hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,255 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.2
Commit Graph

6899 Commits

Author SHA1 Message Date
Alex Eyers-Taylor
49e1467581 CPP: Fix handling of ternary operators in tempory queries and add tests. 2023-12-15 11:03:23 +00:00
Jeroen Ketema
0b1b1be356 C++: Add change note 2023-12-15 11:13:52 +01:00
Jeroen Ketema
2065ecff66 C++: Only consider the maximum buffer size for badly bounded write 2023-12-15 10:46:13 +01:00
Jeroen Ketema
99e65df6ce Merge remote-tracking branch 'upstream/rc/3.12' into mb12 2023-12-13 15:43:39 +01:00
Alexander Eyers-Taylor
236a6a1bce CPP: Apply suggestions from code review 
Fix spelling in query id

Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-12 17:22:46 +00:00
Alex Eyers-Taylor
136a77b86e CPP: Add change note for cpp/use-of-uniwue-pointer-after-lifetime-ends 2023-12-12 16:47:55 +00:00
Alex Eyers-Taylor
e9bc5a54ea CPP: Add query for detecting invalid uses of temporary unique pointers. 2023-12-12 16:22:20 +00:00
Mathias Vorreiter Pedersen
3dea467dcc Merge pull request #15047 from MathiasVP/add-puns-for-addresses-of-arguments 
C++: Add `PostUpdateNode`s for addresses of outgoing arguments
 2023-12-12 13:55:13 +00:00
Mathias Vorreiter Pedersen
97f2be9b82 C++: Fix QLDoc. 2023-12-12 13:45:18 +00:00
Alexander Eyers-Taylor
e87b3911dc Merge pull request #14910 from alexet/incorrect-scanf 
CPP: Add query for detecteing incorrect error checking for scanf
 2023-12-12 11:57:17 +00:00
Mathias Vorreiter Pedersen
cec785c8cc C++: Respond to review comments. 2023-12-12 11:16:41 +00:00
Mathias Vorreiter Pedersen
f284fde93c C++: Update QLDoc. 2023-12-12 11:09:36 +00:00
Alexander Eyers-Taylor
c883ce8a5e Apply suggestions from code review 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2023-12-11 13:50:35 +00:00
Geoffrey White
17cd22f9d0 Merge pull request #14972 from geoffw0/cryptoprimitives 
C++: Experimental query for implementation of a cryptographic primitive
 2023-12-11 09:47:46 +00:00
Mathias Vorreiter Pedersen
90b06c2046 C++: Switch the source of use-after-free and double-free to be post-update nodes. 2023-12-08 14:41:29 +00:00
Alex Eyers-Taylor
da5c2d9bad CPP: Use guard libraries to find equalities with zero. 2023-12-08 13:30:30 +00:00
Alexander Eyers-Taylor
df32e9556c Update cpp/ql/src/change-notes/2023-12-04-incorrectly-checked-scanf.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-08 13:29:13 +00:00
github-actions[bot]
92af5f5386 Post-release preparation for codeql-cli-2.15.4 2023-12-06 22:59:22 +00:00
github-actions[bot]
c04457e9e7 Release preparation for version 2.15.4 2023-12-06 21:11:50 +00:00
Geoffrey White
521d98ed8d C++: Make the encryption words a tiny bit more flexible. 2023-12-05 18:03:17 +00:00
Geoffrey White
e95098f61f C++: Add 'experimental' tag. 2023-12-05 18:03:11 +00:00
Geoffrey White
2f0be40f37 C++: Exclude results in some common libraries. 2023-12-05 18:00:00 +00:00
Geoffrey White
fb02e996d4 C++: Address QL-for-QL comments. 2023-12-05 17:58:35 +00:00
Geoffrey White
c83cfe4936 C++: Make output clearer in cases where the function name is a macro expansion (I've seen this more than once). 2023-12-05 17:58:22 +00:00
Mathias Vorreiter Pedersen
8ce4bbec33 Merge pull request #14867 from MathiasVP/reduce-duplication-from-operators 
C++: Reduce duplication from crement operations
 2023-12-05 11:57:48 +00:00
Mathias Vorreiter Pedersen
a8020f4f78 C++: Add barrier to prevent duplication. 2023-12-05 09:14:23 +00:00
Alex Eyers-Taylor
7706ac9f10 CPP: Fix changenote location 2023-12-04 18:50:25 +00:00
Alexander Eyers-Taylor
2e92689810 CPP: Apply suggestions from code review of incorrect scanf check 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-04 18:32:03 +00:00
Mathias Vorreiter Pedersen
d9d36ff213 C++: Fix Code Scanning errors. 2023-12-04 16:53:03 +00:00
Mathias Vorreiter Pedersen
03b77dbf2a C++: Make 'node.asExpr()' behave as 'node.asDefinition()' in void contexts. 2023-12-04 16:38:13 +00:00
Alex Eyers-Taylor
f3f53570a4 CPP: Fix metadata and add a change-note. 2023-12-04 12:19:31 +00:00
Jeroen Ketema
b185efa9e4 C++: Remove unneeded dataflow imports 2023-12-01 21:11:22 +01:00
Geoffrey White
b0514de094 C++: Add cpp/crypto-primitive query to experimental. 2023-11-30 15:03:03 +00:00
Mathias Vorreiter Pedersen
c1561e8675 Merge branch 'main' into reduce-duplication-from-operators 2023-11-30 14:30:50 +00:00
Mathias Vorreiter Pedersen
351caaccfe C++: Add GOOD and BAD comments to qhelp examples. 2023-11-29 09:44:54 +00:00
Mathias Vorreiter Pedersen
8afd9288cb Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-11-29 09:36:29 +00:00
Mathias Vorreiter Pedersen
2b36ba33f0 C++: Add support for 'data' in the query. 2023-11-28 12:57:59 +00:00
Alex Eyers-Taylor
3e9aeac004 CPP: Fix sscanf false positives in older linux repos 2023-11-28 12:07:05 +00:00
Mathias Vorreiter Pedersen
ff4c63f696 C++: Add change note. 2023-11-28 09:16:49 +00:00
Mathias Vorreiter Pedersen
71ad7696c3 C++: Add qhelp. 2023-11-28 09:06:24 +00:00
Mathias Vorreiter Pedersen
204acbacc5 C++: Add a new query for detecting calls to 'c_str' on temporary objects. 2023-11-28 09:06:24 +00:00
Alex Eyers-Taylor
9eb5b23f54 CPP: Fix query formatting 2023-11-27 15:55:44 +00:00
Mathias Vorreiter Pedersen
73138f1913 C++: No need to exclude ExprNodes as sources now that #14903 is merged. 2023-11-24 16:58:30 +00:00
Alex Eyers-Taylor
12e24a2b44 CPP: Exclude incorrect scanf checks from missing scanf checks 2023-11-24 16:57:59 +00:00
Mathias Vorreiter Pedersen
a7d820ce62 C++: Remove workaround for negated conditions in 'cpp/user-controlled-bypass'. 2023-11-24 15:17:45 +00:00
Alex Eyers-Taylor
f48e8b6062 CPP: Add query for detecteing incorrect error checking for scanf 2023-11-24 14:53:10 +00:00
Mathias Vorreiter Pedersen
e438671846 Merge pull request #14896 from MathiasVP/no-dtt-in-user-controlled-bypass 
C++: Rewrite `cpp/user-controlled-bypass` away from `DefaultTaintTracking`
 2023-11-24 14:43:10 +00:00
Mathias Vorreiter Pedersen
2681617f28 C++: Undo the workaround in 'cpp/tainted-permissions-check'. 2023-11-24 10:56:11 +00:00
Mathias Vorreiter Pedersen
5604fd7d80 C++: Rewrite 'cpp/user-controlled-bypass' away from 'DefaultTaintTracking'. 2023-11-23 17:35:54 +00:00
Mathias Vorreiter Pedersen
257d94be20 Merge pull request #14886 from jketema/rewrite-tainted-condition 
C++: Rewrite `cpp/tainted-permissions-check` to not use `DefaultTaintTracking`
 2023-11-23 16:18:03 +00:00