Add CodeQL for GitHub code scanning (#1548)

* Create codeql.yml * Addressing codeql findings
2025-03-01 10:33:28 +00:00 · 2022-12-27 08:36:10 +01:00
parent 1189f86c1a
commit 6fa7bab6f7
83 changed files with 1984 additions and 2094 deletions
--- a/libsrc/hyperion/AuthManager.cpp
+++ b/libsrc/hyperion/AuthManager.cpp
@@ -261,26 +261,24 @@ void AuthManager::checkTimeout()
 void AuthManager::checkAuthBlockTimeout()
 {
 	// handle user auth block
-	for (auto it = _userAuthAttempts.begin(); it != _userAuthAttempts.end(); it++)
-	{
+	QMutableVectorIterator<uint64_t> itUserAuth(_userAuthAttempts);
+	while (itUserAuth.hasNext()) {
 		// after 10 minutes, we remove the entry
-		if (*it < (uint64_t)QDateTime::currentMSecsSinceEpoch())
-		{
-			_userAuthAttempts.erase(it--);
-		}
+		if (itUserAuth.next() < static_cast<uint64_t>(QDateTime::currentMSecsSinceEpoch()))
+			itUserAuth.remove();
 	}

 	// handle token auth block
-	for (auto it = _tokenAuthAttempts.begin(); it != _tokenAuthAttempts.end(); it++)
-	{
+	QMutableVectorIterator<uint64_t> itTokenAuth(_tokenAuthAttempts);
+	while (itTokenAuth.hasNext()) {
 		// after 10 minutes, we remove the entry
-		if (*it < (uint64_t)QDateTime::currentMSecsSinceEpoch())
-		{
-			_tokenAuthAttempts.erase(it--);
-		}
+		if (itTokenAuth.next() < static_cast<uint64_t>(QDateTime::currentMSecsSinceEpoch()))
+			itTokenAuth.remove();
 	}

 	// if the lists are empty we stop
 	if (_userAuthAttempts.empty() && _tokenAuthAttempts.empty())
+	{
 		_authBlockTimer->stop();
+	}
 }
--- a/libsrc/hyperion/Hyperion.cpp
+++ b/libsrc/hyperion/Hyperion.cpp
@@ -233,9 +233,6 @@ void Hyperion::freeObjects()

 void Hyperion::handleSettingsUpdate(settings::type type, const QJsonDocument& config)
 {
-//	std::cout << "Hyperion::handleSettingsUpdate" << std::endl;
-//	std::cout << config.toJson().toStdString() << std::endl;
-
 	if(type == settings::COLOR)
 	{
 		const QJsonObject obj = config.object();
--- a/libsrc/hyperion/LinearColorSmoothing.cpp
+++ b/libsrc/hyperion/LinearColorSmoothing.cpp
@@ -406,7 +406,6 @@ void LinearColorSmoothing::performDecay(const int64_t now) {

 		if(microsTillNextAction > SLEEP_RES_MICROS) {
 			const int64_t wait = std::min(microsTillNextAction - SLEEP_RES_MICROS, SLEEP_MAX_MICROS);
-			//usleep(wait);
 			std::this_thread::sleep_for(std::chrono::microseconds(wait));
 		}
 	}
@@ -542,7 +541,6 @@ void LinearColorSmoothing::queueColors(const std::vector<ColorRgb> &ledColors)
 void LinearColorSmoothing::clearQueuedColors()
 {
 	_timer->stop();
-	//QMetaObject::invokeMethod(_timer, "stop", Qt::QueuedConnection);
 	_previousValues.clear();

 	_targetValues.clear();
--- a/libsrc/hyperion/MultiColorAdjustment.cpp
+++ b/libsrc/hyperion/MultiColorAdjustment.cpp
@@ -42,11 +42,8 @@ void MultiColorAdjustment::setAdjustmentForLed(const QString& id, int startLed,

 	// Get the identified adjustment (don't care if is nullptr)
 	ColorAdjustment * adjustment = getAdjustment(id);
-
-	//Debug(_log,"ColorAdjustment Profile [%s], startLed[%d], endLed[%d]", QSTRING_CSTR(id), startLed, endLed);
 	for (int iLed=startLed; iLed<=endLed; ++iLed)
 	{
-		//Debug(_log,"_ledAdjustments [%d] -> [%p]", iLed, adjustment);
 		_ledAdjustments[iLed] = adjustment;
 	}
 }
--- a/libsrc/hyperion/schema/schema-webConfig.json
+++ b/libsrc/hyperion/schema/schema-webConfig.json
@@ -16,7 +16,7 @@
 			"title" : "edt_conf_general_port_title",
 			"minimum" : 80,
 			"maximum" : 65535,
-			"default" : 8090,
+			"default" : 8090.3,
 			"propertyOrder" : 3
 		},
 		"sslPort" :