ | [Information exposure through a stack trace](https://codeql.github.com/codeql-query-help/java/java-stack-trace-exposure/) | 209, 497 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure Bean Validation](https://codeql.github.com/codeql-query-help/java/java-insecure-bean-validation/) | 094 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure LDAP authentication](https://codeql.github.com/codeql-query-help/java/java-insecure-ldap-auth/) | 522, 319 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Insecure local authentication](https://codeql.github.com/codeql-query-help/java/java-android-insecure-local-authentication/) | 287 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Insecure local authentication](https://codeql.github.com/codeql-query-help/java/java-android-insecure-local-authentication/) | 287 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure randomness](https://codeql.github.com/codeql-query-help/java/java-insecure-randomness/) | 330, 338 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Intent URI permission manipulation](https://codeql.github.com/codeql-query-help/java/java-android-intent-uri-permission-manipulation/) | 266, 926 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [JNDI lookup with user-controlled name](https://codeql.github.com/codeql-query-help/java/java-jndi-injection/) | 074 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | @@ -52,7 +52,7 @@ | [Uncontrolled data used in content resolution](https://codeql.github.com/codeql-query-help/java/java-android-unsafe-content-uri-resolution/) | 441, 610 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/java/java-path-injection/) | 022, 023, 036, 073 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Unsafe hostname verification](https://codeql.github.com/codeql-query-help/java/java-unsafe-hostname-verification/) | 297 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [URL forward from a remote source](https://codeql.github.com/codeql-query-help/java/java-unvalidated-url-forward/) | 552 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [URL forward from a remote source](https://codeql.github.com/codeql-query-help/java/java-unvalidated-url-forward/) | 552 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [URL redirection from remote source](https://codeql.github.com/codeql-query-help/java/java-unvalidated-url-redirection/) | 601 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Use of a broken or risky cryptographic algorithm](https://codeql.github.com/codeql-query-help/java/java-weak-cryptographic-algorithm/) | 327, 328 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Use of a cryptographic algorithm with insufficient key size](https://codeql.github.com/codeql-query-help/java/java-insufficient-key-size/) | 326 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | @@ -73,21 +73,21 @@ | [Android WebView JavaScript settings](https://codeql.github.com/codeql-query-help/java/java-android-websettings-javascript-enabled/) | 079 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Android WebView settings allows access to content links](https://codeql.github.com/codeql-query-help/java/java-android-websettings-allow-content-access/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Application backup allowed](https://codeql.github.com/codeql-query-help/java/java-android-backup-enabled/) | 312 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Building a command with an injected environment variable](https://codeql.github.com/codeql-query-help/java/java-exec-tainted-environment/) | 078, 088, 454 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Building a command with an injected environment variable](https://codeql.github.com/codeql-query-help/java/java-exec-tainted-environment/) | 078, 088, 454 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Cleartext storage of sensitive information in the Android filesystem](https://codeql.github.com/codeql-query-help/java/java-android-cleartext-storage-filesystem/) | 312 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Cleartext storage of sensitive information using 'Properties' class](https://codeql.github.com/codeql-query-help/java/java-cleartext-storage-in-properties/) | 313 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Cleartext storage of sensitive information using `SharedPreferences` on Android](https://codeql.github.com/codeql-query-help/java/java-android-cleartext-storage-shared-prefs/) | 312 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Cleartext storage of sensitive information using a local database on Android](https://codeql.github.com/codeql-query-help/java/java-android-cleartext-storage-database/) | 312 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [Comparison of narrow type with wide type in loop condition](https://codeql.github.com/codeql-query-help/java/java-comparison-with-wider-type/) | 190, 197 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Executing a command with a relative path](https://codeql.github.com/codeql-query-help/java/java-relative-path-command/) | 078, 088 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Exposure of sensitive information to notifications](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-notification/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | -| [Exposure of sensitive information to UI text views](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-text/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Exposure of sensitive information to notifications](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-notification/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | +| [Exposure of sensitive information to UI text views](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-text/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Hard-coded credential in API call](https://codeql.github.com/codeql-query-help/java/java-hardcoded-credential-api-call/) | 798 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [Improper validation of user-provided array index](https://codeql.github.com/codeql-query-help/java/java-improper-validation-of-array-index/) | 129 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Improper validation of user-provided size used for array construction](https://codeql.github.com/codeql-query-help/java/java-improper-validation-of-array-construction/) | 129 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure basic authentication](https://codeql.github.com/codeql-query-help/java/java-insecure-basic-auth/) | 522, 319 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure JavaMail SSL Configuration](https://codeql.github.com/codeql-query-help/java/java-insecure-smtp-ssl/) | 297 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Insecurely generated keys for local authentication](https://codeql.github.com/codeql-query-help/java/java-android-insecure-local-key-gen/) | 287 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Insecurely generated keys for local authentication](https://codeql.github.com/codeql-query-help/java/java-android-insecure-local-key-gen/) | 287 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insertion of sensitive information into log files](https://codeql.github.com/codeql-query-help/java/java-sensitive-log/) | 532 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Leaking sensitive information through a ResultReceiver](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-result-receiver/) | 927 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Leaking sensitive information through an implicit Intent](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-communication/) | 927 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | diff --git a/data/reusables/code-scanning/codeql-query-tables/python.md b/data/reusables/code-scanning/codeql-query-tables/python.md index 7a4a702d78..1a357a7b70 100644 --- a/data/reusables/code-scanning/codeql-query-tables/python.md +++ b/data/reusables/code-scanning/codeql-query-tables/python.md @@ -13,14 +13,14 @@ | [Deserialization of user-controlled data](https://codeql.github.com/codeql-query-help/python/py-unsafe-deserialization/) | 502 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Flask app is run in debug mode](https://codeql.github.com/codeql-query-help/python/py-flask-debug/) | 215, 489 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Full server-side request forgery](https://codeql.github.com/codeql-query-help/python/py-full-ssrf/) | 918 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [HTTP Response Splitting](https://codeql.github.com/codeql-query-help/python/py-http-response-splitting/) | 113, 079 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [HTTP Response Splitting](https://codeql.github.com/codeql-query-help/python/py-http-response-splitting/) | 113, 079 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Incomplete regular expression for hostnames](https://codeql.github.com/codeql-query-help/python/py-incomplete-hostname-regexp/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Incomplete URL substring sanitization](https://codeql.github.com/codeql-query-help/python/py-incomplete-url-substring-sanitization/) | 20 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Inefficient regular expression](https://codeql.github.com/codeql-query-help/python/py-redos/) | 1333, 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [Information exposure through an exception](https://codeql.github.com/codeql-query-help/python/py-stack-trace-exposure/) | 209, 497 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure temporary file](https://codeql.github.com/codeql-query-help/python/py-insecure-temporary-file/) | 377 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [LDAP query built from user-controlled sources](https://codeql.github.com/codeql-query-help/python/py-ldap-injection/) | 090 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [NoSQL Injection](https://codeql.github.com/codeql-query-help/python/py-nosql-injection/) | 943 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [NoSQL Injection](https://codeql.github.com/codeql-query-help/python/py-nosql-injection/) | 943 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Overly permissive regular expression range](https://codeql.github.com/codeql-query-help/python/py-overly-large-range/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [PAM authorization bypass due to incorrect usage](https://codeql.github.com/codeql-query-help/python/py-pam-auth-bypass/) | 285 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Polynomial regular expression used on uncontrolled data](https://codeql.github.com/codeql-query-help/python/py-polynomial-redos/) | 1333, 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | diff --git a/data/reusables/code-scanning/codeql-query-tables/ruby.md b/data/reusables/code-scanning/codeql-query-tables/ruby.md index 15024d6ba4..1431e058fa 100644 --- a/data/reusables/code-scanning/codeql-query-tables/ruby.md +++ b/data/reusables/code-scanning/codeql-query-tables/ruby.md @@ -7,7 +7,7 @@ | [Clear-text logging of sensitive information](https://codeql.github.com/codeql-query-help/ruby/rb-clear-text-logging-sensitive-data/) | 312, 359, 532 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Clear-text storage of sensitive information](https://codeql.github.com/codeql-query-help/ruby/rb-clear-text-storage-sensitive-data/) | 312, 359, 532 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Code injection](https://codeql.github.com/codeql-query-help/ruby/rb-code-injection/) | 094, 095, 116 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [CSRF protection not enabled](https://codeql.github.com/codeql-query-help/ruby/rb-csrf-protection-not-enabled/) | 352 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [CSRF protection not enabled](https://codeql.github.com/codeql-query-help/ruby/rb-csrf-protection-not-enabled/) | 352 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [CSRF protection weakened or disabled](https://codeql.github.com/codeql-query-help/ruby/rb-csrf-protection-disabled/) | 352 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Dependency download using unencrypted communication channel](https://codeql.github.com/codeql-query-help/ruby/rb-insecure-dependency/) | 300, 319, 494, 829 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Deserialization of user-controlled data](https://codeql.github.com/codeql-query-help/ruby/rb-unsafe-deserialization/) | 502 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | @@ -18,7 +18,7 @@ | [Incomplete URL substring sanitization](https://codeql.github.com/codeql-query-help/ruby/rb-incomplete-url-substring-sanitization/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Inefficient regular expression](https://codeql.github.com/codeql-query-help/ruby/rb-redos/) | 1333, 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [Information exposure through an exception](https://codeql.github.com/codeql-query-help/ruby/rb-stack-trace-exposure/) | 209, 497 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | -| [Insecure Mass Assignment](https://codeql.github.com/codeql-query-help/ruby/rb-insecure-mass-assignment/) | 915 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [Insecure Mass Assignment](https://codeql.github.com/codeql-query-help/ruby/rb-insecure-mass-assignment/) | 915 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Overly permissive regular expression range](https://codeql.github.com/codeql-query-help/ruby/rb-overly-large-range/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Polynomial regular expression used on uncontrolled data](https://codeql.github.com/codeql-query-help/ruby/rb-polynomial-redos/) | 1333, 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [Reflected server-side cross-site scripting](https://codeql.github.com/codeql-query-help/ruby/rb-reflected-xss/) | 079, 116 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |