Commented-out code — CodeQL query help documentation CodeQL query help for C and C++ ‘new’ object freed with ‘delete[]’ ‘new[]’ array freed with ‘delete’ Accidental rethrow Ambiguously signed bit-field member Arithmetic operation assumes 365 days per year Array argument size mismatch Array offset used before range check Assignment where comparison was intended Authentication bypass by spoofing Avoid floats in for loops Bad check for oddness Bad check for overflow of integer addition Badly bounded write Block with too many statements CGI script vulnerable to cross-site scripting Call to memset may be deleted Call to a function with one or more incompatible arguments Call to alloca in a loop Call to function with extraneous arguments Call to function with fewer arguments than declared parameters Call to memory access function may overflow buffer Cast between HRESULT and a Boolean type Cast from char* to wchar_t* Catching by value Certificate not checked Certificate result conflation Cleartext storage of sensitive information in an SQLite database Cleartext storage of sensitive information in buffer Cleartext storage of sensitive information in file Cleartext transmission of sensitive information Comma before misleading indentation Commented-out code Comparison of narrow type with wide type in loop condition Comparison result is always the same Comparison where assignment was intended Complex condition Constant return type Constant return type on member Continue statement that does not continue Dangerous use of ‘cin’ Dead code due to goto or break statement Declaration hides parameter Declaration hides variable Dubious NULL check Duplicate include guard Empty branch of conditional Equality test on floating-point values Exception thrown in destructor Exposure of system data to an unauthorized control sphere Expression has no effect FIXME comment Failure to use HTTPS URLs File created without restricting permissions File opened with O_CREAT flag but without mode argument For loop variable changed in body Function declared in block Futile conditional Guarded Free Implicit downcast from bitfield Implicit function declaration Include header files only Inconsistent definition of copy constructor and assignment (’Rule of Two’) Inconsistent direction of for loop Inconsistent nullness check Inconsistent operation on return value Inconsistent virtual inheritance Incorrect ‘not’ operator usage Incorrect allocation-error handling Incorrect constructor delegation Incorrect return-value check for a ‘scanf’-like function Invalid pointer dereference Irregular enum initialization Iterator to expired container Large object passed by value Leaky catch Likely overrunning write Local variable address stored in non-local memory Local variable hides global variable Long switch case Lossy function result cast Lossy pointer cast Mismatching new/free or malloc/delete Missing enum case in switch Missing header guard Missing return statement Missing return-value check for a ‘scanf’-like function Multiplication result converted to larger type NULL application name with an unquoted path in call to CreateProcess Nested loops with same variable No raw arrays in interfaces No space for zero terminator No trivial switch statements Non-constant format string Non-virtual destructor in base class Not enough memory allocated for array of pointer type Not enough memory allocated for pointer type Overloaded assignment does not return ‘this’ Overrunning write Pointer overflow check Poorly documented large function Possibly wrong buffer size in string copy Potential double free Potential exposure of sensitive system data to an unauthorized control sphere Potential use after free Potentially overflowing call to snprintf Potentially overrunning write Potentially overrunning write with float to string conversion Potentially uninitialized local variable Potentially unsafe call to strncat Potentially unsafe use of strcat Redefined default parameter Redundant null check due to previous dereference Resource not released in destructor Return c_str of local std::string Returning stack-allocated memory Self comparison Setting a DACL to NULL in a SECURITY_DESCRIPTOR Short global name Short-circuiting operator applied to flag Sign check of bitwise operation Signed overflow check Sizeof with side effects Slicing Static array access may cause overflow Suspicious ‘sizeof’ use Suspicious add with sizeof Suspicious pointer scaling Suspicious pointer scaling to void Throwing pointers Time-of-check time-of-use filesystem race condition Too few arguments to formatting function Too many arguments to formatting function Type confusion Unbounded write Unchecked return value for time conversion function Unclear comparison precedence Uncontrolled allocation size Uncontrolled data in SQL query Uncontrolled data in arithmetic expression Uncontrolled data used in OS command Uncontrolled data used in path expression Uncontrolled format string Uncontrolled process operation Undisciplined multiple inheritance Unsafe use of this in constructor Unsigned comparison to zero Unsigned difference expression compared to zero Unterminated variadic call Untrusted input for a condition Unused local variable Unused static function Unused static variable Upcast array used in pointer arithmetic Use of a broken or risky cryptographic algorithm Use of a cryptographic algorithm with insufficient key size Use of a version of OpenSSL with Heartbleed Use of dangerous function Use of expired stack-address Use of goto Use of integer where enum is preferred Use of potentially dangerous function Use of string after lifetime ends Use of string copy function in a condition Use of unique pointer after lifetime ends Variable used in its own initializer Virtual call from constructor or destructor Wrong type of arguments to formatting function XML external entity expansion Year field changed using an arithmetic operation without checking for leap year boost::asio TLS settings misconfiguration boost::asio use of deprecated hardcoded protocol CodeQL query help for C# CodeQL query help for GitHub Actions CodeQL query help for Go CodeQL query help for Java and Kotlin CodeQL query help for JavaScript and TypeScript CodeQL query help for Python CodeQL query help for Ruby CodeQL query help for Rust CodeQL query help for Swift CodeQL CWE coverage © GitHub, Inc. Terms Privacy