Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DO NOT MERGE: introduce codeQL issue #247

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

DO NOT MERGE: introduce codeQL issue #247

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions libs/libc/stdio/lib_libvsprintf.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,15 @@
FAR struct arg_s *arglist, int numargs,
FAR const IPTR char *fmt, va_list ap)
{
// DO NOT MERGE:

Check failure on line 162 in libs/libc/stdio/lib_libvsprintf.c

View workflow job for this annotation

GitHub Actions / check 

C++ style comment
int test_int = 0;
uint8_t test_uint8_t = 0;

if ( test_int < test_uint8_t ) {

Check failure on line 166 in libs/libc/stdio/lib_libvsprintf.c

View workflow job for this annotation

GitHub Actions / check 

Space follows left parenthesis

Check failure on line 166 in libs/libc/stdio/lib_libvsprintf.c

View workflow job for this annotation

GitHub Actions / check 

Space precedes right parenthesis

Check failure on line 166 in libs/libc/stdio/lib_libvsprintf.c

View workflow job for this annotation

GitHub Actions / check 

Left bracket not on separate line
test_uint8_t = test_int;
}

Check failure on line 168 in libs/libc/stdio/lib_libvsprintf.c

View workflow job for this annotation

GitHub Actions / check 

Bad right brace alignment


Check failure on line 170 in libs/libc/stdio/lib_libvsprintf.c

View workflow job for this annotation

GitHub Actions / check 

Too many blank lines
unsigned char c; /* Holds a char from the format string */
uint16_t flags;
int width;
Expand Down
2 changes: 2 additions & 0 deletions tools/mkdeps.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -794,6 +794,8 @@
cmdlen++;
g_command[cmdlen] = '\0';

ret = system(g_command);

Check failure

Code scanning / CodeQL

Uncontrolled data used in OS command Critical

This argument to an OS command is derived from
user input (a command-line argument)
Loading
, dangerously concatenated into
snprintf output argument
Loading
, and then passed to system(cmd).
This argument to an OS command is derived from
user input (a command-line argument)
Loading
, dangerously concatenated into
snprintf output argument
Loading
, and then passed to system(cmd).
This argument to an OS command is derived from
user input (a command-line argument)
Loading
, dangerously concatenated into
strcat output argument
Loading
, and then passed to system(cmd).
This argument to an OS command is derived from
user input (a command-line argument)
Loading
, dangerously concatenated into
strcat output argument
Loading
, and then passed to system(cmd).
This argument to an OS command is derived from
user input (a command-line argument)
Loading
, dangerously concatenated into
snprintf output argument
Loading
, and then passed to system(cmd).

Check failure on line 798 in tools/mkdeps.c

View workflow job for this annotation

GitHub Actions / check 

Blank line contains whitespace
/* Make a copy of g_altpath. We need to do this because at least the
* version of strtok_r above does modify it.
*/
Expand Down
Loading