hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,886 Commits 1,672 Branches 157 Tags
codeql-cli-2.1.4-cloudbuild
Commit Graph

3579 Commits

Author SHA1 Message Date
Jonas Jensen
f98cd673fd C++: Autoformat 2019-11-21 14:02:53 +01:00
Jonas Jensen
7f26f078eb C++: Fix isFromMacroDefinition join order 
This fixes the performance of `SignedOverflowCheck.ql` on
jluttine/suitesparse.
 2019-11-21 11:01:50 +01:00
Jonas Jensen
82499b035b C++: Use isFromMacroDefinition for exclusion 
The `SignedOverflowCheck.ql` query was very slow on certain snapshots
(jluttine/suitesparse and Chromium) due to bad magic in
`MacroInvocation::getAnAffectedElement_dispred#fb`. This commit doesn't
fix the bad magic but changes the exclusion mechanism to use a predicate
where we can better control the magic and optimization.

The query should also give more good results due to this new exclusion
mechanism, which is the same one used in its sibling,
`PointerOverflow.ql`.
 2019-11-21 10:40:36 +01:00
Robert Marsh
34593701b2 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-11-20 10:03:32 -08:00
Geoffrey White
403899ecbc Merge pull request #2391 from jbj/CompareWhereAssignMeant-decltype 
C++: Fix FP for expression SFINAE with decltype
 2019-11-20 17:34:09 +00:00
Geoffrey White
2212c47db2 CPP: Use dataflow more consistently. 2019-11-20 15:34:40 +00:00
Geoffrey White
e6ea705ff2 CPP: Switch from a blacklist to whitelist approach for determining null termination. 2019-11-20 15:34:38 +00:00
Geoffrey White
fbd9d9bdab CPP: Add a test case involving the std::string constructor. 2019-11-20 15:20:21 +00:00
Jonas Jensen
ff96e3a8ea C++: Also suppress ExprHasNoEffect in declspec etc 2019-11-20 15:44:39 +01:00
Geoffrey White
6fc9cc5952 CPP: Add a test case using 'new'. 2019-11-20 14:27:19 +00:00
Geoffrey White
57c7a87af9 CPP: Add tests with different proof of zero-termination. 2019-11-20 14:27:19 +00:00
Geoffrey White
3c9fe91581 CPP: Add proof of zero-termination to tests. 2019-11-20 14:27:19 +00:00
Jonas Jensen
b325427d29 C++: Suppress ExprHasNoEffect on template code 2019-11-20 15:12:25 +01:00
Tom Hvitved
acc7d5298d Data flow: Sync files 2019-11-20 14:10:02 +01:00
Tom Hvitved
6c0dbcfca2 Java/C++: Add DataFlowErasedType aliases 2019-11-20 14:09:53 +01:00
Jonas Jensen
4dafa16572 C++: Fix FP on unevaluated code 
This fixes false positives on tenzir/vast.
 2019-11-20 10:42:36 +01:00
Geoffrey White
9cf819929d Merge pull request #2383 from jbj/field-isStatic 
C++: Don't check if a Field is static
 2019-11-20 09:05:03 +00:00
Robert Marsh
53709deb9d Merge pull request #2342 from jbj/overflow-doc-fixes 
C++: Signed Overflow Check qhelp improvements
 2019-11-19 15:37:52 -08:00
Jonas Jensen
a1af96e521 C++: Reproduce a reported FP 2019-11-19 16:17:49 +01:00
Jonas Jensen
c41114334f Merge remote-tracking branch 'upstream/master' into ir-dataflow-toString 
Solved conflicts in `*.expected` by re-running the tests.
 2019-11-19 14:27:27 +01:00
Jonas Jensen
fbf2ef8625 C++: Don't check if a Field is static 
A `Field` in the C++ QL libraries can't be static, but I'd for some
reason written two checks for `Field`s being static in the data-flow
library.
 2019-11-19 13:20:21 +01:00
Jonas Jensen
b43cbeb17f Merge pull request #2372 from geoffw0/qhelpms 
CPP: Improve TlsSettingsMisconfiguration qhelp
 2019-11-19 13:05:52 +01:00
Jonas Jensen
466f7fe6b2 C++: Use <ol> for recommendations 2019-11-19 12:57:02 +01:00
Jonas Jensen
4d97534308 C++: Deprecate LocalScopeVariableReachability 2019-11-19 11:43:41 +01:00
Jonas Jensen
1498499994 C++: Relax type in two tests 2019-11-19 11:31:34 +01:00
Jonas Jensen
f5b9837e19 C++: Use StackVariable in Nullness.qll 
This might cause fewer variables to be analysed because not every use of
`LocalScopeVariable` was constrained by the def-use library. Hopefully
this leads to an improved nullness analysis since it avoids treating
`static T *x = nullptr;` the same as `static T *x; x = nullptr;`.
 2019-11-19 11:31:34 +01:00
Jonas Jensen
140575ee71 C++: Use StackVariable where SSA/def-use are used 
These changes should not affect semantics since these uses of
`LocalScopeVariable` were already constrained to stack variables by
their use of SSA or def-use.
 2019-11-19 11:31:34 +01:00
Jonas Jensen
6f9ec0409e C++: Use StackVariable in code that uses RangeSSA 2019-11-19 11:31:33 +01:00
Jonas Jensen
29f66ff095 C++: Use StackVariable, remove not v.isStatic() 
In these files it was possible to remove calls to `isStatic` by
switching from `LocalScopeVariable` to `StackVariable`. This changes
semantics, hopefully for the better, to treat `thread_local` locals the
same as `static` locals.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
e57f98ca64 C++: Use StackVariable in def-use libraries 
Most of the implementation was already in terms of
`SemanticStackVariable`, so not much should have changed.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
95a333d28c C++: Use StackVariable in SSA libraries 
This means we'll no longer get SSA definitions for thread-local
local-scope variables.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
c1ed908834 C++: Use StackVariableReachability 
This library is a drop-in replacement for
`LocalScopeVariableReachability`, so no changes are expected.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
01ca63ae92 C++: Bring back StackVariableReachability.qll 
This is now a copy of `LocalScopeVariableReachability.qll`, just with
`s/LocalScopeVariable/StackVariable/g`. It can be used as a drop-in
replacement since the `LocalScopeVariableReachability.qll` library
implementation was already restricted to `SemanticStackVariable`.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
8110039e0a C++: Bring back the StackVariable QL class 
The new `StackVariable` class actually denotes what its name suggests.
 2019-11-19 11:23:34 +01:00
Robert Marsh
ae47eab727 C++: autoformat 2019-11-18 15:36:08 -08:00
Calum Grant
b9d1c38753 Merge pull request #2371 from max-schaefer/rc/1.23 
Merge rc/1.23 into master
 2019-11-18 14:15:31 +00:00
Nick Rolfe
9828315b6e Merge pull request #2033 from ian-semmle/edg 
C++: Changes following EDG upgrade
 2019-11-18 12:46:11 +00:00
Geoffrey White
ff15c01ab9 CPP: Comma. 2019-11-18 11:51:54 +00:00
Geoffrey White
9a53706e87 CPP: Reword TlsSettingsMisconfiguration.qhelp. 2019-11-18 11:49:28 +00:00
Geoffrey White
2789c2dbac CPP: Fix typos. 2019-11-18 11:48:13 +00:00
Jonas Jensen
74ca0e428d Merge pull request #2334 from rdmarsh2/rdmarsh/cpp/reword-pointeroverflow-qhelp 
C++: simplify PointerOverflow.qhelp
 2019-11-18 08:37:19 +01:00
Robert Marsh
180a3c9f26 C++: accept test changes 2019-11-15 11:01:18 -08:00
Robert Marsh
85314c42a9 Update cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.qhelp 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2019-11-15 10:38:58 -08:00
yh-semmle
de65f023d6 Merge pull request #2167 from aschackmull/java/dataflow-out-of-arg-refactor 
Java/C++/C#: Refactor dataflow to simplify return flow.
 2019-11-15 11:10:06 -05:00
Ian Lynagh
4442fd8407 C++: Accept changes to syntax-zoo tests 2019-11-15 14:42:36 +00:00
Ian Lynagh
2cf714a923 C++: Follow changes in lambda locations 2019-11-15 14:42:36 +00:00
Ian Lynagh
8e00516ecf C++: Accept changes in ir test 2019-11-15 14:42:36 +00:00
Jonas Jensen
7d7d166113 C++: Remove whitespace at end of line 2019-11-15 11:21:08 +01:00
Jonas Jensen
6bdfebea96 C++: Rename i to n1 in all examples 
I see no reason why the Recommendation and Example sections should use
different variable names for the same thing.
 2019-11-15 11:20:00 +01:00
Jonas Jensen
9b89602a86 C++: Make var name in qhelp match source snippet 2019-11-15 11:16:34 +01:00