Skip to content

Commit

Permalink
Find all issues but do not fail build
Browse files Browse the repository at this point in the history
  • Loading branch information
makubacki committed Sep 27, 2023
1 parent f11f29a commit c8c5488
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 7 deletions.
6 changes: 6 additions & 0 deletions .pytool/CISettings.py
Original file line number Diff line number Diff line change
Expand Up @@ -196,6 +196,12 @@ def GetActiveScopes(self):

try:
scopes += codeql_helpers.get_scopes(self.codeql)

if self.codeql:
shell_environment.GetBuildVars().SetValue(
"STUART_CODEQL_AUDIT_ONLY",
"TRUE",
"Set in CISettings.py")
except NameError:
pass

Expand Down
57 changes: 50 additions & 7 deletions BaseTools/Plugin/CodeQL/CodeQlQueries.qls
Original file line number Diff line number Diff line change
Expand Up @@ -8,28 +8,71 @@
# Queries
##########################################################################################

## Enable When Time is Available to Fix Issues
# Hundreds of issues. Most appear valid. Type: Recommendation.
#- include:
# id: cpp/missing-null-test

## Errors
- include:
id: cpp/overrunning-write
id: cpp/badoverflowguard
- include:
id: cpp/infiniteloop
- include:
id: cpp/likely-bugs/memory-management/v2/conditionally-uninitialized-variable
- include:
id: cpp/missing-null-test
- include:
id: cpp/overrunning-write-with-float
id: cpp/missing-return
- include:
id: cpp/no-space-for-terminator
- include:
id: cpp/pointer-overflow-check
- include:
id: cpp/redundant-null-check-simple
- include:
id: cpp/sizeof/const-int-argument
- include:
id: cpp/sizeof/sizeof-or-operation-as-argument
- include:
id: cpp/unguardednullreturndereferenc
- include:
id: cpp/very-likely-overrunning-write

## Warnings
- include:
id: cpp/comparison-with-wider-type
- include:
id: cpp/conditionallyuninitializedvariable
- include:
id: cpp/comparison-precedence
- include:
id: cpp/implicit-bitfield-downcast
- include:
id: cpp/infinite-loop-with-unsatisfiable-exit-condition
- include:
id: cpp/offset-use-before-range-check
- include:
id: cpp/overflow-buffer
- include:
id: cpp/overflow-calculated
- include:
id: cpp/overflow-destination
- include:
id: cpp/paddingbyteinformationdisclosure
- include:
id: cpp/return-stack-allocated-memory
- include:
id: cpp/static-buffer-overflow
- include:
id: cpp/unsigned-comparison-zero
- include:
id: cpp/uselesstest

## Recommendations
- include:
id: cpp/missing-header-guard
- include:
id: cpp/unused-local-variable
- include:
id: cpp/unused-static-function
- include:
id: cpp/unused-static-variable

# Note: Some queries above are not active by default with the below filter.
# Update the filter and run the queries again to get all results.
Expand Down

0 comments on commit c8c5488

Please sign in to comment.