)]}'
{
  "commit": "9b6b8a53b717b6b27f97ea0b5db68010faf68b3d",
  "tree": "35defc0f224eaf7027fbc4131e955e9761942f0d",
  "parents": [
    "d27cf840cae1c9cb23ea2f4c41ffc62470fd08be"
  ],
  "author": {
    "name": "Michael Kubacki",
    "email": "michael.kubacki@microsoft.com",
    "time": "Thu Nov 10 01:32:46 2022 +0800"
  },
  "committer": {
    "name": "Liming Gao",
    "email": "gaoliming@byosoft.com.cn",
    "time": "Fri Dec 23 13:52:00 2022 +0800"
  },
  "message": ".github/codeql/edk2.qls: Enable CWE 120, 787, and 805 queries\n\nAs recommended by CodeQL this change replaces\ncpp/potential-buffer-overflow with cpp/overrunning-write-with-float\nand cpp/overrunning-write.\n\nEnables:\n\n1. cpp/overrunning-write\n   - @name Likely overrunning write\n   - @description Buffer write operations that do not control the length\n                  data written may overflow\n   - @kind problem\n   - @problem.severity error\n   - @security-severity 9.3\n   - @precision high\n   - @id cpp/very-likely-overrunning-write\n   - @tags reliability\n     - security\n     - external/cwe/cwe-120\n     - external/cwe/cwe-787\n     - external/cwe/cwe-805\n2. cpp/overrunning-write-with-float\n   - @name Potentially overrunning write with float to string conversion\n   - @description Buffer write operations that do not control the length\n                  of data written may overflow when floating point inputs\n                  take extreme values.\n   - @kind problem\n   - @problem.severity error\n   - @security-severity 9.3\n   - @precision medium\n   - @id cpp/overrunning-write-with-float\n   - @tags reliability\n     - security\n     - external/cwe/cwe-120\n     - external/cwe/cwe-787\n     - external/cwe/cwe-805\n3. cpp/very-likely-overrunning-write\n   - @name Likely overrunning write\n   - @description Buffer write operations that do not control the length\n                  of data written may overflow\n   - @kind problem\n   - @problem.severity error\n   - @security-severity 9.3\n   - @precision high\n   - @id cpp/very-likely-overrunning-write\n   - @tags reliability\n     - security\n     - external/cwe/cwe-120\n     - external/cwe/cwe-787\n     - external/cwe/cwe-805\n\n- CWEs:\n  - https://cwe.mitre.org/data/definitions/120.html\n  - https://cwe.mitre.org/data/definitions/787.html\n  - https://cwe.mitre.org/data/definitions/805.html\n\nCc: Sean Brogan \u003csean.brogan@microsoft.com\u003e\nCc: Michael Kubacki \u003cmikuback@linux.microsoft.com\u003e\nCc: Michael D Kinney \u003cmichael.d.kinney@intel.com\u003e\nSigned-off-by: Michael Kubacki \u003cmichael.kubacki@microsoft.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "dc2d87764e93e15de93bb700e80ac1bfb036b674",
      "old_mode": 33188,
      "old_path": ".github/codeql/edk2.qls",
      "new_id": "9bea9ba01f245bbc7293613e7dbba005317a9c81",
      "new_mode": 33188,
      "new_path": ".github/codeql/edk2.qls"
    }
  ]
}