From: Michael Kubacki <michael.kubacki@microsoft.com>
Date: Tue, 8 Nov 2022 15:19:17 +0000 (-0500)
Subject: edk2.qls: Allow error severity results and add new queries
X-Git-Tag: edk2-stable202211~19
X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=b0fd3097193d9c6825979e57e78e6278163bfd8e

edk2.qls: Allow error severity results and add new queries

The query cpp/conditionallyuninitializedvariable was initially
enabled with the CodeQL code because work was in progress on those
changes. The results were filtered out so CodeQL passed so we could
verify the CodeQL workflow without impacting CI results.

This change allows error severity messages and substitutes that query
with two queries that do not return failures. This allows these
queries to find future problems and prepares the CodeQL workflow to
catch future failures as queries are enabled.

Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
---

diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
index 3e27c2fb0d..a51db141eb 100644
--- a/.github/codeql/codeql-config.yml
+++ b/.github/codeql/codeql-config.yml
@@ -25,6 +25,5 @@ queries:
 query-filters:
 - exclude:
     problem.severity:
-      - error
       - warning
       - recommendation
diff --git a/.github/codeql/edk2.qls b/.github/codeql/edk2.qls
index 0efc7dca52..ef9aae790f 100644
--- a/.github/codeql/edk2.qls
+++ b/.github/codeql/edk2.qls
@@ -9,4 +9,6 @@
 # Enable individual queries below.
 
 - include:
-    id: cpp/conditionallyuninitializedvariable
+    id: cpp/infinite-loop-with-unsatisfiable-exit-condition
+- include:
+    id: cpp/overflow-buffer