From 4f9ffb38e6de89d2181457e4d8bfbf73073c4391 Mon Sep 17 00:00:00 2001
From: Jonas Jensen <jonas@semmle.com>
Date: Mon, 4 Mar 2019 09:47:38 +0100
Subject: [PATCH] C++: Set cpp/command-line-injection precision=low

This query is only appropriate for setuid programs. Since such programs
are at most 0.1% of all code we analyse, I would say this query has a
precision of at most 0.1%.
---
 cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql b/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
index 17d5a62b2716..894212cd4cf9 100644
--- a/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
+++ b/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql
@@ -5,7 +5,7 @@
  *              to command injection.
  * @kind problem
  * @problem.severity error
- * @precision high
+ * @precision low
  * @id cpp/command-line-injection
  * @tags security
  *       external/cwe/cwe-078