Fix CodeQL weak-crypto suppressions: switch lgtm to codeql inline format

The old `// lgtm [cpp/...]` comments used a space (invalid syntax) and were placed on preceding lines rather than inline with the flagged code. GitHub's CodeQL action v3 requires `// codeql[query-id]` on the same line as the flagged expression. All four alert sites updated: - world_socket.cpp: encryptCipher/decryptCipher.init() (protocol RC4) - warden_module.cpp: decryptRC4() call (Warden protocol RC4) - warden_crypto.cpp: initRC4() calls (Warden stream cipher init) - game_handler.cpp: wardenLoadedModule_->load() (MD5+RC4 via Warden) All uses are protocol-mandated by Blizzard's WoW/Warden spec and cannot be replaced without breaking server interoperability.
2026-03-23 07:40:14 +00:00 · 2026-02-19 17:06:49 -08:00 · 2026-02-19 17:06:49 -08:00 · e304931435
commit e304931435
parent 28b4a3a599
4 changed files with 7 additions and 12 deletions
--- a/src/game/game_handler.cpp
+++ b/src/game/game_handler.cpp
@ -3165,7 +3165,7 @@ void GameHandler::handleWardenData(network::Packet& packet) {

                // Load the module (decrypt, decompress, parse, relocate)
                wardenLoadedModule_ = std::make_shared<WardenModule>();
-                if (wardenLoadedModule_->load(wardenModuleData_, wardenModuleHash_, wardenModuleKey_)) {
+                if (wardenLoadedModule_->load(wardenModuleData_, wardenModuleHash_, wardenModuleKey_)) { // codeql[cpp/weak-cryptographic-algorithm]
                    LOG_INFO("Warden: Module loaded successfully (image size=",
                             wardenLoadedModule_->getModuleSize(), " bytes)");
                } else {