diff --git a/cpp/ql/integration-tests/query-suite/cpp-code-quality.qls.expected b/cpp/ql/integration-tests/query-suite/cpp-code-quality.qls.expected new file mode 100644 index 000000000000..8b137891791f --- /dev/null +++ b/cpp/ql/integration-tests/query-suite/cpp-code-quality.qls.expected @@ -0,0 +1 @@ + diff --git a/cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected b/cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected new file mode 100644 index 000000000000..c307f26d3dbf --- /dev/null +++ b/cpp/ql/integration-tests/query-suite/cpp-code-scanning.qls.expected @@ -0,0 +1,60 @@ +ql/cpp/ql/src/Critical/DoubleFree.ql +ql/cpp/ql/src/Critical/IncorrectCheckScanf.ql +ql/cpp/ql/src/Critical/NewFreeMismatch.ql +ql/cpp/ql/src/Critical/OverflowStatic.ql +ql/cpp/ql/src/Critical/UseAfterFree.ql +ql/cpp/ql/src/Diagnostics/ExtractedFiles.ql +ql/cpp/ql/src/Diagnostics/ExtractionWarnings.ql +ql/cpp/ql/src/Diagnostics/FailedExtractorInvocations.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql +ql/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql +ql/cpp/ql/src/Likely Bugs/Format/SnprintfOverflow.ql +ql/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql +ql/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql +ql/cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql +ql/cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql +ql/cpp/ql/src/Likely Bugs/Underspecified Functions/TooFewArguments.ql +ql/cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql +ql/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql +ql/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-120/BadlyBoundedWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-120/VeryLikelyOverrunWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql +ql/cpp/ql/src/Security/CWE/CWE-134/UncontrolledFormatString.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql +ql/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql +ql/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql +ql/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql +ql/cpp/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql +ql/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql +ql/cpp/ql/src/Security/CWE/CWE-327/OpenSslHeartbleed.ql +ql/cpp/ql/src/Security/CWE/CWE-367/TOCTOUFilesystemRace.ql +ql/cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.ql +ql/cpp/ql/src/Security/CWE/CWE-416/UseOfStringAfterLifetimeEnds.ql +ql/cpp/ql/src/Security/CWE/CWE-416/UseOfUniquePointerAfterLifetimeEnds.ql +ql/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql +ql/cpp/ql/src/Security/CWE/CWE-497/ExposedSystemData.ql +ql/cpp/ql/src/Security/CWE/CWE-611/XXE.ql +ql/cpp/ql/src/Security/CWE/CWE-676/DangerousFunctionOverflow.ql +ql/cpp/ql/src/Security/CWE/CWE-676/DangerousUseOfCin.ql +ql/cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql +ql/cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.ql +ql/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql +ql/cpp/ql/src/Summary/LinesOfCode.ql +ql/cpp/ql/src/Summary/LinesOfUserCode.ql +ql/cpp/ql/src/Telemetry/CompilerErrors.ql +ql/cpp/ql/src/Telemetry/DatabaseQuality.ql +ql/cpp/ql/src/Telemetry/ExtractionMetrics.ql +ql/cpp/ql/src/Telemetry/MissingIncludes.ql +ql/cpp/ql/src/Telemetry/SucceededIncludes.ql diff --git a/cpp/ql/integration-tests/query-suite/cpp-security-and-quality.qls.expected b/cpp/ql/integration-tests/query-suite/cpp-security-and-quality.qls.expected new file mode 100644 index 000000000000..9ef67d525cd0 --- /dev/null +++ b/cpp/ql/integration-tests/query-suite/cpp-security-and-quality.qls.expected @@ -0,0 +1,181 @@ +ql/cpp/ql/src/Best Practices/BlockWithTooManyStatements.ql +ql/cpp/ql/src/Best Practices/ComplexCondition.ql +ql/cpp/ql/src/Best Practices/Exceptions/AccidentalRethrow.ql +ql/cpp/ql/src/Best Practices/Exceptions/CatchingByValue.ql +ql/cpp/ql/src/Best Practices/Exceptions/LeakyCatch.ql +ql/cpp/ql/src/Best Practices/Exceptions/ThrowingPointers.ql +ql/cpp/ql/src/Best Practices/GuardedFree.ql +ql/cpp/ql/src/Best Practices/Hiding/DeclarationHidesParameter.ql +ql/cpp/ql/src/Best Practices/Hiding/DeclarationHidesVariable.ql +ql/cpp/ql/src/Best Practices/Hiding/LocalVariableHidesGlobalVariable.ql +ql/cpp/ql/src/Best Practices/Likely Errors/CommaBeforeMisleadingIndentation.ql +ql/cpp/ql/src/Best Practices/Likely Errors/EmptyBlock.ql +ql/cpp/ql/src/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql +ql/cpp/ql/src/Best Practices/Likely Errors/Slicing.ql +ql/cpp/ql/src/Best Practices/RuleOfTwo.ql +ql/cpp/ql/src/Best Practices/SloppyGlobal.ql +ql/cpp/ql/src/Best Practices/SwitchLongCase.ql +ql/cpp/ql/src/Best Practices/Unused Entities/UnusedLocals.ql +ql/cpp/ql/src/Best Practices/Unused Entities/UnusedStaticFunctions.ql +ql/cpp/ql/src/Best Practices/Unused Entities/UnusedStaticVariables.ql +ql/cpp/ql/src/Best Practices/UseOfGoto.ql +ql/cpp/ql/src/Critical/DeadCodeGoto.ql +ql/cpp/ql/src/Critical/DoubleFree.ql +ql/cpp/ql/src/Critical/IncorrectCheckScanf.ql +ql/cpp/ql/src/Critical/LargeParameter.ql +ql/cpp/ql/src/Critical/MissingCheckScanf.ql +ql/cpp/ql/src/Critical/NewArrayDeleteMismatch.ql +ql/cpp/ql/src/Critical/NewDeleteArrayMismatch.ql +ql/cpp/ql/src/Critical/NewFreeMismatch.ql +ql/cpp/ql/src/Critical/OverflowStatic.ql +ql/cpp/ql/src/Critical/SizeCheck.ql +ql/cpp/ql/src/Critical/SizeCheck2.ql +ql/cpp/ql/src/Critical/UseAfterFree.ql +ql/cpp/ql/src/Diagnostics/ExtractedFiles.ql +ql/cpp/ql/src/Diagnostics/ExtractionWarnings.ql +ql/cpp/ql/src/Diagnostics/FailedExtractorInvocations.ql +ql/cpp/ql/src/Documentation/CommentedOutCode.ql +ql/cpp/ql/src/Documentation/FixmeComments.ql +ql/cpp/ql/src/Documentation/UncommentedFunction.ql +ql/cpp/ql/src/Header Cleanup/Cleanup-DuplicateIncludeGuard.ql +ql/cpp/ql/src/Likely Bugs/AmbiguouslySignedBitField.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/BadCheckOdd.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/BitwiseSignCheck.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/ComparisonPrecedence.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/FloatComparison.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/PointlessComparison.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/PointlessSelfComparison.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/UnsignedGEZero.ql +ql/cpp/ql/src/Likely Bugs/ContinueInFalseLoop.ql +ql/cpp/ql/src/Likely Bugs/Conversion/ArrayArgSizeMismatch.ql +ql/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql +ql/cpp/ql/src/Likely Bugs/Conversion/ImplicitDowncastFromBitfield.ql +ql/cpp/ql/src/Likely Bugs/Conversion/LossyFunctionResultCast.ql +ql/cpp/ql/src/Likely Bugs/Conversion/LossyPointerCast.ql +ql/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql +ql/cpp/ql/src/Likely Bugs/Format/SnprintfOverflow.ql +ql/cpp/ql/src/Likely Bugs/Format/TooManyFormatArguments.ql +ql/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql +ql/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.ql +ql/cpp/ql/src/Likely Bugs/InconsistentCallOnResult.ql +ql/cpp/ql/src/Likely Bugs/InconsistentCheckReturnNull.ql +ql/cpp/ql/src/Likely Bugs/Leap Year/Adding365DaysPerYear.ql +ql/cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql +ql/cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/AssignWhereCompareMeant.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/CompareWhereAssignMeant.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/DubiousNullCheck.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/ExprHasNoEffect.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/FutileConditional.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/MissingEnumCaseInSwitch.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/ShortCircuitBitMask.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/inconsistentLoopDirection.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/ReturnCstrOfLocalStdString.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/StackAddressEscapes.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/StrncpyFlippedArgs.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousSizeof.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/UnsafeUseOfStrcat.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql +ql/cpp/ql/src/Likely Bugs/NestedLoopSameVar.ql +ql/cpp/ql/src/Likely Bugs/OO/IncorrectConstructorDelegation.ql +ql/cpp/ql/src/Likely Bugs/OO/NonVirtualDestructorInBaseClass.ql +ql/cpp/ql/src/Likely Bugs/OO/ThrowInDestructor.ql +ql/cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql +ql/cpp/ql/src/Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql +ql/cpp/ql/src/Likely Bugs/Protocols/UseOfDeprecatedHardcodedProtocol.ql +ql/cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql +ql/cpp/ql/src/Likely Bugs/ReturnConstType.ql +ql/cpp/ql/src/Likely Bugs/ReturnConstTypeMember.ql +ql/cpp/ql/src/Likely Bugs/Underspecified Functions/ImplicitFunctionDeclaration.ql +ql/cpp/ql/src/Likely Bugs/Underspecified Functions/MistypedFunctionArguments.ql +ql/cpp/ql/src/Likely Bugs/Underspecified Functions/TooFewArguments.ql +ql/cpp/ql/src/Likely Bugs/Underspecified Functions/TooManyArguments.ql +ql/cpp/ql/src/Likely Bugs/UseInOwnInitializer.ql +ql/cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql +ql/cpp/ql/src/Security/CWE/CWE-022/TaintedPath.ql +ql/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql +ql/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-114/UncontrolledProcessOperation.ql +ql/cpp/ql/src/Security/CWE/CWE-119/OverflowBuffer.ql +ql/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql +ql/cpp/ql/src/Security/CWE/CWE-120/BadlyBoundedWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-120/OverrunWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-120/OverrunWriteFloat.ql +ql/cpp/ql/src/Security/CWE/CWE-120/UnboundedWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-120/VeryLikelyOverrunWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-121/UnterminatedVarargsCall.ql +ql/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql +ql/cpp/ql/src/Security/CWE/CWE-134/UncontrolledFormatString.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql +ql/cpp/ql/src/Security/CWE/CWE-190/TaintedAllocationSize.ql +ql/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql +ql/cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.ql +ql/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql +ql/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql +ql/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql +ql/cpp/ql/src/Security/CWE/CWE-295/SSLResultNotChecked.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql +ql/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql +ql/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql +ql/cpp/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql +ql/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql +ql/cpp/ql/src/Security/CWE/CWE-327/OpenSslHeartbleed.ql +ql/cpp/ql/src/Security/CWE/CWE-367/TOCTOUFilesystemRace.ql +ql/cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.ql +ql/cpp/ql/src/Security/CWE/CWE-416/UseOfStringAfterLifetimeEnds.ql +ql/cpp/ql/src/Security/CWE/CWE-416/UseOfUniquePointerAfterLifetimeEnds.ql +ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql +ql/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScaling.ql +ql/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql +ql/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql +ql/cpp/ql/src/Security/CWE/CWE-497/ExposedSystemData.ql +ql/cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql +ql/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql +ql/cpp/ql/src/Security/CWE/CWE-611/XXE.ql +ql/cpp/ql/src/Security/CWE/CWE-676/DangerousFunctionOverflow.ql +ql/cpp/ql/src/Security/CWE/CWE-676/DangerousUseOfCin.ql +ql/cpp/ql/src/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql +ql/cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql +ql/cpp/ql/src/Security/CWE/CWE-732/DoNotCreateWorldWritable.ql +ql/cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.ql +ql/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql +ql/cpp/ql/src/Security/CWE/CWE-807/TaintedCondition.ql +ql/cpp/ql/src/Security/CWE/CWE-843/TypeConfusion.ql +ql/cpp/ql/src/Summary/LinesOfCode.ql +ql/cpp/ql/src/Summary/LinesOfUserCode.ql +ql/cpp/ql/src/Telemetry/CompilerErrors.ql +ql/cpp/ql/src/Telemetry/DatabaseQuality.ql +ql/cpp/ql/src/Telemetry/ExtractionMetrics.ql +ql/cpp/ql/src/Telemetry/MissingIncludes.ql +ql/cpp/ql/src/Telemetry/SucceededIncludes.ql +ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 32.ql +ql/cpp/ql/src/jsf/4.07 Header Files/AV Rule 35.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 71.1.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 79.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 82.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 88.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 89.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 95.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 97.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 107.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 114.ql +ql/cpp/ql/src/jsf/4.16 Initialization/AV Rule 145.ql +ql/cpp/ql/src/jsf/4.17 Types/AV Rule 148.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 166.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 196.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 197.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 201.ql diff --git a/cpp/ql/integration-tests/query-suite/cpp-security-extended.qls.expected b/cpp/ql/integration-tests/query-suite/cpp-security-extended.qls.expected new file mode 100644 index 000000000000..f014b6d5dc51 --- /dev/null +++ b/cpp/ql/integration-tests/query-suite/cpp-security-extended.qls.expected @@ -0,0 +1,97 @@ +ql/cpp/ql/src/Best Practices/Likely Errors/CommaBeforeMisleadingIndentation.ql +ql/cpp/ql/src/Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql +ql/cpp/ql/src/Critical/DoubleFree.ql +ql/cpp/ql/src/Critical/IncorrectCheckScanf.ql +ql/cpp/ql/src/Critical/MissingCheckScanf.ql +ql/cpp/ql/src/Critical/NewFreeMismatch.ql +ql/cpp/ql/src/Critical/OverflowStatic.ql +ql/cpp/ql/src/Critical/SizeCheck.ql +ql/cpp/ql/src/Critical/SizeCheck2.ql +ql/cpp/ql/src/Critical/UseAfterFree.ql +ql/cpp/ql/src/Diagnostics/ExtractedFiles.ql +ql/cpp/ql/src/Diagnostics/ExtractionWarnings.ql +ql/cpp/ql/src/Diagnostics/FailedExtractorInvocations.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/IntMultToLong.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.ql +ql/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql +ql/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql +ql/cpp/ql/src/Likely Bugs/Format/SnprintfOverflow.ql +ql/cpp/ql/src/Likely Bugs/Format/WrongNumberOfFormatArguments.ql +ql/cpp/ql/src/Likely Bugs/Format/WrongTypeFormatArguments.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/ReturnStackAllocatedMemory.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/StrncpyFlippedArgs.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousSizeof.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/UninitializedLocal.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/UnsafeUseOfStrcat.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/UsingExpiredStackAddress.ql +ql/cpp/ql/src/Likely Bugs/OO/UnsafeUseOfThis.ql +ql/cpp/ql/src/Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql +ql/cpp/ql/src/Likely Bugs/Protocols/UseOfDeprecatedHardcodedProtocol.ql +ql/cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql +ql/cpp/ql/src/Likely Bugs/Underspecified Functions/TooFewArguments.ql +ql/cpp/ql/src/Security/CWE/CWE-014/MemsetMayBeDeleted.ql +ql/cpp/ql/src/Security/CWE/CWE-022/TaintedPath.ql +ql/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql +ql/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-114/UncontrolledProcessOperation.ql +ql/cpp/ql/src/Security/CWE/CWE-119/OverflowBuffer.ql +ql/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql +ql/cpp/ql/src/Security/CWE/CWE-120/BadlyBoundedWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-120/OverrunWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-120/OverrunWriteFloat.ql +ql/cpp/ql/src/Security/CWE/CWE-120/UnboundedWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-120/VeryLikelyOverrunWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-121/UnterminatedVarargsCall.ql +ql/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql +ql/cpp/ql/src/Security/CWE/CWE-134/UncontrolledFormatString.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ArithmeticUncontrolled.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ComparisonWithWiderType.ql +ql/cpp/ql/src/Security/CWE/CWE-190/TaintedAllocationSize.ql +ql/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql +ql/cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.ql +ql/cpp/ql/src/Security/CWE/CWE-253/HResultBooleanConversion.ql +ql/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql +ql/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql +ql/cpp/ql/src/Security/CWE/CWE-295/SSLResultNotChecked.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql +ql/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql +ql/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql +ql/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql +ql/cpp/ql/src/Security/CWE/CWE-326/InsufficientKeySize.ql +ql/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql +ql/cpp/ql/src/Security/CWE/CWE-327/OpenSslHeartbleed.ql +ql/cpp/ql/src/Security/CWE/CWE-367/TOCTOUFilesystemRace.ql +ql/cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.ql +ql/cpp/ql/src/Security/CWE/CWE-416/UseOfStringAfterLifetimeEnds.ql +ql/cpp/ql/src/Security/CWE/CWE-416/UseOfUniquePointerAfterLifetimeEnds.ql +ql/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql +ql/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScaling.ql +ql/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql +ql/cpp/ql/src/Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql +ql/cpp/ql/src/Security/CWE/CWE-497/ExposedSystemData.ql +ql/cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql +ql/cpp/ql/src/Security/CWE/CWE-570/IncorrectAllocationErrorHandling.ql +ql/cpp/ql/src/Security/CWE/CWE-611/XXE.ql +ql/cpp/ql/src/Security/CWE/CWE-676/DangerousFunctionOverflow.ql +ql/cpp/ql/src/Security/CWE/CWE-676/DangerousUseOfCin.ql +ql/cpp/ql/src/Security/CWE/CWE-676/PotentiallyDangerousFunction.ql +ql/cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql +ql/cpp/ql/src/Security/CWE/CWE-732/DoNotCreateWorldWritable.ql +ql/cpp/ql/src/Security/CWE/CWE-732/OpenCallMissingModeArgument.ql +ql/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql +ql/cpp/ql/src/Security/CWE/CWE-807/TaintedCondition.ql +ql/cpp/ql/src/Security/CWE/CWE-843/TypeConfusion.ql +ql/cpp/ql/src/Summary/LinesOfCode.ql +ql/cpp/ql/src/Summary/LinesOfUserCode.ql +ql/cpp/ql/src/Telemetry/CompilerErrors.ql +ql/cpp/ql/src/Telemetry/DatabaseQuality.ql +ql/cpp/ql/src/Telemetry/ExtractionMetrics.ql +ql/cpp/ql/src/Telemetry/MissingIncludes.ql +ql/cpp/ql/src/Telemetry/SucceededIncludes.ql diff --git a/cpp/ql/integration-tests/query-suite/not_included_in_qls.expected b/cpp/ql/integration-tests/query-suite/not_included_in_qls.expected new file mode 100644 index 000000000000..68b8c8b0ab46 --- /dev/null +++ b/cpp/ql/integration-tests/query-suite/not_included_in_qls.expected @@ -0,0 +1,447 @@ +ql/cpp/ql/src/AlertSuppression.ql +ql/cpp/ql/src/Architecture/FeatureEnvy.ql +ql/cpp/ql/src/Architecture/General Class-Level Information/ClassHierarchies.ql +ql/cpp/ql/src/Architecture/General Class-Level Information/HubClasses.ql +ql/cpp/ql/src/Architecture/General Class-Level Information/InheritanceDepthDistribution.ql +ql/cpp/ql/src/Architecture/General Namespace-Level Information/CyclicNamespaces.ql +ql/cpp/ql/src/Architecture/General Namespace-Level Information/GlobalNamespaceClasses.ql +ql/cpp/ql/src/Architecture/General Namespace-Level Information/NamespaceDependencies.ql +ql/cpp/ql/src/Architecture/General Top-Level Information/GeneralStatistics.ql +ql/cpp/ql/src/Architecture/InappropriateIntimacy.ql +ql/cpp/ql/src/Architecture/Refactoring Opportunities/ClassesWithManyDependencies.ql +ql/cpp/ql/src/Architecture/Refactoring Opportunities/ClassesWithManyFields.ql +ql/cpp/ql/src/Architecture/Refactoring Opportunities/ComplexFunctions.ql +ql/cpp/ql/src/Architecture/Refactoring Opportunities/CyclomaticComplexity.ql +ql/cpp/ql/src/Architecture/Refactoring Opportunities/FunctionsWithManyParameters.ql +ql/cpp/ql/src/Best Practices/Magic Constants/JapaneseEraDate.ql +ql/cpp/ql/src/Best Practices/Magic Constants/MagicConstantsNumbers.ql +ql/cpp/ql/src/Best Practices/Magic Constants/MagicConstantsString.ql +ql/cpp/ql/src/Best Practices/Magic Constants/MagicNumbersUseConstant.ql +ql/cpp/ql/src/Best Practices/Magic Constants/MagicStringsUseConstant.ql +ql/cpp/ql/src/Best Practices/NVI.ql +ql/cpp/ql/src/Best Practices/NVIHub.ql +ql/cpp/ql/src/Best Practices/RuleOfThree.ql +ql/cpp/ql/src/Best Practices/Unused Entities/UnusedIncludes.ql +ql/cpp/ql/src/Critical/DeadCodeCondition.ql +ql/cpp/ql/src/Critical/DeadCodeFunction.ql +ql/cpp/ql/src/Critical/DescriptorMayNotBeClosed.ql +ql/cpp/ql/src/Critical/DescriptorNeverClosed.ql +ql/cpp/ql/src/Critical/FileMayNotBeClosed.ql +ql/cpp/ql/src/Critical/FileNeverClosed.ql +ql/cpp/ql/src/Critical/GlobalUseBeforeInit.ql +ql/cpp/ql/src/Critical/InconsistentNullnessTesting.ql +ql/cpp/ql/src/Critical/InitialisationNotRun.ql +ql/cpp/ql/src/Critical/LateNegativeTest.ql +ql/cpp/ql/src/Critical/MemoryMayNotBeFreed.ql +ql/cpp/ql/src/Critical/MemoryNeverFreed.ql +ql/cpp/ql/src/Critical/MissingNegativityTest.ql +ql/cpp/ql/src/Critical/MissingNullTest.ql +ql/cpp/ql/src/Critical/NotInitialised.ql +ql/cpp/ql/src/Critical/OverflowCalculated.ql +ql/cpp/ql/src/Critical/OverflowDestination.ql +ql/cpp/ql/src/Critical/ReturnStackAllocatedObject.ql +ql/cpp/ql/src/Critical/ReturnValueIgnored.ql +ql/cpp/ql/src/Critical/Unused.ql +ql/cpp/ql/src/Diagnostics/Internal/ExtractionErrors.ql +ql/cpp/ql/src/Documentation/DocumentApi.ql +ql/cpp/ql/src/Documentation/TodoComments.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 03/ExitNonterminatingLoop.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 03/LoopBounds.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 04/Recursion.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 05/HeapMemory.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 07/ThreadSafety.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 09/AvoidNestedSemaphores.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 09/AvoidSemaphores.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 09/OutOfOrderLocks.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 09/ReleaseLocksWhenAcquired.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 11/SimpleControlFlowGoto.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 11/SimpleControlFlowJmp.ql +ql/cpp/ql/src/JPL_C/LOC-2/Rule 12/EnumInitialization.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 13/ExternDeclsInHeader.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 13/LimitedScopeFile.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 13/LimitedScopeFunction.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 13/LimitedScopeLocalHidesGlobal.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 14/CheckingReturnValues.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 15/CheckingParameterValues.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 16/UseOfAssertionsConstant.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 16/UseOfAssertionsDensity.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 16/UseOfAssertionsNonBoolean.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 16/UseOfAssertionsSideEffect.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 17/BasicIntTypes.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 18/CompoundExpressions.ql +ql/cpp/ql/src/JPL_C/LOC-3/Rule 19/NoBooleanSideEffects.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 20/PreprocessorUse.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 20/PreprocessorUseIfdef.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 20/PreprocessorUsePartial.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 20/PreprocessorUseUndisciplined.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 21/MacroInBlock.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 22/UseOfUndef.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 23/MismatchedIfdefs.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 24/MultipleStmtsPerLine.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 24/MultipleVarDeclsPerLine.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 25/FunctionSizeLimits.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 26/DeclarationPointerNesting.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 27/PointerDereferenceInStmt.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 28/HiddenPointerDereferenceMacro.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 28/HiddenPointerIndirectionTypedef.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 29/NonConstFunctionPointer.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 30/FunctionPointerConversions.ql +ql/cpp/ql/src/JPL_C/LOC-4/Rule 31/IncludesFirst.ql +ql/cpp/ql/src/Likely Bugs/Arithmetic/ComparisonWithCancelingSubExpr.ql +ql/cpp/ql/src/Likely Bugs/Conversion/ConversionChangesSign.ql +ql/cpp/ql/src/Likely Bugs/Conversion/NonzeroValueCastToPointer.ql +ql/cpp/ql/src/Likely Bugs/JapaneseEra/ConstructorOrMethodWithExactEraDate.ql +ql/cpp/ql/src/Likely Bugs/JapaneseEra/StructWithExactEraDate.ql +ql/cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/BoolValueInBitOp.ql +ql/cpp/ql/src/Likely Bugs/Likely Typos/LogicalExprCouldBeSimplified.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/ImproperNullTermination.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/Padding/More64BitWaste.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/Padding/NonPortablePrintf.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/Padding/Suboptimal64BitType.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/PotentialBufferOverflow.ql +ql/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousCallToMemset.ql +ql/cpp/ql/src/Likely Bugs/OO/NonVirtualDestructor.ql +ql/cpp/ql/src/Likely Bugs/OO/SelfAssignmentCheck.ql +ql/cpp/ql/src/Likely Bugs/OO/VirtualCallInStructor.ql +ql/cpp/ql/src/Likely Bugs/ShortLoopVarName.ql +ql/cpp/ql/src/Metrics/Classes/CAfferentCoupling.ql +ql/cpp/ql/src/Metrics/Classes/CEfferentCoupling.ql +ql/cpp/ql/src/Metrics/Classes/CHalsteadBugs.ql +ql/cpp/ql/src/Metrics/Classes/CHalsteadDifficulty.ql +ql/cpp/ql/src/Metrics/Classes/CHalsteadEffort.ql +ql/cpp/ql/src/Metrics/Classes/CHalsteadLength.ql +ql/cpp/ql/src/Metrics/Classes/CHalsteadVocabulary.ql +ql/cpp/ql/src/Metrics/Classes/CHalsteadVolume.ql +ql/cpp/ql/src/Metrics/Classes/CInheritanceDepth.ql +ql/cpp/ql/src/Metrics/Classes/CLackOfCohesionCK.ql +ql/cpp/ql/src/Metrics/Classes/CLackOfCohesionHS.ql +ql/cpp/ql/src/Metrics/Classes/CLinesOfCode.ql +ql/cpp/ql/src/Metrics/Classes/CNumberOfFields.ql +ql/cpp/ql/src/Metrics/Classes/CNumberOfFunctions.ql +ql/cpp/ql/src/Metrics/Classes/CNumberOfStatements.ql +ql/cpp/ql/src/Metrics/Classes/CPercentageOfComplexCode.ql +ql/cpp/ql/src/Metrics/Classes/CResponse.ql +ql/cpp/ql/src/Metrics/Classes/CSizeOfAPI.ql +ql/cpp/ql/src/Metrics/Classes/CSpecialisation.ql +ql/cpp/ql/src/Metrics/Dependencies/ExternalDependencies.ql +ql/cpp/ql/src/Metrics/Dependencies/ExternalDependenciesSourceLinks.ql +ql/cpp/ql/src/Metrics/External/FileCompilationDisplayStrings.ql +ql/cpp/ql/src/Metrics/External/FileCompilationSourceLinks.ql +ql/cpp/ql/src/Metrics/Files/AutogeneratedLOC.ql +ql/cpp/ql/src/Metrics/Files/ConditionalSegmentConditions.ql +ql/cpp/ql/src/Metrics/Files/ConditionalSegmentLines.ql +ql/cpp/ql/src/Metrics/Files/FAfferentCoupling.ql +ql/cpp/ql/src/Metrics/Files/FCommentRatio.ql +ql/cpp/ql/src/Metrics/Files/FCyclomaticComplexity.ql +ql/cpp/ql/src/Metrics/Files/FDirectIncludes.ql +ql/cpp/ql/src/Metrics/Files/FEfferentCoupling.ql +ql/cpp/ql/src/Metrics/Files/FHalsteadBugs.ql +ql/cpp/ql/src/Metrics/Files/FHalsteadDifficulty.ql +ql/cpp/ql/src/Metrics/Files/FHalsteadEffort.ql +ql/cpp/ql/src/Metrics/Files/FHalsteadLength.ql +ql/cpp/ql/src/Metrics/Files/FHalsteadVocabulary.ql +ql/cpp/ql/src/Metrics/Files/FHalsteadVolume.ql +ql/cpp/ql/src/Metrics/Files/FLines.ql +ql/cpp/ql/src/Metrics/Files/FLinesOfCode.ql +ql/cpp/ql/src/Metrics/Files/FLinesOfCommentedOutCode.ql +ql/cpp/ql/src/Metrics/Files/FLinesOfComments.ql +ql/cpp/ql/src/Metrics/Files/FMacroRatio.ql +ql/cpp/ql/src/Metrics/Files/FNumberOfClasses.ql +ql/cpp/ql/src/Metrics/Files/FNumberOfTests.ql +ql/cpp/ql/src/Metrics/Files/FTimeInFrontend.ql +ql/cpp/ql/src/Metrics/Files/FTodoComments.ql +ql/cpp/ql/src/Metrics/Files/FTransitiveIncludes.ql +ql/cpp/ql/src/Metrics/Files/FTransitiveSourceIncludes.ql +ql/cpp/ql/src/Metrics/Files/FunctionLength.ql +ql/cpp/ql/src/Metrics/Files/NumberOfFunctions.ql +ql/cpp/ql/src/Metrics/Files/NumberOfGlobals.ql +ql/cpp/ql/src/Metrics/Files/NumberOfParameters.ql +ql/cpp/ql/src/Metrics/Files/NumberOfPublicFunctions.ql +ql/cpp/ql/src/Metrics/Files/NumberOfPublicGlobals.ql +ql/cpp/ql/src/Metrics/Functions/FunCyclomaticComplexity.ql +ql/cpp/ql/src/Metrics/Functions/FunIterationNestingDepth.ql +ql/cpp/ql/src/Metrics/Functions/FunLinesOfCode.ql +ql/cpp/ql/src/Metrics/Functions/FunLinesOfComments.ql +ql/cpp/ql/src/Metrics/Functions/FunNumberOfCalls.ql +ql/cpp/ql/src/Metrics/Functions/FunNumberOfParameters.ql +ql/cpp/ql/src/Metrics/Functions/FunNumberOfStatements.ql +ql/cpp/ql/src/Metrics/Functions/FunPercentageOfComments.ql +ql/cpp/ql/src/Metrics/Functions/StatementNestingDepth.ql +ql/cpp/ql/src/Metrics/Internal/ASTConsistency.ql +ql/cpp/ql/src/Metrics/Internal/CallableDisplayStrings.ql +ql/cpp/ql/src/Metrics/Internal/CallableExtents.ql +ql/cpp/ql/src/Metrics/Internal/CallableSourceLinks.ql +ql/cpp/ql/src/Metrics/Internal/DiagnosticsSumElapsedTimes.ql +ql/cpp/ql/src/Metrics/Internal/IRConsistency.ql +ql/cpp/ql/src/Metrics/Internal/IncludeResolutionStatus.ql +ql/cpp/ql/src/Metrics/Internal/ReftypeDisplayStrings.ql +ql/cpp/ql/src/Metrics/Internal/ReftypeSourceLinks.ql +ql/cpp/ql/src/Metrics/Namespaces/AbstractNamespaces.ql +ql/cpp/ql/src/Metrics/Namespaces/ConcreteNamespaces.ql +ql/cpp/ql/src/Metrics/Namespaces/HighAfferentCouplingNamespaces.ql +ql/cpp/ql/src/Metrics/Namespaces/HighDistanceFromMainLineNamespaces.ql +ql/cpp/ql/src/Metrics/Namespaces/HighEfferentCouplingNamespaces.ql +ql/cpp/ql/src/Metrics/Namespaces/StableNamespaces.ql +ql/cpp/ql/src/Metrics/Namespaces/UnstableNamespaces.ql +ql/cpp/ql/src/Microsoft/CallWithNullSAL.ql +ql/cpp/ql/src/Microsoft/IgnoreReturnValueSAL.ql +ql/cpp/ql/src/Microsoft/InconsistentSAL.ql +ql/cpp/ql/src/PointsTo/Debug.ql +ql/cpp/ql/src/PointsTo/PreparedStagedPointsTo.ql +ql/cpp/ql/src/PointsTo/Stats.ql +ql/cpp/ql/src/PointsTo/TaintedFormatStrings.ql +ql/cpp/ql/src/Power of 10/Rule 1/UseOfGoto.ql +ql/cpp/ql/src/Power of 10/Rule 1/UseOfJmp.ql +ql/cpp/ql/src/Power of 10/Rule 1/UseOfRecursion.ql +ql/cpp/ql/src/Power of 10/Rule 2/BoundedLoopIterations.ql +ql/cpp/ql/src/Power of 10/Rule 2/ExitPermanentLoop.ql +ql/cpp/ql/src/Power of 10/Rule 3/DynamicAllocAfterInit.ql +ql/cpp/ql/src/Power of 10/Rule 4/FunctionTooLong.ql +ql/cpp/ql/src/Power of 10/Rule 4/OneStmtPerLine.ql +ql/cpp/ql/src/Power of 10/Rule 5/AssertionDensity.ql +ql/cpp/ql/src/Power of 10/Rule 5/AssertionSideEffect.ql +ql/cpp/ql/src/Power of 10/Rule 5/ConstantAssertion.ql +ql/cpp/ql/src/Power of 10/Rule 5/NonBooleanAssertion.ql +ql/cpp/ql/src/Power of 10/Rule 6/GlobalCouldBeStatic.ql +ql/cpp/ql/src/Power of 10/Rule 6/VariableScopeTooLarge.ql +ql/cpp/ql/src/Power of 10/Rule 7/CheckArguments.ql +ql/cpp/ql/src/Power of 10/Rule 7/CheckReturnValues.ql +ql/cpp/ql/src/Power of 10/Rule 8/AvoidConditionalCompilation.ql +ql/cpp/ql/src/Power of 10/Rule 8/PartialMacro.ql +ql/cpp/ql/src/Power of 10/Rule 8/RestrictPreprocessor.ql +ql/cpp/ql/src/Power of 10/Rule 8/UndisciplinedMacro.ql +ql/cpp/ql/src/Power of 10/Rule 9/FunctionPointer.ql +ql/cpp/ql/src/Power of 10/Rule 9/HiddenPointerIndirection.ql +ql/cpp/ql/src/Power of 10/Rule 9/PointerNesting.ql +ql/cpp/ql/src/Security/CWE/CWE-020/CountUntrustedDataToExternalAPI.ql +ql/cpp/ql/src/Security/CWE/CWE-020/IRCountUntrustedDataToExternalAPI.ql +ql/cpp/ql/src/Security/CWE/CWE-020/IRUntrustedDataToExternalAPI.ql +ql/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql +ql/cpp/ql/src/Security/CWE/CWE-129/ImproperArrayIndexValidation.ql +ql/cpp/ql/src/Security/CWE/CWE-170/ImproperNullTerminationTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ArithmeticTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-190/ArithmeticWithExtremeValues.ql +ql/cpp/ql/src/Security/CWE/CWE-190/IntegerOverflowTainted.ql +ql/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql +ql/cpp/ql/src/Security/CWE/CWE-468/IncorrectPointerScalingChar.ql +ql/cpp/ql/src/Security/CWE/CWE-764/LockOrderCycle.ql +ql/cpp/ql/src/Security/CWE/CWE-764/TwiceLocked.ql +ql/cpp/ql/src/Security/CWE/CWE-764/UnreleasedLock.ql +ql/cpp/ql/src/Security/CWE/CWE-835/InfiniteLoopWithUnsatisfiableExitCondition.ql +ql/cpp/ql/src/definitions.ql +ql/cpp/ql/src/experimental/Best Practices/UselessTest.ql +ql/cpp/ql/src/experimental/Best Practices/WrongUintAccess.ql +ql/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql +ql/cpp/ql/src/experimental/Likely Bugs/DerefNullResult.ql +ql/cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-1240/CustomCryptographicPrimitive.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-295/CurlSSL.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-369/DivideByZeroUsingReturnValue.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-377/InsecureTemporaryFile.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-409/DecompressionBombs.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-416/UseAfterExpiredLifetime.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql +ql/cpp/ql/src/experimental/Security/CWE/CWE-805/BufferAccessWithIncorrectLengthValue.ql +ql/cpp/ql/src/experimental/cryptography/example_alerts/UnknownAsymmetricKeyGen.ql +ql/cpp/ql/src/experimental/cryptography/example_alerts/WeakAsymmetricKeyGen.ql +ql/cpp/ql/src/experimental/cryptography/example_alerts/WeakBlockMode.ql +ql/cpp/ql/src/experimental/cryptography/example_alerts/WeakEllipticCurve.ql +ql/cpp/ql/src/experimental/cryptography/example_alerts/WeakEncryption.ql +ql/cpp/ql/src/experimental/cryptography/example_alerts/WeakHashes.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/AllAsymmetricAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/AllCryptoAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/AsymmetricEncryptionAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/AsymmetricPaddingAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/AuthenticatedEncryptionAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/BlockModeAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/BlockModeKnownIVsOrNonces.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/BlockModeUnknownIVsOrNonces.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/EllipticCurveAlgorithmSize.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/EllipticCurveAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/HashingAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/KeyExchangeAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/KnownAsymmetricKeyGeneration.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/SigningAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/SymmetricEncryptionAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/SymmetricPaddingAlgorithms.ql +ql/cpp/ql/src/experimental/cryptography/inventory/new_models/UnknownAsymmetricKeyGeneration.ql +ql/cpp/ql/src/external/examples/filters/BumpMetricBy10.ql +ql/cpp/ql/src/external/examples/filters/EditDefectMessage.ql +ql/cpp/ql/src/external/examples/filters/ExcludeGeneratedCode.ql +ql/cpp/ql/src/filters/ClassifyFiles.ql +ql/cpp/ql/src/jsf/3.02 Code Size and Complexity/AV Rule 1.ql +ql/cpp/ql/src/jsf/3.02 Code Size and Complexity/AV Rule 2.ql +ql/cpp/ql/src/jsf/3.02 Code Size and Complexity/AV Rule 3.ql +ql/cpp/ql/src/jsf/4.04 Environment/AV Rule 11.ql +ql/cpp/ql/src/jsf/4.04 Environment/AV Rule 12.ql +ql/cpp/ql/src/jsf/4.04 Environment/AV Rule 13.ql +ql/cpp/ql/src/jsf/4.04 Environment/AV Rule 14.ql +ql/cpp/ql/src/jsf/4.04 Environment/AV Rule 9.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 17.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 18.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 19.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 20.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 21.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 22.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 23.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 24.ql +ql/cpp/ql/src/jsf/4.05 Libraries/AV Rule 25.ql +ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 26.ql +ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 27.ql +ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 28.ql +ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 29.ql +ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 30.ql +ql/cpp/ql/src/jsf/4.06 Pre-Processing Directives/AV Rule 31.ql +ql/cpp/ql/src/jsf/4.07 Header Files/AV Rule 33.ql +ql/cpp/ql/src/jsf/4.07 Header Files/AV Rule 39.ql +ql/cpp/ql/src/jsf/4.08 Implementation Files/AV Rule 40.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 41.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 42.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 43.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 44.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 45.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 46.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 47.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 48.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 49.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 50.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 51.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 52.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 53.1.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 53.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 54.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 57.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 58.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 59.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 60.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 61.ql +ql/cpp/ql/src/jsf/4.09 Style/AV Rule 63.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 68.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 69.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 70.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 71.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 73.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 74.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 75.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 76.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 77.1.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 78.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 81.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 85.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 88.1.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 94.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 96.ql +ql/cpp/ql/src/jsf/4.10 Classes/AV Rule 97.1.ql +ql/cpp/ql/src/jsf/4.11 Namespaces/AV Rule 99.ql +ql/cpp/ql/src/jsf/4.12 Templates/AV Rule 104.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 108.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 110.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 111.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 113.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 115.ql +ql/cpp/ql/src/jsf/4.13 Functions/AV Rule 119.ql +ql/cpp/ql/src/jsf/4.14 Comments/AV Rule 126.ql +ql/cpp/ql/src/jsf/4.14 Comments/AV Rule 127.ql +ql/cpp/ql/src/jsf/4.14 Comments/AV Rule 133.ql +ql/cpp/ql/src/jsf/4.15 Declarations and Definitions/AV Rule 135.ql +ql/cpp/ql/src/jsf/4.15 Declarations and Definitions/AV Rule 138.ql +ql/cpp/ql/src/jsf/4.15 Declarations and Definitions/AV Rule 139.ql +ql/cpp/ql/src/jsf/4.15 Declarations and Definitions/AV Rule 140.ql +ql/cpp/ql/src/jsf/4.16 Initialization/AV Rule 142.ql +ql/cpp/ql/src/jsf/4.16 Initialization/AV Rule 143.ql +ql/cpp/ql/src/jsf/4.17 Types/AV Rule 147.ql +ql/cpp/ql/src/jsf/4.18 Constants/AV Rule 149.ql +ql/cpp/ql/src/jsf/4.18 Constants/AV Rule 150.ql +ql/cpp/ql/src/jsf/4.18 Constants/AV Rule 151.1.ql +ql/cpp/ql/src/jsf/4.18 Constants/AV Rule 151.ql +ql/cpp/ql/src/jsf/4.19 Variables/AV Rule 152.ql +ql/cpp/ql/src/jsf/4.20 Unions and Bit Fields/AV Rule 153.ql +ql/cpp/ql/src/jsf/4.20 Unions and Bit Fields/AV Rule 154.ql +ql/cpp/ql/src/jsf/4.20 Unions and Bit Fields/AV Rule 155.ql +ql/cpp/ql/src/jsf/4.20 Unions and Bit Fields/AV Rule 156.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 157.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 158.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 159.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 160.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 162.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 163.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 164.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql +ql/cpp/ql/src/jsf/4.21 Operators/AV Rule 168.ql +ql/cpp/ql/src/jsf/4.22 Pointers and References/AV Rule 170.ql +ql/cpp/ql/src/jsf/4.22 Pointers and References/AV Rule 171.ql +ql/cpp/ql/src/jsf/4.22 Pointers and References/AV Rule 173.ql +ql/cpp/ql/src/jsf/4.22 Pointers and References/AV Rule 175.ql +ql/cpp/ql/src/jsf/4.22 Pointers and References/AV Rule 176.ql +ql/cpp/ql/src/jsf/4.23 Type Conversions/AV Rule 178.ql +ql/cpp/ql/src/jsf/4.23 Type Conversions/AV Rule 179.ql +ql/cpp/ql/src/jsf/4.23 Type Conversions/AV Rule 180.ql +ql/cpp/ql/src/jsf/4.23 Type Conversions/AV Rule 181.ql +ql/cpp/ql/src/jsf/4.23 Type Conversions/AV Rule 182.ql +ql/cpp/ql/src/jsf/4.23 Type Conversions/AV Rule 184.ql +ql/cpp/ql/src/jsf/4.23 Type Conversions/AV Rule 185.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 186.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 187.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 188.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 189.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 190.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 191.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 192.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 193.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 194.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 195.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 198.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 199.ql +ql/cpp/ql/src/jsf/4.24 Control Flow Structures/AV Rule 200.ql +ql/cpp/ql/src/jsf/4.25 Expressions/AV Rule 202.ql +ql/cpp/ql/src/jsf/4.25 Expressions/AV Rule 204.1.ql +ql/cpp/ql/src/jsf/4.25 Expressions/AV Rule 204.ql +ql/cpp/ql/src/jsf/4.25 Expressions/AV Rule 205.ql +ql/cpp/ql/src/jsf/4.26 Memory Allocation/AV Rule 206.ql +ql/cpp/ql/src/jsf/4.26 Memory Allocation/AV Rule 207.ql +ql/cpp/ql/src/jsf/4.27 Fault Handling/AV Rule 208.ql +ql/cpp/ql/src/jsf/4.28 Portable Code/AV Rule 209.ql +ql/cpp/ql/src/jsf/4.28 Portable Code/AV Rule 210.ql +ql/cpp/ql/src/jsf/4.28 Portable Code/AV Rule 212.ql +ql/cpp/ql/src/jsf/4.28 Portable Code/AV Rule 213.ql +ql/cpp/ql/src/jsf/4.28 Portable Code/AV Rule 214.ql +ql/cpp/ql/src/jsf/4.28 Portable Code/AV Rule 215.ql +ql/cpp/ql/src/utils/modelgenerator/CaptureContentSummaryModels.ql +ql/cpp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql +ql/cpp/ql/src/utils/modelgenerator/CaptureSinkModels.ql +ql/cpp/ql/src/utils/modelgenerator/CaptureSourceModels.ql +ql/cpp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql diff --git a/cpp/ql/integration-tests/query-suite/test.py b/cpp/ql/integration-tests/query-suite/test.py new file mode 100644 index 000000000000..232630c4d2a9 --- /dev/null +++ b/cpp/ql/integration-tests/query-suite/test.py @@ -0,0 +1,14 @@ +import runs_on +import pytest +from query_suites import * + +well_known_query_suites = ['cpp-code-quality.qls', 'cpp-security-and-quality.qls', 'cpp-security-extended.qls', 'cpp-code-scanning.qls'] + +@runs_on.posix +@pytest.mark.parametrize("query_suite", well_known_query_suites) +def test(codeql, cpp, check_query_suite, query_suite): + check_query_suite(query_suite) + +@runs_on.posix +def test_not_included_queries(codeql, cpp, check_queries_not_included): + check_queries_not_included('cpp', well_known_query_suites) diff --git a/python/ql/integration-tests/query-suite/not_included_in_qls.expected b/python/ql/integration-tests/query-suite/not_included_in_qls.expected new file mode 100644 index 000000000000..9921f13aa558 --- /dev/null +++ b/python/ql/integration-tests/query-suite/not_included_in_qls.expected @@ -0,0 +1,176 @@ +ql/python/ql/src/AlertSuppression.ql +ql/python/ql/src/Classes/MaybeUndefinedClassAttribute.ql +ql/python/ql/src/Classes/ShouldBeContextManager.ql +ql/python/ql/src/Classes/UndefinedClassAttribute.ql +ql/python/ql/src/Classes/UselessClass.ql +ql/python/ql/src/Expressions/NonPortableComparisonUsingIs.ql +ql/python/ql/src/Filters/ClassifyFiles.ql +ql/python/ql/src/Functions/ReturnValueIgnored.ql +ql/python/ql/src/Imports/ImportShadowedByLoopVar.ql +ql/python/ql/src/Imports/ImportStarUsed.ql +ql/python/ql/src/Imports/Imports.ql +ql/python/ql/src/Lexical/FCommentedOutCode.ql +ql/python/ql/src/Lexical/ToDoComment.ql +ql/python/ql/src/Metrics/CLinesOfCode.ql +ql/python/ql/src/Metrics/ClassAfferentCoupling.ql +ql/python/ql/src/Metrics/ClassEfferentCoupling.ql +ql/python/ql/src/Metrics/CommentRatio.ql +ql/python/ql/src/Metrics/CyclomaticComplexity.ql +ql/python/ql/src/Metrics/Dependencies/ExternalDependencies.ql +ql/python/ql/src/Metrics/Dependencies/ExternalDependenciesSourceLinks.ql +ql/python/ql/src/Metrics/DirectImports.ql +ql/python/ql/src/Metrics/DocStringRatio.ql +ql/python/ql/src/Metrics/External/CommitDisplayStrings.ql +ql/python/ql/src/Metrics/External/CommitSourceLinks.ql +ql/python/ql/src/Metrics/FClasses.ql +ql/python/ql/src/Metrics/FFunctionsAndMethods.ql +ql/python/ql/src/Metrics/FLines.ql +ql/python/ql/src/Metrics/FLinesOfCode.ql +ql/python/ql/src/Metrics/FLinesOfComments.ql +ql/python/ql/src/Metrics/FLinesOfDuplicatedCode.ql +ql/python/ql/src/Metrics/FLinesOfSimilarCode.ql +ql/python/ql/src/Metrics/FNumberOfTests.ql +ql/python/ql/src/Metrics/FunctionNumberOfCalls.ql +ql/python/ql/src/Metrics/FunctionStatementNestingDepth.ql +ql/python/ql/src/Metrics/History/HChurn.ql +ql/python/ql/src/Metrics/History/HLinesAdded.ql +ql/python/ql/src/Metrics/History/HLinesDeleted.ql +ql/python/ql/src/Metrics/History/HNumberOfAuthors.ql +ql/python/ql/src/Metrics/History/HNumberOfCoCommits.ql +ql/python/ql/src/Metrics/History/HNumberOfCommits.ql +ql/python/ql/src/Metrics/History/HNumberOfReCommits.ql +ql/python/ql/src/Metrics/History/HNumberOfRecentAuthors.ql +ql/python/ql/src/Metrics/History/HNumberOfRecentChangedFiles.ql +ql/python/ql/src/Metrics/History/HNumberOfRecentCommits.ql +ql/python/ql/src/Metrics/Internal/CallableDisplayStrings.ql +ql/python/ql/src/Metrics/Internal/CallableExtents.ql +ql/python/ql/src/Metrics/Internal/CallableSourceLinks.ql +ql/python/ql/src/Metrics/Internal/ClassDisplayStrings.ql +ql/python/ql/src/Metrics/Internal/ClassExtents.ql +ql/python/ql/src/Metrics/Internal/ClassSourceLinks.ql +ql/python/ql/src/Metrics/Internal/TypeAnnotations.ql +ql/python/ql/src/Metrics/LackofCohesionInMethodsCK.ql +ql/python/ql/src/Metrics/LackofCohesionInMethodsHM.ql +ql/python/ql/src/Metrics/ModuleAfferentCoupling.ql +ql/python/ql/src/Metrics/ModuleEfferentCoupling.ql +ql/python/ql/src/Metrics/NumberOfParametersWithoutDefault.ql +ql/python/ql/src/Metrics/NumberOfStatements.ql +ql/python/ql/src/Metrics/TransitiveImports.ql +ql/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.ql +ql/python/ql/src/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.ql +ql/python/ql/src/Statements/AssertLiteralConstant.ql +ql/python/ql/src/Statements/C_StyleParentheses.ql +ql/python/ql/src/Statements/DocStrings.ql +ql/python/ql/src/Statements/ExecUsed.ql +ql/python/ql/src/Statements/StringConcatenationInLoop.ql +ql/python/ql/src/Variables/Global.ql +ql/python/ql/src/Variables/ShadowBuiltin.ql +ql/python/ql/src/Variables/ShadowGlobal.ql +ql/python/ql/src/Variables/UndefinedGlobal.ql +ql/python/ql/src/Variables/UnusedParameter.ql +ql/python/ql/src/analysis/CallGraphEfficiency.ql +ql/python/ql/src/analysis/CallGraphMarginalEfficiency.ql +ql/python/ql/src/analysis/Consistency.ql +ql/python/ql/src/analysis/ContextEfficiency.ql +ql/python/ql/src/analysis/ContextMarginalEfficiency.ql +ql/python/ql/src/analysis/Definitions.ql +ql/python/ql/src/analysis/Efficiency.ql +ql/python/ql/src/analysis/FailedInference.ql +ql/python/ql/src/analysis/ImportFailure.ql +ql/python/ql/src/analysis/KeyPointsToFailure.ql +ql/python/ql/src/analysis/PointsToFailure.ql +ql/python/ql/src/analysis/Pruned.ql +ql/python/ql/src/analysis/RatioOfDefinitions.ql +ql/python/ql/src/analysis/Summary.ql +ql/python/ql/src/analysis/TypeHierarchyFailure.ql +ql/python/ql/src/analysis/TypeInferenceFailure.ql +ql/python/ql/src/experimental/Classes/NamingConventionsClasses.ql +ql/python/ql/src/experimental/Functions/NamingConventionsFunctions.ql +ql/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql +ql/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql +ql/python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.ql +ql/python/ql/src/experimental/Security/CWE-074/remoteCommandExecution/RemoteCommandExecution.ql +ql/python/ql/src/experimental/Security/CWE-079/EmailXss.ql +ql/python/ql/src/experimental/Security/CWE-091/XsltInjection.ql +ql/python/ql/src/experimental/Security/CWE-094/Js2Py.ql +ql/python/ql/src/experimental/Security/CWE-1236/CsvInjection.ql +ql/python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidation.ql +ql/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.ql +ql/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHash/TimingAttackAgainstHash.ql +ql/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstHeaderValue/TimingAttackAgainstHeaderValue.ql +ql/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo/PossibleTimingAttackAgainstSensitiveInfo.ql +ql/python/ql/src/experimental/Security/CWE-208/TimingAttackAgainstSensitiveInfo/TimingAttackAgainstSensitiveInfo.ql +ql/python/ql/src/experimental/Security/CWE-287-ConstantSecretKey/WebAppConstantSecretKey.ql +ql/python/ql/src/experimental/Security/CWE-287/ImproperLdapAuth.ql +ql/python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql +ql/python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql +ql/python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql +ql/python/ql/src/experimental/Security/CWE-346/CorsBypass.ql +ql/python/ql/src/experimental/Security/CWE-347/JWTEmptyKeyOrAlgorithm.ql +ql/python/ql/src/experimental/Security/CWE-347/JWTMissingSecretOrPublicKeyVerification.ql +ql/python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql +ql/python/ql/src/experimental/Security/CWE-409/DecompressionBombs.ql +ql/python/ql/src/experimental/Security/CWE-522/LdapInsecureAuth.ql +ql/python/ql/src/experimental/Security/CWE-611/SimpleXmlRpcServer.ql +ql/python/ql/src/experimental/Security/CWE-770/UnicodeDoS.ql +ql/python/ql/src/experimental/Security/CWE-942/CorsMisconfigurationMiddleware.ql +ql/python/ql/src/experimental/cryptography/example_alerts/UnknownAsymmetricKeyGen.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakAsymmetricKeyGen.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakAsymmetricPadding.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakBlockMode.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakBlockModeIVorNonce.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakEllipticCurve.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakHashes.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakKDFAlgorithm.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakKDFIteration.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakKDFKeyLength.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakKDFMode.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakKDFSaltGen.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakKDFSaltSize.ql +ql/python/ql/src/experimental/cryptography/example_alerts/WeakSymmetricEncryption.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/AllAsymmetricAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/AllCryptoAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/AsymmetricEncryptionAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/AsymmetricKeyGenOperation.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/AsymmetricPaddingAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/AuthenticatedEncryptionAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/BlockModeAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/BlockModeKnownIVsOrNonces.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/BlockModeUnknownIVsOrNonces.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/EllipticCurveAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/HashingAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/KeyDerivationAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/KeyExchangeAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/SigningAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/SymmetricEncryptionAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/new_models/SymmetricPaddingAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/old_models/AllCryptoAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/old_models/BlockModeAlgorithms.ql +ql/python/ql/src/experimental/cryptography/inventory/old_models/HashingAlgorithms.ql +ql/python/ql/src/external/DuplicateBlock.ql +ql/python/ql/src/external/DuplicateFunction.ql +ql/python/ql/src/external/MostlyDuplicateClass.ql +ql/python/ql/src/external/MostlyDuplicateFile.ql +ql/python/ql/src/external/MostlySimilarFile.ql +ql/python/ql/src/external/SimilarFunction.ql +ql/python/ql/src/meta/ClassHierarchy/Find.ql +ql/python/ql/src/meta/alerts/InterestingTaintSinks.ql +ql/python/ql/src/meta/alerts/RemoteFlowSources.ql +ql/python/ql/src/meta/alerts/RemoteFlowSourcesReach.ql +ql/python/ql/src/meta/alerts/RequestHandlers.ql +ql/python/ql/src/meta/alerts/TaintSinks.ql +ql/python/ql/src/meta/analysis-quality/CallGraph.ql +ql/python/ql/src/meta/analysis-quality/PointsToResolvableCallRatio.ql +ql/python/ql/src/meta/analysis-quality/PointsToResolvableCalls.ql +ql/python/ql/src/meta/analysis-quality/PointsToResolvableCallsRelevantTarget.ql +ql/python/ql/src/meta/analysis-quality/ResolvableCallCandidates.ql +ql/python/ql/src/meta/analysis-quality/SummarizedCallableCallSites.ql +ql/python/ql/src/meta/analysis-quality/TTCallGraph.ql +ql/python/ql/src/meta/analysis-quality/TTCallGraphMissing.ql +ql/python/ql/src/meta/analysis-quality/TTCallGraphNew.ql +ql/python/ql/src/meta/analysis-quality/TTCallGraphNewAmbiguous.ql +ql/python/ql/src/meta/analysis-quality/TTCallGraphOverview.ql +ql/python/ql/src/meta/analysis-quality/TTCallGraphShared.ql +ql/python/ql/src/meta/debug/DebugStats.ql +ql/python/ql/src/meta/debug/SimpleClassDebug.ql +ql/python/ql/src/utils/modeleditor/FrameworkModeEndpoints.ql diff --git a/python/ql/integration-tests/query-suite/python-code-quality.qls.expected b/python/ql/integration-tests/query-suite/python-code-quality.qls.expected new file mode 100644 index 000000000000..47643f6a3196 --- /dev/null +++ b/python/ql/integration-tests/query-suite/python-code-quality.qls.expected @@ -0,0 +1,4 @@ +ql/python/ql/src/Functions/NonCls.ql +ql/python/ql/src/Functions/NonSelf.ql +ql/python/ql/src/Functions/SignatureSpecialMethods.ql +ql/python/ql/src/Resources/FileNotAlwaysClosed.ql diff --git a/python/ql/integration-tests/query-suite/python-code-scanning.qls.expected b/python/ql/integration-tests/query-suite/python-code-scanning.qls.expected new file mode 100644 index 000000000000..4db5af9c1a2f --- /dev/null +++ b/python/ql/integration-tests/query-suite/python-code-scanning.qls.expected @@ -0,0 +1,43 @@ +ql/python/ql/src/Diagnostics/ExtractedFiles.ql +ql/python/ql/src/Diagnostics/ExtractionWarnings.ql +ql/python/ql/src/Expressions/UseofInput.ql +ql/python/ql/src/Security/CVE-2018-1281/BindToAllInterfaces.ql +ql/python/ql/src/Security/CWE-020/CookieInjection.ql +ql/python/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql +ql/python/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql +ql/python/ql/src/Security/CWE-020/OverlyLargeRange.ql +ql/python/ql/src/Security/CWE-022/PathInjection.ql +ql/python/ql/src/Security/CWE-074/TemplateInjection.ql +ql/python/ql/src/Security/CWE-078/CommandInjection.ql +ql/python/ql/src/Security/CWE-079/ReflectedXss.ql +ql/python/ql/src/Security/CWE-089/SqlInjection.ql +ql/python/ql/src/Security/CWE-090/LdapInjection.ql +ql/python/ql/src/Security/CWE-094/CodeInjection.ql +ql/python/ql/src/Security/CWE-113/HeaderInjection.ql +ql/python/ql/src/Security/CWE-116/BadTagFilter.ql +ql/python/ql/src/Security/CWE-209/StackTraceExposure.ql +ql/python/ql/src/Security/CWE-215/FlaskDebug.ql +ql/python/ql/src/Security/CWE-285/PamAuthorization.ql +ql/python/ql/src/Security/CWE-295/MissingHostKeyValidation.ql +ql/python/ql/src/Security/CWE-312/CleartextLogging.ql +ql/python/ql/src/Security/CWE-312/CleartextStorage.ql +ql/python/ql/src/Security/CWE-326/WeakCryptoKey.ql +ql/python/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql +ql/python/ql/src/Security/CWE-327/InsecureDefaultProtocol.ql +ql/python/ql/src/Security/CWE-327/InsecureProtocol.ql +ql/python/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql +ql/python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql +ql/python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql +ql/python/ql/src/Security/CWE-502/UnsafeDeserialization.ql +ql/python/ql/src/Security/CWE-601/UrlRedirect.ql +ql/python/ql/src/Security/CWE-611/Xxe.ql +ql/python/ql/src/Security/CWE-614/InsecureCookie.ql +ql/python/ql/src/Security/CWE-643/XpathInjection.ql +ql/python/ql/src/Security/CWE-730/PolynomialReDoS.ql +ql/python/ql/src/Security/CWE-730/ReDoS.ql +ql/python/ql/src/Security/CWE-730/RegexInjection.ql +ql/python/ql/src/Security/CWE-776/XmlBomb.ql +ql/python/ql/src/Security/CWE-918/FullServerSideRequestForgery.ql +ql/python/ql/src/Security/CWE-943/NoSqlInjection.ql +ql/python/ql/src/Summary/LinesOfCode.ql +ql/python/ql/src/Summary/LinesOfUserCode.ql diff --git a/python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected b/python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected new file mode 100644 index 000000000000..4560c92f36d6 --- /dev/null +++ b/python/ql/integration-tests/query-suite/python-security-and-quality.qls.expected @@ -0,0 +1,173 @@ +ql/python/ql/src/Classes/ConflictingAttributesInBaseClasses.ql +ql/python/ql/src/Classes/DefineEqualsWhenAddingAttributes.ql +ql/python/ql/src/Classes/EqualsOrHash.ql +ql/python/ql/src/Classes/EqualsOrNotEquals.ql +ql/python/ql/src/Classes/IncompleteOrdering.ql +ql/python/ql/src/Classes/InconsistentMRO.ql +ql/python/ql/src/Classes/InitCallsSubclassMethod.ql +ql/python/ql/src/Classes/MissingCallToDel.ql +ql/python/ql/src/Classes/MissingCallToInit.ql +ql/python/ql/src/Classes/MutatingDescriptor.ql +ql/python/ql/src/Classes/OverwritingAttributeInSuperClass.ql +ql/python/ql/src/Classes/PropertyInOldStyleClass.ql +ql/python/ql/src/Classes/SlotsInOldStyleClass.ql +ql/python/ql/src/Classes/SubclassShadowing.ql +ql/python/ql/src/Classes/SuperInOldStyleClass.ql +ql/python/ql/src/Classes/SuperclassDelCalledMultipleTimes.ql +ql/python/ql/src/Classes/SuperclassInitCalledMultipleTimes.ql +ql/python/ql/src/Classes/WrongNameForArgumentInClassInstantiation.ql +ql/python/ql/src/Classes/WrongNumberArgumentsInClassInstantiation.ql +ql/python/ql/src/Diagnostics/ExtractedFiles.ql +ql/python/ql/src/Diagnostics/ExtractionWarnings.ql +ql/python/ql/src/Exceptions/CatchingBaseException.ql +ql/python/ql/src/Exceptions/EmptyExcept.ql +ql/python/ql/src/Exceptions/IllegalExceptionHandlerType.ql +ql/python/ql/src/Exceptions/IllegalRaise.ql +ql/python/ql/src/Exceptions/IncorrectExceptOrder.ql +ql/python/ql/src/Exceptions/NotImplementedIsNotAnException.ql +ql/python/ql/src/Exceptions/RaisingTuple.ql +ql/python/ql/src/Exceptions/UnguardedNextInGenerator.ql +ql/python/ql/src/Expressions/CallToSuperWrongClass.ql +ql/python/ql/src/Expressions/CompareConstants.ql +ql/python/ql/src/Expressions/CompareIdenticalValues.ql +ql/python/ql/src/Expressions/CompareIdenticalValuesMissingSelf.ql +ql/python/ql/src/Expressions/Comparisons/UselessComparisonTest.ql +ql/python/ql/src/Expressions/ContainsNonContainer.ql +ql/python/ql/src/Expressions/DuplicateKeyInDictionaryLiteral.ql +ql/python/ql/src/Expressions/EqualsNone.ql +ql/python/ql/src/Expressions/ExpectedMappingForFormatString.ql +ql/python/ql/src/Expressions/ExplicitCallToDel.ql +ql/python/ql/src/Expressions/Formatting/MixedExplicitImplicitIn3101Format.ql +ql/python/ql/src/Expressions/Formatting/UnusedArgumentIn3101Format.ql +ql/python/ql/src/Expressions/Formatting/UnusedNamedArgumentIn3101Format.ql +ql/python/ql/src/Expressions/Formatting/WrongNameInArgumentsFor3101Format.ql +ql/python/ql/src/Expressions/Formatting/WrongNumberArgumentsFor3101Format.ql +ql/python/ql/src/Expressions/HashedButNoHash.ql +ql/python/ql/src/Expressions/IncorrectComparisonUsingIs.ql +ql/python/ql/src/Expressions/NonCallableCalled.ql +ql/python/ql/src/Expressions/Regex/BackspaceEscape.ql +ql/python/ql/src/Expressions/Regex/DuplicateCharacterInSet.ql +ql/python/ql/src/Expressions/Regex/MissingPartSpecialGroup.ql +ql/python/ql/src/Expressions/Regex/UnmatchableCaret.ql +ql/python/ql/src/Expressions/Regex/UnmatchableDollar.ql +ql/python/ql/src/Expressions/TruncatedDivision.ql +ql/python/ql/src/Expressions/UnintentionalImplicitStringConcatenation.ql +ql/python/ql/src/Expressions/UnnecessaryLambda.ql +ql/python/ql/src/Expressions/UnsupportedFormatCharacter.ql +ql/python/ql/src/Expressions/UseofApply.ql +ql/python/ql/src/Expressions/UseofInput.ql +ql/python/ql/src/Expressions/WrongNameForArgumentInCall.ql +ql/python/ql/src/Expressions/WrongNumberArgumentsForFormat.ql +ql/python/ql/src/Expressions/WrongNumberArgumentsInCall.ql +ql/python/ql/src/Functions/ConsistentReturns.ql +ql/python/ql/src/Functions/DeprecatedSliceMethod.ql +ql/python/ql/src/Functions/ExplicitReturnInInit.ql +ql/python/ql/src/Functions/IncorrectRaiseInSpecialMethod.ql +ql/python/ql/src/Functions/IncorrectlyOverriddenMethod.ql +ql/python/ql/src/Functions/IncorrectlySpecifiedOverriddenMethod.ql +ql/python/ql/src/Functions/InitIsGenerator.ql +ql/python/ql/src/Functions/IterReturnsNonIterator.ql +ql/python/ql/src/Functions/IterReturnsNonSelf.ql +ql/python/ql/src/Functions/ModificationOfParameterWithDefault.ql +ql/python/ql/src/Functions/NonCls.ql +ql/python/ql/src/Functions/NonSelf.ql +ql/python/ql/src/Functions/OverlyComplexDelMethod.ql +ql/python/ql/src/Functions/ReturnConsistentTupleSizes.ql +ql/python/ql/src/Functions/SignatureOverriddenMethod.ql +ql/python/ql/src/Functions/SignatureSpecialMethods.ql +ql/python/ql/src/Functions/UseImplicitNoneReturnValue.ql +ql/python/ql/src/Imports/CyclicImport.ql +ql/python/ql/src/Imports/DeprecatedModule.ql +ql/python/ql/src/Imports/EncodingError.ql +ql/python/ql/src/Imports/FromImportOfMutableAttribute.ql +ql/python/ql/src/Imports/ImportandImportFrom.ql +ql/python/ql/src/Imports/ModuleImportsItself.ql +ql/python/ql/src/Imports/ModuleLevelCyclicImport.ql +ql/python/ql/src/Imports/MultipleImports.ql +ql/python/ql/src/Imports/SyntaxError.ql +ql/python/ql/src/Imports/UnintentionalImport.ql +ql/python/ql/src/Imports/UnusedImport.ql +ql/python/ql/src/Lexical/CommentedOutCode.ql +ql/python/ql/src/Lexical/OldOctalLiteral.ql +ql/python/ql/src/Numerics/Pythagorean.ql +ql/python/ql/src/Resources/FileNotAlwaysClosed.ql +ql/python/ql/src/Security/CVE-2018-1281/BindToAllInterfaces.ql +ql/python/ql/src/Security/CWE-020/CookieInjection.ql +ql/python/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql +ql/python/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql +ql/python/ql/src/Security/CWE-020/OverlyLargeRange.ql +ql/python/ql/src/Security/CWE-022/PathInjection.ql +ql/python/ql/src/Security/CWE-022/TarSlip.ql +ql/python/ql/src/Security/CWE-074/TemplateInjection.ql +ql/python/ql/src/Security/CWE-078/CommandInjection.ql +ql/python/ql/src/Security/CWE-078/UnsafeShellCommandConstruction.ql +ql/python/ql/src/Security/CWE-079/Jinja2WithoutEscaping.ql +ql/python/ql/src/Security/CWE-079/ReflectedXss.ql +ql/python/ql/src/Security/CWE-089/SqlInjection.ql +ql/python/ql/src/Security/CWE-090/LdapInjection.ql +ql/python/ql/src/Security/CWE-094/CodeInjection.ql +ql/python/ql/src/Security/CWE-113/HeaderInjection.ql +ql/python/ql/src/Security/CWE-116/BadTagFilter.ql +ql/python/ql/src/Security/CWE-117/LogInjection.ql +ql/python/ql/src/Security/CWE-209/StackTraceExposure.ql +ql/python/ql/src/Security/CWE-215/FlaskDebug.ql +ql/python/ql/src/Security/CWE-285/PamAuthorization.ql +ql/python/ql/src/Security/CWE-295/MissingHostKeyValidation.ql +ql/python/ql/src/Security/CWE-295/RequestWithoutValidation.ql +ql/python/ql/src/Security/CWE-312/CleartextLogging.ql +ql/python/ql/src/Security/CWE-312/CleartextStorage.ql +ql/python/ql/src/Security/CWE-326/WeakCryptoKey.ql +ql/python/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql +ql/python/ql/src/Security/CWE-327/InsecureDefaultProtocol.ql +ql/python/ql/src/Security/CWE-327/InsecureProtocol.ql +ql/python/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql +ql/python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql +ql/python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql +ql/python/ql/src/Security/CWE-502/UnsafeDeserialization.ql +ql/python/ql/src/Security/CWE-601/UrlRedirect.ql +ql/python/ql/src/Security/CWE-611/Xxe.ql +ql/python/ql/src/Security/CWE-614/InsecureCookie.ql +ql/python/ql/src/Security/CWE-643/XpathInjection.ql +ql/python/ql/src/Security/CWE-730/PolynomialReDoS.ql +ql/python/ql/src/Security/CWE-730/ReDoS.ql +ql/python/ql/src/Security/CWE-730/RegexInjection.ql +ql/python/ql/src/Security/CWE-732/WeakFilePermissions.ql +ql/python/ql/src/Security/CWE-776/XmlBomb.ql +ql/python/ql/src/Security/CWE-798/HardcodedCredentials.ql +ql/python/ql/src/Security/CWE-918/FullServerSideRequestForgery.ql +ql/python/ql/src/Security/CWE-918/PartialServerSideRequestForgery.ql +ql/python/ql/src/Security/CWE-943/NoSqlInjection.ql +ql/python/ql/src/Statements/AssertOnTuple.ql +ql/python/ql/src/Statements/BreakOrReturnInFinally.ql +ql/python/ql/src/Statements/ConstantInConditional.ql +ql/python/ql/src/Statements/IterableStringOrSequence.ql +ql/python/ql/src/Statements/MismatchInMultipleAssignment.ql +ql/python/ql/src/Statements/ModificationOfLocals.ql +ql/python/ql/src/Statements/NestedLoopsSameVariable.ql +ql/python/ql/src/Statements/NestedLoopsSameVariableWithReuse.ql +ql/python/ql/src/Statements/NonIteratorInForLoop.ql +ql/python/ql/src/Statements/RedundantAssignment.ql +ql/python/ql/src/Statements/ReturnOrYieldOutsideFunction.ql +ql/python/ql/src/Statements/ShouldUseWithStatement.ql +ql/python/ql/src/Statements/SideEffectInAssert.ql +ql/python/ql/src/Statements/StatementNoEffect.ql +ql/python/ql/src/Statements/TopLevelPrint.ql +ql/python/ql/src/Statements/UnnecessaryDelete.ql +ql/python/ql/src/Statements/UnnecessaryElseClause.ql +ql/python/ql/src/Statements/UnnecessaryPass.ql +ql/python/ql/src/Statements/UnreachableCode.ql +ql/python/ql/src/Statements/UnusedExceptionObject.ql +ql/python/ql/src/Statements/UseOfExit.ql +ql/python/ql/src/Summary/LinesOfCode.ql +ql/python/ql/src/Summary/LinesOfUserCode.ql +ql/python/ql/src/Testing/ImpreciseAssert.ql +ql/python/ql/src/Variables/GlobalAtModuleLevel.ql +ql/python/ql/src/Variables/LeakingListComprehension.ql +ql/python/ql/src/Variables/LoopVariableCapture/LoopVariableCapture.ql +ql/python/ql/src/Variables/MultiplyDefined.ql +ql/python/ql/src/Variables/SuspiciousUnusedLoopIterationVariable.ql +ql/python/ql/src/Variables/UndefinedExport.ql +ql/python/ql/src/Variables/UndefinedPlaceHolder.ql +ql/python/ql/src/Variables/UninitializedLocal.ql +ql/python/ql/src/Variables/UnusedLocalVariable.ql +ql/python/ql/src/Variables/UnusedModuleVariable.ql diff --git a/python/ql/integration-tests/query-suite/python-security-extended.qls.expected b/python/ql/integration-tests/query-suite/python-security-extended.qls.expected new file mode 100644 index 000000000000..398da79f01e4 --- /dev/null +++ b/python/ql/integration-tests/query-suite/python-security-extended.qls.expected @@ -0,0 +1,51 @@ +ql/python/ql/src/Diagnostics/ExtractedFiles.ql +ql/python/ql/src/Diagnostics/ExtractionWarnings.ql +ql/python/ql/src/Expressions/UseofInput.ql +ql/python/ql/src/Security/CVE-2018-1281/BindToAllInterfaces.ql +ql/python/ql/src/Security/CWE-020/CookieInjection.ql +ql/python/ql/src/Security/CWE-020/IncompleteHostnameRegExp.ql +ql/python/ql/src/Security/CWE-020/IncompleteUrlSubstringSanitization.ql +ql/python/ql/src/Security/CWE-020/OverlyLargeRange.ql +ql/python/ql/src/Security/CWE-022/PathInjection.ql +ql/python/ql/src/Security/CWE-022/TarSlip.ql +ql/python/ql/src/Security/CWE-074/TemplateInjection.ql +ql/python/ql/src/Security/CWE-078/CommandInjection.ql +ql/python/ql/src/Security/CWE-078/UnsafeShellCommandConstruction.ql +ql/python/ql/src/Security/CWE-079/Jinja2WithoutEscaping.ql +ql/python/ql/src/Security/CWE-079/ReflectedXss.ql +ql/python/ql/src/Security/CWE-089/SqlInjection.ql +ql/python/ql/src/Security/CWE-090/LdapInjection.ql +ql/python/ql/src/Security/CWE-094/CodeInjection.ql +ql/python/ql/src/Security/CWE-113/HeaderInjection.ql +ql/python/ql/src/Security/CWE-116/BadTagFilter.ql +ql/python/ql/src/Security/CWE-117/LogInjection.ql +ql/python/ql/src/Security/CWE-209/StackTraceExposure.ql +ql/python/ql/src/Security/CWE-215/FlaskDebug.ql +ql/python/ql/src/Security/CWE-285/PamAuthorization.ql +ql/python/ql/src/Security/CWE-295/MissingHostKeyValidation.ql +ql/python/ql/src/Security/CWE-295/RequestWithoutValidation.ql +ql/python/ql/src/Security/CWE-312/CleartextLogging.ql +ql/python/ql/src/Security/CWE-312/CleartextStorage.ql +ql/python/ql/src/Security/CWE-326/WeakCryptoKey.ql +ql/python/ql/src/Security/CWE-327/BrokenCryptoAlgorithm.ql +ql/python/ql/src/Security/CWE-327/InsecureDefaultProtocol.ql +ql/python/ql/src/Security/CWE-327/InsecureProtocol.ql +ql/python/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql +ql/python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql +ql/python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql +ql/python/ql/src/Security/CWE-502/UnsafeDeserialization.ql +ql/python/ql/src/Security/CWE-601/UrlRedirect.ql +ql/python/ql/src/Security/CWE-611/Xxe.ql +ql/python/ql/src/Security/CWE-614/InsecureCookie.ql +ql/python/ql/src/Security/CWE-643/XpathInjection.ql +ql/python/ql/src/Security/CWE-730/PolynomialReDoS.ql +ql/python/ql/src/Security/CWE-730/ReDoS.ql +ql/python/ql/src/Security/CWE-730/RegexInjection.ql +ql/python/ql/src/Security/CWE-732/WeakFilePermissions.ql +ql/python/ql/src/Security/CWE-776/XmlBomb.ql +ql/python/ql/src/Security/CWE-798/HardcodedCredentials.ql +ql/python/ql/src/Security/CWE-918/FullServerSideRequestForgery.ql +ql/python/ql/src/Security/CWE-918/PartialServerSideRequestForgery.ql +ql/python/ql/src/Security/CWE-943/NoSqlInjection.ql +ql/python/ql/src/Summary/LinesOfCode.ql +ql/python/ql/src/Summary/LinesOfUserCode.ql diff --git a/python/ql/integration-tests/query-suite/test.py b/python/ql/integration-tests/query-suite/test.py new file mode 100644 index 000000000000..940d79bc3616 --- /dev/null +++ b/python/ql/integration-tests/query-suite/test.py @@ -0,0 +1,14 @@ +import runs_on +import pytest +from query_suites import * + +well_known_query_suites = ['python-code-quality.qls', 'python-security-and-quality.qls', 'python-security-extended.qls', 'python-code-scanning.qls'] + +@runs_on.posix +@pytest.mark.parametrize("query_suite", well_known_query_suites) +def test(codeql, python, check_query_suite, query_suite): + check_query_suite(query_suite) + +@runs_on.posix +def test_not_included_queries(codeql, python, check_queries_not_included): + check_queries_not_included('python', well_known_query_suites)