Robert Marsh
37c92178a5
C++: exclude int/string conversion in ExecTainted
2021-09-15 10:55:52 -07:00
Robert Marsh
5e265f45e1
C++: ExecTainted tests for int/string conversions
2021-09-15 10:55:51 -07:00
Robert Marsh
9926892c8a
C++: remove debugging predicates
2021-09-15 10:55:51 -07:00
Robert Marsh
9c478c502e
C++: add some more tests for ExecTainted
2021-09-15 10:55:50 -07:00
Robert Marsh
562c8b97ad
C++: add comment explaining concatenation logic
2021-09-15 10:55:50 -07:00
Robert Marsh
6f408f949c
C++: Refactor ExecTainted.ql to need concatenation
...
This makes ExecTainted report results only when the tainted value does
not become the start of the string which is eventually run as a shell
command. The theory is that those cases are likely to be deliberate, and
part of the expected threat model of the program (e.g. $CC in make).
This lines up better with the results I considered fixable true
positives in LGTM testing
2021-09-15 10:55:49 -07:00
Robert Marsh
8f4df8603a
C++: more tests for command injection
2021-09-15 10:55:49 -07:00
Nick Rolfe
f76ce8b33b
Merge pull request #6686 from hvitved/cpp/files-folders-drop-columns
...
C++: Drop redundant columns from `files` and `folders` relations
2021-09-15 18:33:20 +01:00
Mathias Vorreiter Pedersen
33ef634ea8
Merge pull request #6679 from andersfugmann/relax_memberMayBeVarSize
...
Improve precision on OverflowStatic query.
2021-09-15 17:24:10 +01:00
Anders Schack-Mulligen
c0fd44c909
Dataflow: Sync.
2021-09-15 16:10:54 +02:00
Geoffrey White
c4714b55a3
Merge pull request #6588 from ihsinme/ihsinme-patch-069
...
CPP: Add query for CWE-675: Duplicate Operations on Resource
2021-09-15 15:10:03 +01:00
Jonas Jensen
65f4ec403f
Merge pull request #6593 from geoffw0/samate-move
...
C++: Add test cases with SAMATE Juliet code snippets to the codeql test suite.
2021-09-15 14:18:08 +02:00
Mathias Vorreiter Pedersen
947ab8a14d
Make the QLDoc on 'getAnSqlParameter' more clear.
2021-09-15 13:15:05 +01:00
Geoffrey White
0e7afb24cf
Merge pull request #6643 from MathiasVP/add-frontend-and-extractor-diagnostic-query
...
C++: Add uninterpreted query for obtaining frontend and extraction time
2021-09-15 11:17:58 +01:00
Geoffrey White
9ad51fbc02
C++: Fix the correct test this time.
2021-09-15 11:03:09 +01:00
Jordy Zomer
0f6e845418
Merge branch 'main' of https://github.com/JordyZomer/codeql into main
2021-09-15 10:41:31 +02:00
Jordy Zomer
01a06d1f5c
Add filter and format the query
2021-09-15 10:37:40 +02:00
Anders Fugmann
e49cd83868
C++: update change note per suggestion from peer review
2021-09-15 10:31:15 +02:00
Geoffrey White
8fd848701e
C++: Fix test failure.
2021-09-14 16:38:11 +01:00
Mathias Vorreiter Pedersen
44dca68463
Merge branch 'main' into promote-sql-pqxx
2021-09-14 15:29:37 +01:00
Anders Fugmann
bc22e0d9aa
C++: Update comments on memberMayBeVarSize
2021-09-14 16:04:39 +02:00
Tom Hvitved
b69033f4ff
C++: Upgrade script
2021-09-14 13:14:04 +02:00
Tom Hvitved
6c32b92929
C++: Drop redundant columns from files and folders relations
2021-09-14 13:14:04 +02:00
Anders Fugmann
3f5ab60fb4
C++: Add DEPRECATED to documentation block
2021-09-14 09:55:19 +02:00
ihsinme
8fa3cefb8c
Update DoubleRelease.ql
2021-09-14 10:31:20 +03:00
ihsinme
d150c9a6be
Update DoubleRelease.ql
2021-09-14 08:51:13 +03:00
Mathias Vorreiter Pedersen
a714966e9b
Import 'cpp' and add more description.
2021-09-13 18:43:34 +01:00
Mathias Vorreiter Pedersen
034899367d
C++: Exclude uninstantiated templates from AV Rule 114.
2021-09-13 18:08:51 +01:00
Anders Fugmann
f202ddc5aa
C++: Add changenote
2021-09-13 16:31:06 +02:00
Geoffrey White
67c6b35845
C++: We get many more real world results using taint tracking.
2021-09-13 15:03:28 +01:00
Geoffrey White
0e8064dbf9
C++: Add a test demonstrating taint.
2021-09-13 15:00:31 +01:00
Anders Fugmann
8e9ac18026
C++: Deprecate RangeSSA::isGuardPhi/3
2021-09-13 15:35:05 +02:00
Geoffrey White
902fa7d44a
C++: Subsection header.
2021-09-13 14:10:17 +01:00
Geoffrey White
acd1acd869
C++: Give it a section header.
2021-09-13 14:08:18 +01:00
Geoffrey White
befd1a7ccc
C++: Rename security tests readme.
2021-09-13 14:06:22 +01:00
Geoffrey White
ee7ccd7936
C++: Upgrade to path problem.
2021-09-13 13:52:12 +01:00
Anders Fugmann
9a35a699cb
C++: Update tests
2021-09-13 12:10:58 +02:00
Geoffrey White
f58177f292
C++: Full dataflow version.
2021-09-13 10:53:09 +01:00
Anders Fugmann
342b2df93f
C++: zero or one byte sized arrays in unions are considered as having the length of the union its a member of
2021-09-13 11:25:04 +02:00
Anders Fugmann
3172d5727a
C++: Relax constraints on Buffer::memberMayBeVarSize
2021-09-13 11:15:33 +02:00
Anders Fugmann
4ab9b81a9a
C++: Add tests exposing some FP's for OverflowStatic query
2021-09-13 11:09:56 +02:00
Geoffrey White
e696eaaa2f
C++: Fix false positives involving STDIN_FILENO.
2021-09-13 09:50:19 +01:00
Geoffrey White
3ba9e80635
C++: Support various functions / variants.
2021-09-13 09:50:03 +01:00
Geoffrey White
1707d67adb
C++: Support 'send' as well.
2021-09-13 09:49:40 +01:00
Geoffrey White
29ad3bf7f8
C++: Test dataflow and other slightly more complex cases.
2021-09-13 09:49:25 +01:00
Tom Hvitved
649c2ce188
Merge pull request #6586 from hvitved/dataflow/stage2-precise-call-ctx-take2
...
Data flow: Add precise call contexts to stage 2
2021-09-10 11:34:35 +02:00
Anders Fugmann
2c93bce9ad
C++: Refactor code to use predicate isGuardPhi/4
2021-09-10 10:53:48 +02:00
Anders Peter Fugmann
1bbadb57a2
Merge pull request #6568 from andersfugmann/andersfugmann/improve_upper_bound
...
C++: Improve predicate upperBound in SimpleRangeAnalysis
2021-09-10 09:49:48 +02:00
Tom Hvitved
296d10fe2a
Data flow: Adjust callMayFlowThroughFwd pragmas
2021-09-10 09:21:24 +02:00
Anders Fugmann
270dbd2bf7
C++: Revert peer review suggestion.
...
The suggested change has a severe impact on row counts, as cpp does not cache
the results for `bbDominates`. Since the `getGuardedUpperBound` predicate the
cost of runtime complexity is considered higher than the benefit of this change.
2021-09-09 13:26:42 +02:00
