You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
AirSim Version/#commit: latest, but it appears in a much earlier version like v1.7.0-linux
UE/Unity version: 4.27
N/A
OS Version: Linux Ubuntu 18.04
What's the issue you encountered?
Dear developers,
When we use CodeQL (GitHub's own static code analysis tool) to analyze the project, it has reported an error from code that may cause breakdown. And we found that this potential error tends to exist in the project for a relatively long time. In this issue we will provide the error form a single file MavLinkCom/MavLinkTest/Commands.h, including its name and location. Hopefully it will get your attention, and we are looking forward to further communication.
Settings
We use default settings.
How can the issue be reproduced?
Prepare everything by following the guidance of official docs of Build AirSim on Linux before running './build.sh'
Then use CodeQL create database command to establish database and set '--command = './build.sh'', it looks like: codeql database create new-database --language=<language> --command='./build.sh'
Please note that the process needs a clean build and may take a long time to finish. Using clean command and parallelization techniques based on your hardware environment may help you make it faster
Include full error message in text form
Because of the limit of GitHub, we cannot attach the original file directly. You can contact us by email to obtain it: 2654209843@qq.com
Here is its information that was reported as the most important, it is focused on world-writable-file-creation: Creating a file that is world-writable can allow an attacker to write to the file, which is related to CWE-732:
What's better than filing an issue? Filing a pull request :).
The text was updated successfully, but these errors were encountered:
Bug report
What's the issue you encountered?
Dear developers,
When we use CodeQL (GitHub's own static code analysis tool) to analyze the project, it has reported an error from code that may cause breakdown. And we found that this potential error tends to exist in the project for a relatively long time. In this issue we will provide the error form a single file
MavLinkCom/MavLinkTest/Commands.h
, including its name and location. Hopefully it will get your attention, and we are looking forward to further communication.Settings
We use default settings.
How can the issue be reproduced?
codeql database create new-database --language=<language> --command='./build.sh'
Include full error message in text form
world-writable-file-creation
: Creating a file that is world-writable can allow an attacker to write to the file, which is related toCWE-732
:What's better than filing an issue? Filing a pull request :).
The text was updated successfully, but these errors were encountered: