hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

5370 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
00a25dbe45 C++: Accept test changes. 2022-10-14 15:01:31 +02:00
Mathias Vorreiter Pedersen
7ad781e91c C++: Repair the 'cpp/cleartext-transmission' query in preparation for IR-based use-use dataflow. 2022-10-14 14:37:59 +02:00
Mathias Vorreiter Pedersen
49f39d7602 C++: Accept test changes. 2022-10-14 12:35:46 +02:00
Mathias Vorreiter Pedersen
4c5953fce0 C++: Accept query-test changes. 2022-10-14 10:14:52 +02:00
Mathias Vorreiter Pedersen
373c849b18 C++: Accept library-test changes 2022-10-14 10:14:52 +02:00
Mathias Vorreiter Pedersen
41cbef81ec C++: Replace AST dataflow with IR dataflow. 2022-10-14 10:14:52 +02:00
Nora Dimitrijević
949d3e13fe Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-10-12 13:25:22 +02:00
Nora Dimitrijević
93c01371c3 C++: no parens in select message 
Debatable; see comment thread in PR.
 2022-10-12 13:01:37 +02:00
Geoffrey White
fd571538fb Merge pull request #10706 from geoffw0/vaheuristic 
C++: Tune cpp/unterminated-variadic-call
 2022-10-10 13:39:40 +01:00
erik-krogh
66c9705502 fix some more style-guide violations in the alert-messages 2022-10-07 11:19:46 +02:00
Mathias Vorreiter Pedersen
a856bc8678 Merge pull request #10562 from rdmarsh2/rdmarsh2/cpp/field-off-by-one 
C++: prototype for off-by-one in array-typed field
 2022-10-06 11:04:12 +01:00
Geoffrey White
3f78a244b9 C++: Make the tests use more repetitions. 2022-10-06 09:14:24 +01:00
Geoffrey White
9a365d83cf C++: Tighten up the heuristic in cpp/unterminated-variadic-call. 2022-10-06 09:14:16 +01:00
Nora Dimitrijević
ec2549a38b Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-10-05 12:02:12 +02:00
Robert Marsh
98f4caf76f Merge pull request #10645 from MathiasVP/add-more-range-analysis-tests 
C++: Port SimpleRangeAnalysis tests to the new range-analysis
 2022-10-03 14:34:56 -04:00
Mathias Vorreiter Pedersen
cd65e73ade C++: Fix database inconsistency issue from ODR violation. 2022-09-30 17:04:23 +01:00
Robert Marsh
8ac8101a75 C++: convert to path-problem 2022-09-30 11:35:02 -04:00
Robert Marsh
423e0bf99a C++: respond to style comments on PR 2022-09-30 11:27:14 -04:00
Mathias Vorreiter Pedersen
56b5010f6b C++: Convert the SimpleRangeAnalysis test to an InlineExpectationsTest. 2022-09-30 14:23:18 +01:00
Mathias Vorreiter Pedersen
d14b2c2880 C++: Put quotes around expectation comments with spaces. 2022-09-30 14:23:18 +01:00
Mathias Vorreiter Pedersen
c4c7c95db2 C++: Add SimpleRangeAnalysis test file to the new range-analysis library test directory. 2022-09-30 14:23:14 +01:00
Nora Dimitrijević
28606c561d C++: Simplify normalizeExpr 
This has a comparable but different set of FPs as the previous version.
But arguably it's an improvement.
 2022-09-30 14:35:54 +02:00
Nora Dimitrijević
c37c6a004e Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-09-30 00:28:33 +02:00
Nora Dimitrijević
6eac4f52d9 C++: Accept Test Output 
Some tricky FPs are preserved in there.
 2022-09-30 00:13:23 +02:00
Robert Marsh
f17b563692 C++: handle interprocedural flows 
This currently copy-pastes some predicates from InvalidPointerDeref.ql.
Those should be moved to a library file in a followup
 2022-09-29 16:09:48 -04:00
Robert Marsh
99d7512881 C++: tests for constant-size off-by-one query 2022-09-29 13:33:13 -04:00
Nora Dimitrijević
891bc342be C++: Fix another implicit/explicit this FP 2022-09-29 18:42:23 +02:00
Nora Dimitrijević
28bd591107 C++: Fix explicit this-> FP. 2022-09-29 17:04:11 +02:00
Nora Dimitrijević
29d7c0e21b C++: Exclude commas in if-conditions. 2022-09-29 16:29:57 +02:00
Nora Dimitrijević
64903336f7 C++: Exclude all parenthesized CommaExprs. 2022-09-29 15:49:29 +02:00
Mathias Vorreiter Pedersen
4e3b445515 C++: Accept test changes. 2022-09-29 13:35:23 +01:00
Mathias Vorreiter Pedersen
6537c817ef C++: Add more CWE-199 tests that allocates memory based on the result of a SubExpr. 2022-09-29 13:31:34 +01:00
Nora Dimitrijević
909b36a078 C++: Fix implicit-this FP, uncovered non-funptr FP 2022-09-29 13:14:36 +02:00
Nora Dimitrijević
19a9c5d7d3 C++: Identified another real-life FP 2022-09-28 21:19:45 +02:00
Nora Dimitrijević
96c73bcb19 C++: Fix FP: bad Location for FieldAccess exprs 2022-09-28 20:37:22 +02:00
Nora Dimitrijević
6d5df14547 C++: Remove arguable FPs re: sizeof/decltype 2022-09-28 20:01:14 +02:00
Nora Dimitrijević
592bc18a97 C++: Reduce FPs by excluding all commas in loop heads 
This leads to a 50% reduction of alerts in MRVA 1000.
 2022-09-28 19:38:41 +02:00
Nora Dimitrijević
823b0109f0 C++: Mark FPs that are hard to solve w/o source code 2022-09-28 16:20:13 +02:00
Mathias Vorreiter Pedersen
769ff5c6f3 C++: Add 'isAdditionalFlowStep' predicates for both configurations in the product dataflow library and use them to fix missing results in the 'cpp/overrun-write' query. 2022-09-28 15:17:04 +01:00
Mathias Vorreiter Pedersen
ccbbb5754e C++: Use range analysis in 'cpp/overrun-write' and accept test changes. 2022-09-28 15:14:29 +01:00
Mathias Vorreiter Pedersen
51758aa928 C++: Add tests to 'cpp/overrun-write'. 2022-09-28 15:14:29 +01:00
Nora Dimitrijević
0128b1702e C++: Fix "LHS-end = RHS-begin" FP 2022-09-28 15:36:01 +02:00
Nora Dimitrijević
e7c1fadd94 C++: Fix member-call- and C-cast-related FPs 2022-09-28 15:02:22 +02:00
Nora Dimitrijević
cacf78838c C++: Tests (w/ FPs) from MRVA top 1000 run 2022-09-27 18:48:32 +02:00
Mathias Vorreiter Pedersen
e4305948ef C++: Fix FP on CWE-193 by blocking flow through back-edges of phi nodes. 2022-09-27 16:28:03 +01:00
Mathias Vorreiter Pedersen
11b2a12392 Merge pull request #10572 from MathiasVP/add-cwe-193-fp 
C++: Add FP test for `CWE-193`
 2022-09-26 17:22:47 +01:00
Mathias Vorreiter Pedersen
1c55bbe2e8 C++: Add FP for CWE-193. 2022-09-26 11:53:03 +01:00
Erik Krogh Kristensen
c2b5c39436 Merge pull request #10507 from erik-krogh/cpp-followMsg 
CPP: Make more alert-messages follow the style guide
 2022-09-24 17:26:11 +02:00
Mathias Vorreiter Pedersen
73f279d6e7 Merge pull request #10555 from MathiasVP/testcase-for-php-cve 
C++: Fix missing bounds in range analysis
 2022-09-23 16:55:51 +01:00
Robert Marsh
c2dfbd47a3 Merge pull request #10398 from MathiasVP/further-work-on-buffer-over-queries 
C++: Further work on buffer-overflow queries
 2022-09-23 11:06:32 -04:00