- description: CERT C 2016 (Default)

- qlpack: codeql/cert-c-coding-standards

- include:

kind:

- problem

- path-problem

- external/cert/obligation/rule

- exclude:

tags contain:

- external/cert/default-disabled

- description: CERT C 2016 (Recommendations)

- qlpack: codeql/cert-c-coding-standards

- include:

kind:

- problem

- path-problem

- external/cert/obligation/recommendation

- exclude:

tags contain:

- external/cert/default-disabled

- description: CERT C 2016 (Default)

- qlpack: codeql/cert-c-coding-standards

- include:

kind:

- problem

- path-problem

- exclude:

tags contain:

- external/cert/default-disabled

- description: "DEPRECATED - CERT C 2016 - use cert-c-default.qls instead"

- import: codeql-suites/cert-c-default.qls

description:CERT C 2016

suites:codeql-suites

license:MIT

default-suite-file:codeql-suites/cert-c-default.qls

dependencies:

codeql/common-c-coding-standards:'*'

codeql/cpp-all:2.1.1

- The following query suites have been added or modified for CERT C:

- A new query suite has been created`cert-c-default.qls` to avoid confusion with the CERT C++ query suites. The`cert-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the`cert-c-default.qls` suite.

- The`cert-c-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for CERT C.

- One new query suite,`cert-c-recommended.qls` has been added to enable running CERT recommendations (as opposed to rules) that will be added in the future.

- The default query suite,`cert-c-default.qls` has been set to exclude CERT recommendations (as opposed to rules) that will be added in the future.

- The following query suites have been added or modified for CERT C++:

- A new query suite has been created`cert-cpp-default.qls` to avoid confusion with the CERT C query suites. The`cert-default.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the`cert-cpp-default.qls` suite.

- The`cert-cpp-default.qls` suite has been specified as the default for the pack, and will include our most up-to-date coverage for CERT C.

- A new query suite has been created`cert-cpp-single-translation-unit.qls` to avoid confusion with the CERT C query suites. The`cert-single-translation-unit.qls` suite has been deprecated, and will be removed in a future releases, and is replaced by the`cert-cpp-single-translation-unit.qls` suite.

- description: CERT C++ 2016 (Default)

- qlpack: codeql/cert-cpp-coding-standards

- include:

kind:

- problem

- path-problem

- exclude:

tags contain:

- external/cert/default-disabled

- description: CERT C++ 2016 (Single Translation Unit)

- qlpack: codeql/cert-cpp-coding-standards

- include:

kind:

- problem

- path-problem

tags contain:

- scope/single-translation-unit

- exclude:

tags contain:

- external/cert/default-disabled

- description: CERT C++ 2016 (Default)

- qlpack: codeql/cert-cpp-coding-standards

- include:

kind:

- problem

- path-problem

- exclude:

tags contain:

- external/cert/default-disabled

- description: "DEPRECATED - CERT C++ 2016 - use cert-cpp-default.qls instead"

- import: codeql-suites/cert-cpp-default.qls

- description: CERT C++ 2016 (Single Translation Unit)

- qlpack: codeql/cert-cpp-coding-standards

- include:

kind:

- problem

- path-problem

tags contain:

- scope/single-translation-unit

- exclude:

tags contain:

- external/cert/default-disabled

- description: "DEPRECATED - CERT C++ 2016 (Single Translation Unit) - use cert-cpp-single-translation-unit.qls instead"

- import: codeql-suites/cert-cpp-single-translation-unit.qls

description:CERT C++ 2016

suites:codeql-suites

license:MIT

default-suite-file:codeql-suites/cert-cpp-default.qls

dependencies:

codeql/cpp-all:2.1.1

codeql/common-cpp-coding-standards:'*'

c,CERT-C,ERR32-C,Yes,Rule,,,Do not rely on indeterminate values of errno,,Contracts5,Hard,

c,CERT-C,ERR33-C,Yes,Rule,,,Detect and handle standard library errors,MEM52-CPP,Contracts5,Hard,

c,CERT-C,ERR34-C,OutOfScope,Rule,,,Detect errors when converting a string to a number,,,,

c,CERT-C,EXP16-C,Yes,Recommendation,,,Do not compare function pointers to constant values,,Expressions2,Medium,

c,CERT-C,EXP30-C,Yes,Rule,,,Do not depend on the order of evaluation for side effects,EXP50-CPP,SideEffects1,Easy,

c,CERT-C,EXP32-C,Yes,Rule,,,Do not access a volatile object through a nonvolatile reference,,Pointers3,Easy,

c,CERT-C,EXP33-C,Yes,Rule,,,Do not read uninitialized memory,EXP53-CPP,InvalidMemory1,Import,

c,CERT-C,EXP45-C,Yes,Rule,,,Do not perform assignments in selection statements,M6-2-1,SideEffects1,Medium,

c,CERT-C,EXP46-C,Yes,Rule,,,Do not use a bitwise operator with a Boolean-like operand,,Expressions,Easy,

c,CERT-C,EXP47-C,OutOfScope,Rule,,,Do not call va_arg with an argument of the incorrect type,,,,

c,CERT-C,FIO03-C,Yes,Recommendation,,,Do not make assumptions about fopen() and file creation,,IO5,Hard,

c,CERT-C,FIO21-C,Yes,Recommendation,,,Do not create temporary files in shared directories,,IO5,Easy,

c,CERT-C,FIO30-C,Yes,Rule,,,Exclude user input from format strings,A27-0-1,IO1,Import,

c,CERT-C,FIO32-C,Yes,Rule,,,Do not perform operations on devices that are only appropriate for files,,IO3,Medium,

c,CERT-C,FIO34-C,Yes,Rule,,,Distinguish between characters read from a file and EOF or WEOF,,IO1,Hard,

c,CERT-C,MSC39-C,Yes,Rule,,,Do not call va_arg() on a va_list that has an indeterminate value,,Contracts7,Hard,

c,CERT-C,MSC40-C,Yes,Rule,,,Do not violate constraints,,Contracts,Very Hard,

c,CERT-C,MSC41-C,OutOfScope,Rule,,,Never hard code sensitive information,,,,

c,CERT-C,POS30-C,OutOfScope,Rule,,,Use the readlink() function properly,,,,

c,CERT-C,POS30-C,Yes,Rule,,,Use the readlink() function properly,,IO5,Hard,

c,CERT-C,POS34-C,OutOfScope,Rule,,,Do not call putenv() with a pointer to an automatic variable as the argument,,,,

c,CERT-C,POS35-C,OutOfScope,Rule,,,Avoid race conditions while checking for the existence of a symbolic link,,,,

c,CERT-C,POS36-C,OutOfScope,Rule,,,Observe correct revocation order while relinquishing privileges,,,,

"obligation": {

"type":"string",

"enum": [

"rule",

]

}

},