Skip to content

Commit b62be55

Browse files
jacob-ronstadtjacob-ronstadt
authored
Must run query update (#173)
* Revert must-fix to current requirements. Make recommended contain what next mustfix will. Make mustrun suite. * update version * remove old suite files * update dependency versions. update dvl_tests.ps1 for changed mustfix suite name * fix version number in suites * update qlpack version
1 parent 4246e2a commit b62be55

8 files changed

Lines changed: 47 additions & 126 deletions

File tree

src/codeql-pack.lock.yml

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,27 +2,27 @@
22
lockVersion: 1.0.0
33
dependencies:
44
codeql/cpp-all:
5-
version: 4.0.0
5+
version: 4.2.0
66
codeql/dataflow:
7-
version: 2.0.0
7+
version: 2.0.5
88
codeql/mad:
9-
version: 1.0.16
9+
version: 1.0.21
1010
codeql/rangeanalysis:
11-
version: 1.0.16
11+
version: 1.0.21
1212
codeql/ssa:
13-
version: 1.0.16
13+
version: 1.1.0
1414
codeql/suite-helpers:
15-
version: 1.0.16
15+
version: 1.0.21
1616
codeql/tutorial:
17-
version: 1.0.16
17+
version: 1.0.21
1818
codeql/typeflow:
19-
version: 1.0.16
19+
version: 1.0.21
2020
codeql/typetracking:
21-
version: 2.0.0
21+
version: 2.0.5
2222
codeql/util:
23-
version: 2.0.3
23+
version: 2.0.8
2424
codeql/xml:
25-
version: 1.0.16
25+
version: 1.0.21
2626
microsoft/cpp-queries:
27-
version: 0.0.2
27+
version: 0.0.4
2828
compiled: false

src/drivers/test/dvl_tests/dvl_tests.ps1

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ param(
88
[string]$vcxproj_template_path = "src\drivers\test\TestTemplates\WDMTestTemplate",
99
[string]$vcxproj_name = "fail_driver1",
1010
[string]$codeql_path = ".\codeql-cli\",
11-
[string]$query_suite = ".\suites\windows_driver_mustfix.qls",
11+
[string]$query_suite = ".\src\windows-driver-suites\mustfix.qls",
1212
[string]$default_platform = "x64",
1313
[string]$default_configuration = "Release",
1414
[string]$db_name = "temp_db",

src/qlpack.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,10 +2,10 @@
22
# Licensed under the MIT license.
33

44
name: microsoft/windows-drivers
5-
version: 1.5.0
5+
version: 1.6.0
66
dependencies:
7-
codeql/cpp-all: 4.0.0
8-
microsoft/cpp-queries: 0.0.2
7+
codeql/cpp-all: 4.2.0
8+
microsoft/cpp-queries: 0.0.4
99
suites: windows-driver-suites
1010
defaultSuiteFile: windows-driver-suites/recommended.qls
1111
extractor: cpp

src/windows-driver-suites/mustfix.qls

Lines changed: 2 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -10,34 +10,11 @@
1010
- microsoft/Security/CWE/CWE-704/WcharCharConversionLimited.ql
1111
- queries: .
1212
from: microsoft/cpp-queries
13-
version: 0.0.2
13+
version: 0.0.4
1414
- include:
1515
query path:
1616
- Likely Bugs/Arithmetic/BadAdditionOverflowCheck.ql
17-
- Likely Bugs/Format/WrongNumberOfFormatArguments.ql
1817
- Likely Bugs/Memory Management/PointerOverflow.ql
19-
- Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql
20-
- Likely Bugs/OO/UnsafeUseOfThis.ql
21-
- Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql
22-
- Likely Bugs/Protocols/UseOfDeprecatedHardcodedProtocol.ql
2318
- Likely Bugs/Underspecified Functions/TooFewArguments.ql
24-
- Microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql
25-
- Microsoft/Likely Bugs/Drivers/IncorrectUsageOfRtlCompareMemory.ql
26-
- Microsoft/Security/Cryptography/BannedEncryption.ql
27-
- Microsoft/Security/Cryptography/BannedModesCAPI.ql
28-
- Microsoft/Security/Cryptography/BannedModesCNG.ql
29-
- Microsoft/Security/Cryptography/HardcodedIVCNG.ql
30-
- Microsoft/Security/MemoryAccess/EnumIndex/UncheckedBoundsEnumAsIndex.ql
31-
- Security/CWE/CWE-078/ExecTainted.ql
32-
- Security/CWE/CWE-114/UncontrolledProcessOperation.ql
33-
- Security/CWE/CWE-120/BadlyBoundedWrite.ql
34-
- Security/CWE/CWE-120/OverrunWrite.ql
35-
- Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql
36-
- Security/CWE/CWE-170/ImproperNullTerminationTainted.ql
3719
- Security/CWE/CWE-190/ComparisonWithWiderType.ql
38-
- Security/CWE/CWE-253/HResultBooleanConversion.ql
39-
- Security/CWE/CWE-327/OpenSslHeartbleed.ql
40-
- Security/CWE/CWE-676/DangerousFunctionOverflow.ql
41-
- Security/CWE/CWE-676/DangerousUseOfCin.ql
42-
- Security/CWE/CWE-704/WcharCharConversion.ql
43-
- Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql
20+
- Security/CWE/CWE-253/HResultBooleanConversion.ql

src/windows-driver-suites/mustrun.qls

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# Copyright (c) Microsoft Corporation.
2+
# Licensed under the MIT license.
3+
4+
- description: Must-run queries for Windows Drivers.
5+
- import: windows-driver-suites/recommended.qls #recommended includes mustfix

src/windows-driver-suites/recommended.qls

Lines changed: 24 additions & 70 deletions
Original file line numberDiff line numberDiff line change
@@ -3,77 +3,31 @@
33

44
- description: Recommended and required queries for Windows Drivers.
55
- import: windows-driver-suites/mustfix.qls
6-
- queries: .
7-
from: microsoft/windows-drivers
8-
- include:
9-
query path:
10-
- drivers/general/queries/AnnotationSyntax/AnnotationSyntax.ql
11-
- drivers/general/queries/CurrentFunctionTypeNotCorrect/CurrentFunctionTypeNotCorrect.ql
12-
- drivers/general/queries/DefaultPoolTag/DefaultPoolTag.ql
13-
- drivers/general/queries/DriverEntrySaveBuffer/DriverEntrySaveBuffer.ql
14-
- drivers/general/queries/ExaminedValue/ExaminedValue.ql
15-
- drivers/general/queries/ExtendedDeprecatedApis/ExtendedDeprecatedApis.ql
16-
- drivers/general/queries/IRPStackEntryCopy/IRPStackEntryCopy.ql
17-
- drivers/general/queries/ImportantFunctionCallOptimizedOut/ImportantFunctionCallOptimizedOut.ql
18-
- drivers/general/queries/ImproperNotOperatorOnZero/ImproperNotOperatorOnZero.ql
19-
- drivers/general/queries/InvalidFunctionClassTypedef/InvalidFunctionClassTypedef.ql
20-
- drivers/general/queries/InvalidFunctionPointerAnnotation/InvalidFunctionPointerAnnotation.ql
21-
- drivers/general/queries/IoInitializeTimerCall/IoInitializeTimerCall.ql
22-
- drivers/general/queries/IrqlAnnotationIssue/IrqlAnnotationIssue.ql
23-
- drivers/general/queries/IrqlCancelRoutine/IrqlCancelRoutine.ql
24-
- drivers/general/queries/IrqlFloatStateMismatch/IrqlFloatStateMismatch.ql
25-
- drivers/general/queries/IrqlNotSaved/IrqlNotSaved.ql
26-
- drivers/general/queries/IrqlNotUsed/IrqlNotUsed.ql
27-
- drivers/general/queries/IrqlSetTooHigh/IrqlSetTooHigh.ql
28-
- drivers/general/queries/IrqlSetTooLow/IrqlSetTooLow.ql
29-
- drivers/general/queries/IrqlTooHigh/IrqlTooHigh.ql
30-
- drivers/general/queries/IrqlTooLow/IrqlTooLow.ql
31-
- drivers/general/queries/KeSetEventPageable/KeSetEventPageable.ql
32-
- drivers/general/queries/MultithreadedAVCondition/MultithreadedAVCondition.ql
33-
- drivers/general/queries/NtstatusExplicitCast/NtstatusExplicitCast.ql
34-
- drivers/general/queries/NtstatusExplicitCast2/NtstatusExplicitCast2.ql
35-
- drivers/general/queries/NtstatusExplicitCast3/NtstatusExplicitCast3.ql
36-
- drivers/general/queries/NullCharacterPointerAssignment/NullCharacterPointerAssignment.ql
37-
- drivers/general/queries/OperandAssignment/OperandAssignment.ql
38-
- drivers/general/queries/PointerVariableSize/PointerVariableSize.ql
39-
- drivers/general/queries/PoolTagIntegral/PoolTagIntegral.ql
40-
- drivers/general/queries/RoleTypeCorrectlyUsed/RoleTypeCorrectlyUsed.ql
41-
- drivers/general/queries/RoutineFunctionTypeNotExpected/RoutineFunctionTypeNotExpected.ql
42-
- drivers/general/queries/StrSafe/StrSafe.ql
43-
- drivers/general/queries/StrictTypeMatch/StrictTypeMatch.ql
44-
- drivers/wdm/queries/IllegalFieldAccess/IllegalFieldAccess.ql
45-
- drivers/wdm/queries/IllegalFieldAccess2/IllegalFieldAccess2.ql
46-
- drivers/wdm/queries/IllegalFieldWrite/IllegalFieldWrite.ql
47-
- drivers/wdm/queries/InitNotCleared/InitNotCleared.ql
48-
- drivers/wdm/queries/KeWaitLocal/KeWaitLocal.ql
49-
- drivers/wdm/queries/MultiplePagedCode/MultiplePagedCode.ql
50-
- drivers/wdm/queries/ObReferenceMode/ObReferenceMode.ql
51-
- drivers/wdm/queries/OpaqueMdlUse/OpaqueMdlUse.ql
52-
- drivers/wdm/queries/OpaqueMdlWrite/OpaqueMdlWrite.ql
53-
- drivers/wdm/queries/PendingStatusError/PendingStatusError.ql
54-
- drivers/wdm/queries/WrongDispatchTableAssignment/WrongDispatchTableAssignment.ql
55-
- microsoft/Likely Bugs/Boundary Violations/PaddingByteInformationDisclosure.ql
56-
- microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql
57-
- microsoft/Likely Bugs/Conversion/InfiniteLoop.ql
58-
- microsoft/Likely Bugs/Memory Management/UseAfterFree/UseAfterFree.ql
59-
- microsoft/Likely Bugs/UninitializedPtrField.ql
60-
- microsoft/Security/Crytpography/HardcodedIVCNG.ql
616
- queries: .
627
from: microsoft/cpp-queries
63-
version: 0.0.2
8+
version: 0.0.4
649
- include:
6510
query path:
66-
- Best Practices/Likely Errors/OffsetUseBeforeRangeCheck.ql
67-
- Likely Bugs/Arithmetic/IntMultToLong.ql
68-
- Likely Bugs/Arithmetic/SignedOverflowCheck.ql
69-
- Likely Bugs/Conversion/CastArrayPointerArithmetic.ql
70-
- Likely Bugs/Likely Typos/IncorrectNotOperatorUsage.ql
71-
- Likely Bugs/Memory Management/SuspiciousSizeof.ql
72-
- Likely Bugs/Memory Management/UninitializedLocal.ql
73-
- Security/CWE/CWE-121/UnterminatedVarargsCall.ql
74-
- Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql
75-
- Security/CWE/CWE-468/SuspiciousAddWithSizeof.ql
76-
- Security/CWE/CWE-468/IncorrectPointerScaling.ql
77-
- Security/CWE/CWE-468/IncorrectPointerScalingVoid.ql
78-
- Security/CWE/CWE-676/PotentiallyDangerousFunction.ql
79-
- Security/CWE/CWE-119/OverflowBuffer.ql
11+
- Likely Bugs/Format/WrongNumberOfFormatArguments.ql
12+
- Likely Bugs/Memory Management/SuspiciousCallToStrncat.ql
13+
- Likely Bugs/OO/UnsafeUseOfThis.ql
14+
- Likely Bugs/Protocols/TlsSettingsMisconfiguration.ql
15+
- Likely Bugs/Protocols/UseOfDeprecatedHardcodedProtocol.ql
16+
- Microsoft/Likely Bugs/Conversion/BadOverflowGuard.ql
17+
- Microsoft/Likely Bugs/Drivers/IncorrectUsageOfRtlCompareMemory.ql
18+
- Microsoft/Security/Cryptography/BannedEncryption.ql
19+
- Microsoft/Security/Cryptography/BannedModesCAPI.ql
20+
- Microsoft/Security/Cryptography/BannedModesCNG.ql
21+
- Microsoft/Security/Cryptography/HardcodedIVCNG.ql
22+
- Microsoft/Security/MemoryAccess/EnumIndex/UncheckedBoundsEnumAsIndex.ql
23+
- Security/CWE/CWE-078/ExecTainted.ql
24+
- Security/CWE/CWE-114/UncontrolledProcessOperation.ql
25+
- Security/CWE/CWE-120/BadlyBoundedWrite.ql
26+
- Security/CWE/CWE-120/OverrunWrite.ql
27+
- Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql
28+
- Security/CWE/CWE-170/ImproperNullTerminationTainted.ql
29+
- Security/CWE/CWE-327/OpenSslHeartbleed.ql
30+
- Security/CWE/CWE-676/DangerousFunctionOverflow.ql
31+
- Security/CWE/CWE-676/DangerousUseOfCin.ql
32+
- Security/CWE/CWE-704/WcharCharConversion.ql
33+
- Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql

suites/windows_driver_mustfix.qls

Lines changed: 0 additions & 7 deletions
This file was deleted.

suites/windows_driver_recommended.qls

Lines changed: 0 additions & 8 deletions
This file was deleted.

0 commit comments

Comments
 (0)