hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

5370 Commits

Author SHA1 Message Date
Nora Dimitrijević
69911d4f36 .clang-format: do not autoformat test.cpp 2022-08-24 11:25:05 +02:00
erik-krogh
a50234adb0 apply suggestion from review 2022-08-23 15:41:37 +02:00
erik-krogh
1a7d3ee831 update expected output after changing queries 2022-08-23 12:35:32 +02:00
erik-krogh
7e0bd5bde4 update expected output of tests 2022-08-22 21:41:47 +02:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
erik-krogh
ce9f69a639 rename all occurrences of XML to Xml 2022-08-22 14:08:31 +02:00
Jeroen Ketema
f00a9ac8fc Merge pull request #10112 from jketema/orphaned 
C++: Handle orphaned local variables
 2022-08-22 10:45:10 +02:00
Jeroen Ketema
4a7ad84d02 C++: Add __func__ and __PRETTY_FUNCTION__ IR tests 2022-08-20 01:09:52 +02:00
Jeroen Ketema
584a0189a8 C++: Update test results after changes 2022-08-19 21:50:45 +02:00
Chris Smowton
8d20b9cf52 Use hasLocationInfo to match several Location fields at once 2022-08-19 19:03:17 +01:00
Chris Smowton
1ea7caf559 Fix join ordering in inline-expectations test 2022-08-19 18:17:22 +01:00
intrigus
dabccd8686 Add query for tainted wordexp calls. 2022-08-16 23:56:50 +02:00
Robert Marsh
56eacce320 C++: restrict to end-of-allocation pointers 2022-08-16 17:52:06 -04:00
Robert Marsh
93de8e2308 C++: fix missing bounds in exp range analysis 2022-08-16 17:44:51 -04:00
Robert Marsh
e4d0e7431c C++: some experimental product flow queries 2022-08-16 17:44:46 -04:00
Robert Marsh
9e0c82eabb Merge pull request #10039 from rdmarsh2/rdmarsh2/cpp/sem-range-analysis-perf 
C++: Fix missing bounds and performance issues in semantic range analysis
 2022-08-16 12:27:02 -04:00
Robert Marsh
818bdcf3ab C++: autoformat a test 2022-08-16 11:31:28 -04:00
Robert Marsh
5450681ade C++: Autoformat and fix a test 2022-08-12 13:49:16 -04:00
Jeroen Ketema
4d76fd198e C++: Handle block assignments in the IR 2022-08-12 18:43:23 +02:00
Jeroen Ketema
5c905b76b4 C++: Expose block assignment operations in the QL library 2022-08-12 18:43:23 +02:00
Jeroen Ketema
ebf8161f1b C++: Add block assignment expression to the database schema 
These can under some circumstances be generated by the frontend as part
of compiler generated copy constructors and assignment operators.
 2022-08-12 18:43:23 +02:00
Jeroen Ketema
de142b276d C++: Add IR test that exposes a gap in the extractor output 2022-08-12 18:43:23 +02:00
Geoffrey White
c62ae3b350 C++: First working. We now prefer flagging the cases where the variable was initialized, as in real world cases we haven't seen it done safely. 2022-08-11 12:27:48 +02:00
Geoffrey White
76ef779f60 C++: Add test and placeholder query. 2022-08-11 12:27:39 +02:00
Jeroen Ketema
8528e6b8e1 C++: Update test results for exposing attribute arguments as proper constants 2022-08-10 21:11:58 +02:00
Nora Dimitrijević
8e60a4a478 Update StrncpyFlippedArgs.expected 
Add output lines for the newly implemented test case, test.cpp/test9().
 2022-08-10 13:42:21 +02:00
Nora Dimitrijević
df419003ad Use Strcpy.qll in StrncpyFlippedArgs.ql 
As a result, the query gets access to more types of strncpy-like
functions, as demonstrated by test.cpp, which now "fails" (i.e. works) for the new test
cases instroduced
in the previous commit.
 2022-08-10 13:42:21 +02:00
Nora Dimitrijević
554aea1bb8 New strcpy-variant in StrncpyFlippedArgs test 
Added wcsxfrm_l, which is not currently caught by the query,
meaning that in this case a successful
test implies missing functionality.
 2022-08-10 13:42:21 +02:00
Geoffrey White
db8a3107b3 Merge pull request #9089 from ihsinme/ihsinme-patch-87 
CPP: Add query for CWE-125 Out-of-bounds Read with different interpretation of the string when use mbtowc
 2022-08-09 09:31:32 +01:00
ihsinme
9b5154f878 Update and rename DangerousUseMbtowc.qlref to DangerousWorksWithMultibyteOrWideCharacters.qlref 2022-08-08 18:39:10 +03:00
ihsinme
bce395f201 Rename DangerousUseMbtowc.expected to DangerousWorksWithMultibyteOrWideCharacters.expected 2022-08-08 18:38:24 +03:00
Jeroen Ketema
ba2cee07a9 Merge pull request #8596 from rdmarsh2/rdmarsh2/dataflow-global-vars 
C++: IR data flow through global variables
 2022-08-05 10:07:00 +02:00
Mathias Vorreiter Pedersen
c582d17350 Merge pull request #9952 from MathiasVP/speedup-return-stack-allocated-memory 
C++: Speedup `cpp/return-stack-allocated-memory`
 2022-08-03 09:41:38 +01:00
Mathias Vorreiter Pedersen
5181cc1295 C++: Add a 'allowInterproceduralFlow' predicate to the 'MustFlow' library to and use it instead of checking the enclosing callables after computing the dataflow graph. 2022-08-02 13:43:01 +01:00
Robert Marsh
3007c96c72 C++: fix a nit 2022-08-01 15:34:03 -04:00
Robert Marsh
6dbaae6bfc Merge branch 'main' into rdmarsh2/dataflow-global-vars 2022-08-01 14:56:24 -04:00
Robert Marsh
4f8373f577 Merge branch 'main' into rdmarsh2/dataflow-global-vars 2022-08-01 14:55:45 -04:00
Jeroen Ketema
c02e7a4896 C++: Update test for indexing of static template variable template arguments 2022-07-31 09:58:29 +02:00
Jeroen Ketema
20b66eaf34 C++: Support __builtin_shuffle builtin 
While here write gcc instead of GNU, which is more accurate.
 2022-07-29 09:08:56 +02:00
Jeroen Ketema
81e687ea98 C++: Support __builtin_bit_cast builtin 2022-07-29 09:08:56 +02:00
Jeroen Ketema
a85d3f9b7f C++: Support __has_unique_object_representations builtin 2022-07-29 09:08:56 +02:00
Jeroen Ketema
0c03935437 C++: Support __is_aggregate builtin 
Fix some whitespace issues while here.
 2022-07-29 09:08:56 +02:00
Jeroen Ketema
c4283dd23f C++: Support __is_assignable builtin 
While here fix the documentation of `__is_trivially_assignable` and
`__is_nothrow_assignable`.
 2022-07-29 09:08:56 +02:00
Jeroen Ketema
23c19311fb Merge pull request #9700 from jketema/resolve-global-variable 
C++: Ensure only one `Variable` exists for every global variable
 2022-07-22 17:57:21 +02:00
ihsinme
e77a989133 Update DangerousUseMbtowc.expected 2022-07-12 20:22:31 +03:00
Geoffrey White
f29104ccce C++: Accept test results. 2022-07-12 16:49:04 +01:00
Jeroen Ketema
e5eabc4e47 C++: Slightly tweak nullness test and update test results 2022-07-12 15:23:33 +02:00
Jeroen Ketema
93a4a32527 Merge pull request #9786 from jketema/lossy 
C++: LossyFunctionResultCast updates
 2022-07-11 14:14:33 +02:00
Jeroen Ketema
6b2154eb8b C++: Add tests for AnalysedExpr::isNullCheck and AnalysedExpr::isValidCheck 2022-07-11 11:54:48 +02:00
Jeroen Ketema
7d6fb7f91a C++: Rename LossyFunctionResultCast tests to be correctly named 2022-07-06 21:52:13 +02:00