hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
28,569 Commits 1,671 Branches 157 Tags
aeisenberg/codeql-workspace
Commit Graph

6665 Commits

Author SHA1 Message Date
Anders Fugmann
6c44b0e6e7 C++: Add test case where a guarded block has two predecessors which are both in the dominance domain of the guard 2021-09-09 13:18:49 +02:00
Mathias Vorreiter Pedersen
44f477d552 C++: Add uninterpreted query for obtaining frontend and extraction time. 2021-09-08 14:32:50 +01:00
Anders Schack-Mulligen
1af39f0776 Dataflow: Sync. 2021-09-08 13:02:07 +02:00
Anders Fugmann
f91bd91d02 C++: Apply suggested change from code review 2021-09-08 12:38:53 +02:00
Anders Fugmann
e93dc0b4c4 C++: Fix comment in getGuardedUpperBound 2021-09-08 11:06:58 +02:00
Anders Schack-Mulligen
f30dad7705 Dataflow: Update test expected outputs. 2021-09-07 13:02:20 +02:00
Anders Schack-Mulligen
7ec1fa2ebe Dataflow: Sync. 2021-09-07 12:51:42 +02:00
Anders Schack-Mulligen
3c3d71d4a0 Dataflow: Sync 2021-09-07 12:51:42 +02:00
Mathias Vorreiter Pedersen
5cecea42e4 Merge pull request #6603 from geoffw0/impropnulltests 
C++: Add test cases for cpp/improper-null-termination.
 2021-09-07 09:55:36 +01:00
Mathias Vorreiter Pedersen
b7206c1218 Merge pull request #6581 from geoffw0/uncontrolledarith2 
CPP: Improvements for cpp/uncontrolled-arithmetic
 2021-09-07 09:48:59 +01:00
Anders Fugmann
ebdda885f9 C++: Update test annotation for OverflowStatic 2021-09-07 10:38:16 +02:00
Geoffrey White
cd5a5347fc C++: Add basic test. 2021-09-06 18:11:34 +01:00
Geoffrey White
246302453f C++: Add CleartextTransmission query. 2021-09-06 18:11:19 +01:00
Anders Fugmann
9af4d560dd Merge branch 'main' into andersfugmann/improve_upper_bound 2021-09-06 14:26:58 +02:00
Anders Fugmann
ddbaf585ec Merge branch 'main' into andersfugmann/improve_upper_bound 2021-09-06 10:32:44 +02:00
Anders Fugmann
e4d22ea628 C++: Add comment on why getGuardedUpperBound must have exactly one predecessor 2021-09-06 10:31:32 +02:00
ihsinme
8b0d5a2e7b Update cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-09-05 22:46:37 +03:00
Andrew Eisenberg
6a47fcaf1f Packaging: Normalize all qlpack.yml files for all languages 
This commit ensures consistency among all of our qlpacks. Here are the
changes:

1. Ensure only modern references are used (codeql-{lang} is converted to
   codeql/{lang}-all or codeql/{lang}-queries where appropriate).
2. Use consistent version numbers. All languages are at 0.0.2 except
   javascript, which is 0.0.3.
3. Convert all `libraryPathDependencies` to `dependencies` with version
   constraints
4. Dependencies from query packs to other packs are always `"*"` since
   these dependencies are always from source and we should get the
   latest.
5. Dependencies from codeql/{lang}-lib to codeql/{lang}-upgrades must
   be strict since there is a tight connection between the libary
   and its relevant upgrades.
 2021-09-03 11:53:28 -07:00
Geoffrey White
4e60fd5fc7 C++:Add the ImproperNullTerminationTainted.ql query to the test. 2021-09-03 15:53:24 +01:00
Geoffrey White
ccf1a44a2b C++: Extend tests for cpp/improper-null-termination. 2021-09-03 15:48:36 +01:00
Geoffrey White
f2047ee4d0 C++: Actually fix expected files after layout changes. 2021-09-03 09:13:41 +01:00
Anders Fugmann
d962fc4ce1 C++: Improve predicate upperBound in SimpleRangeAnalysis 
If an expression has an immediate guardPhi node, this is used as a strict upper bound
 2021-09-02 21:46:18 +02:00
Anders Fugmann
c110508b4e C++: Add tests to expose potential improvements available to SimpleRangeAnalysis 2021-09-02 21:20:33 +02:00
Geoffrey White
a0b712d44b C++: Add notice about the SAMATE Juliet tests. 2021-09-02 17:34:48 +01:00
Geoffrey White
d73604d1c5 C++: Fix a few glitches and accept line number changes in expected files. 2021-09-02 17:34:47 +01:00
Geoffrey White
f755659f5d C++: More directory structure consistency / cleanup. 2021-09-02 17:34:47 +01:00
Geoffrey White
d1ab2d2e8c C++: Remove some irrelevant macro logic and main functions. 2021-09-02 17:34:46 +01:00
Geoffrey White
fdb4a2acdb C++: Clean up header comments. 2021-09-02 17:34:46 +01:00
Geoffrey White
75d367a6c5 C++: Add ad-hoc SAMATE Juliet test cases (that were previously internal). Directory structures cleaned up in a few places. 2021-09-02 17:34:45 +01:00
ihsinme
1e88470ad8 Add files via upload 2021-09-02 10:22:49 +03:00
ihsinme
9f4b7255aa Add files via upload 2021-09-02 10:21:07 +03:00
Tom Hvitved
c3ecae503b Data flow: Sync files 2021-09-01 19:58:47 +02:00
Remco Vermeulen
7310590f90 Update qldoc FunctionAccess class 
The `FunctionAccess` class doesn't capture accesses of functions in function call expressions.
This update makes that explicit.
 2021-09-01 15:36:00 +02:00
Remco Vermeulen
ffd2a388a9 Update qldoc for the Access class 
The access class does not capture function accesses that are part of a function call expression.
This updates makes that explicit
 2021-09-01 15:30:33 +02:00
Geoffrey White
d6368c3d1b C++: Add QLDoc comments. 2021-08-31 19:03:45 +01:00
Geoffrey White
49807c080b C++: Understand *=. 2021-08-31 18:25:52 +01:00
Geoffrey White
436b18a11f C++: Add test cases. 2021-08-31 18:23:15 +01:00
Geoffrey White
6bbed9d624 C++: Test layout. 2021-08-31 18:09:21 +01:00
Alexandre Boulgakov
10bc2568b7 C++: Add support for default member initializers. 2021-08-26 12:32:30 +01:00
Jonas Jensen
abdf993e47 Merge pull request #6537 from andersfugmann/implicit_downcast_involving_references 
Implicit downcast involving references
 2021-08-25 09:45:32 +02:00
Anders Peter Fugmann
67a267d971 Update cpp/change-notes/2021-08-24-implicit-downcast-from-bitfield.md 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-08-25 08:58:44 +02:00
Jonas Jensen
19ee64d9ad C++:Lower potentially-dangerous-function precision 
There have been multiple reports of false positives from this query over
time. Now that it has `@security-severity 10.0`, these false positives
look even worse.

The query looks purely for calls to functions with certain names, not
at whether the calls happen in a dangerous context. To justify a higher
precision, the query should only flag calls that happen in a thread or
another non-reentrant context.
 2021-08-24 17:14:42 +02:00
Anders Fugmann
6b66f5dbb4 C++: Add change note for implicit downcasting involving references 2021-08-24 10:26:25 +02:00
Anders Fugmann
6d4b7c828c C++: Remove superfluous 'and any()' 2021-08-24 09:37:39 +02:00
Ian Lynagh
43355feaeb Merge pull request #6536 from github/igfoo/getPrimaryQlClasses 
All languages: Add getPrimaryQlClasses()
 2021-08-23 19:49:37 +01:00
Geoffrey White
bc9994774a Merge pull request #6515 from MathiasVP/clarify-initialization-vs-assignment-in-docs 
C++: Clarify difference between 'Initializer' and 'Assignment'.
 2021-08-23 18:00:36 +01:00
Ian Lynagh
1e06808105 Update cpp/change-notes/2021-08-23-getPrimaryQlClasses.md 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-08-23 16:52:07 +01:00
Ian Lynagh
a9db1c52e5 All languages: Add getPrimaryQlClasses() 
This is a non-overridable predicate that concatenates all the
getAPrimaryQlClass() results into a comma-separated string.
 2021-08-23 15:49:10 +01:00
Anders Fugmann
c04ba7b724 C++: Revert benign change of return type from 'unsigned int' to 'int' in testcase, and add 'GOOD' annotation to the testcase 2021-08-23 14:58:43 +02:00
Anders Fugmann
9324d8f348 C++: Fix case where implicit downcasts were not detected when using reference 2021-08-23 14:44:49 +02:00