Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space CCPPOBJ and version Publish
Dont print
Div
classrunningheader
 

The topics in this space are also available for download as a single PDF file: CCPP-Semmle-1.18.pdf.

About this document

This document was generated automatically from the default C and C++ dashboard templates included in the Semmle 1.18 release. The standard dashboard for C analysis contains a core set of rules. For C++ analysis these core rules are supplemented with additional rules, indicated by (C++ only) in the category name. See Supported languages for details of which language versions can be analyzed using this release.

This release includes the following new default rules:

Report List
new

Overview

This space contains one page for each of the C++ built-in queries for the most recent release of the QL tools. Each page contains:

  • Summary of key metadata for the query
  • QL code for the query
  • Help information for the query
  • Labels derived from the query metadata

About the queries

The queries built into the QL tools include queries that:

  • Run on LGTM—selected because they find issues that are important to the majority of developers and/or the results have a very high precision. That is, a high percentage of the alerts they report are true results. For a list of all the default LGTM queries, see LGTM.com and search: language=cpp. Note that the results may include queries that are scheduled for release next version of Semmle's product range.
  • Generate additional alerts—some of these queries are relevant only if you're working in a field which has special coding standards, for example, the Joint Strike Fighter Air Vehicle C++ Coding Standard.
  • Calculate metrics—these give you more general information about a project.
  • Demonstrate other ways to output data using QL—for example, generating a table, chart or graph of results. These are intended to be run using the QL plugins and extensions.

Exploring the queries

The heatmap below shows the labels for C++ built-in queries, click a label to view all queries with that tag or query type.

Popular Labels
spaceKeyCCPPOBJ
styleheatmap

Print only

This document contains the help for all the C++ built-in queries for the most recent release of the QL tools.

Children Display
excerptTypesimple

About the security queries

There are two query suites for C security analysis: default and all. For most projects we recommend that you run queries from the default suite. The all suite contains a few additional rules which perform points-to analysis and may timeout on some projects. These rules test for the following CWEs:

Report List
optional content:title

truecontent:title

 - richtextcontent:excerpt

Tip

See also the security rules for C variant analysis: C Security.

Terminology

Include Page
Include Page
SD:_TerminologySD:_Terminology

Categories of rule

SD:_Introduction_CPP_HelpSecurity_CWE_C_Data_Sources
SD:_IntroductionSecurity_CPP_Help

Summary of rules and metrics

Children Display
alltrue
excerptTypesimple

 

CWE_C_Data_Sources

Security analysis testing

Include Page
SD:C security analysis - SAMATE
SD:C security analysis - SAMATE