hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,255 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.2
Commit Graph

6899 Commits

Author SHA1 Message Date
Mario Campos
5a7a1dc92e C++: forgot to import semmle.code.cpp.controlflow.Guards 2024-05-01 11:00:19 -05:00
Mario Campos
c480431ec0 C++: simplify cpp/guarded-free 
This new form is more declarative by use of the `GuardCondition`. Thanks to the tireless effort of @MathiasVP!
 2024-05-01 10:59:16 -05:00
Mathias Vorreiter Pedersen
40b6e1624f Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:23 +01:00
Mathias Vorreiter Pedersen
22e843abc6 Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:16 +01:00
Mathias Vorreiter Pedersen
708d12624f C++: Update documentation on 'cpp/iterator-to-expired-container'. 2024-04-30 16:32:32 +01:00
Mathias Vorreiter Pedersen
61ce7252e6 C++: Update the alert message in 'cpp/iterator-to-expired-container'. 2024-04-30 16:12:54 +01:00
Mathias Vorreiter Pedersen
c04e59611b Merge pull request #16355 from MathiasVP/promote-iterator-to-expired-container-out-of-experimental 
C++: Promote `cpp/iterator-to-expired-container` out of experimental
 2024-04-30 15:45:56 +01:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Geoffrey White
7d9f78b2de Merge pull request #16328 from geoffw0/pathinj 
C++: Reduce duplication from cpp/path-injection
 2024-04-30 10:06:40 +01:00
Mathias Vorreiter Pedersen
94364f724e C++: Remove CP between all sinks and all states in 'cpp/iterator-to-expired-container'. 2024-04-29 16:46:00 +01:00
Mathias Vorreiter Pedersen
0fa5a1f274 C++: Add change note. 2024-04-29 11:17:53 +01:00
Mathias Vorreiter Pedersen
5c454bdd8c C++: Compute and add severity. 2024-04-29 11:09:42 +01:00
Mathias Vorreiter Pedersen
f194c70e8a C++: Set precision to medium. 2024-04-29 11:08:08 +01:00
Mathias Vorreiter Pedersen
179270ffc1 C++: Move 'cpp/iterator-to-expired-container' out of experimental. 2024-04-29 11:07:55 +01:00
Mario Campos
3195f0c828 Use more specific hasGlobalName() for stdlib function free(3) 
Based on the CodeQL documentation's example of strncpy(3) and strlen(3): https://codeql.github.com/docs/codeql-language-guides/hash-consing-and-value-numbering/#example-query
 2024-04-26 09:10:40 -05:00
Mario Campos
d7c784ef2f Initial commit of experimental query cpp/guarded-free. 2024-04-25 16:29:37 -05:00
Geoffrey White
553871678a C++: Change note. 2024-04-25 16:52:01 +01:00
Geoffrey White
15123a7b40 C++: Reduce duplication. 2024-04-25 16:49:22 +01:00
Geoffrey White
0fb71e24cb C++: Fix typo. 2024-04-25 14:52:56 +01:00
Mathias Vorreiter Pedersen
cedc84df8f C++: Fix FPs by only having one dataflow config. This means we preserve the call context all the way though from the source to the sink. 2024-04-19 08:27:41 +01:00
Mathias Vorreiter Pedersen
622f69e1a1 Merge pull request #16238 from MathiasVP/fix-terator-to-expired-container-fp 2024-04-18 10:24:13 +01:00
Alexander Eyers-Taylor
da3fa22cbd Merge pull request #16228 from github/post-release-prep/codeql-cli-2.17.1 
Post-release preparation for codeql-cli-2.17.1
 2024-04-17 11:24:34 +01:00
Mathias Vorreiter Pedersen
96ba3ec88e C++: Rename predicate. 2024-04-17 10:10:54 +01:00
Mathias Vorreiter Pedersen
eb2790ae63 C++: Fix 'case 2' in 'destroyedToBeginSink' now that we're working with the sink instead of the source. 2024-04-17 10:10:39 +01:00
Mathias Vorreiter Pedersen
d22e2bae8e C++: Select the post-update node in 'getADestroyedNode'. 2024-04-17 10:10:39 +01:00
Mathias Vorreiter Pedersen
b2974ba1c6 C++: Factor body of isSink into its own predicate. 2024-04-17 10:10:21 +01:00
Mathias Vorreiter Pedersen
c3cf425079 C++: Use interpolation to avoid a bad join order. 2024-04-16 16:24:08 +01:00
github-actions[bot]
622e176a16 Post-release preparation for codeql-cli-2.17.1 2024-04-16 14:21:32 +00:00
Mathias Vorreiter Pedersen
8888ee9fa8 Merge pull request #16149 from codeqlhelper/main 
C++: Improvements to reduce false alarms
 2024-04-16 15:03:31 +01:00
Mathias Vorreiter Pedersen
2627a3dcb7 Merge pull request #15371 from geoffw0/mad 
C++: Implement models-as-data
 2024-04-16 14:33:12 +01:00
Mathias Vorreiter Pedersen
e1884c193b C++: Add tests (and fix a missing quote in the alert message). 2024-04-16 14:20:19 +01:00
Mathias Vorreiter Pedersen
6cb5db2387 C++: Improve change note comments. 2024-04-16 13:55:55 +01:00
Mathias Vorreiter Pedersen
439afd97ba C++: Small performance optimization. 2024-04-16 13:54:58 +01:00
Mathias Vorreiter Pedersen
132bb9f1d6 C++: Address (my own) review comments. 2024-04-16 13:53:27 +01:00
github-actions[bot]
9bfe4ea90a Release preparation for version 2.17.1 2024-04-15 17:34:47 +00:00
Mathias Vorreiter Pedersen
aac1070aca C++: Consistent naming. 2024-04-12 17:00:46 +01:00
Mathias Vorreiter Pedersen
413d3abbd7 C++: Add new AST consistency check. 2024-04-12 16:57:19 +01:00
Geoffrey White
e29ce5f5d5 Merge branch 'main' into mad 2024-04-12 14:30:44 +01:00
Anders Schack-Mulligen
f202661912 C++: Add alert provenance plumbing. 2024-04-12 09:20:06 +02:00
Geoffrey White
36db493723 C++: Autoformat. 2024-04-10 15:02:19 +01:00
Mathias Vorreiter Pedersen
8a92a4250f C++: Autoformat. 2024-04-09 17:53:33 +01:00
codeqlhelper@gmail.com
334c0d0449 ... 2024-04-09 02:06:06 +08:00
codeqlhelper
fc26e148fd Create 2024-04-09-reduce-FP.md 2024-04-09 02:00:52 +08:00
codeqlhelper
af2a7eadc3 Reduce false alarms of InconsistentNullnessTesting.ql 
We should ignore `checked` in a macro to avoid too many false alarms,
 2024-04-09 00:07:40 +08:00
codeqlhelper
fb15a4ea11 Reduce the false alarms of GlobalUseBeforeInit.ql 2024-04-09 00:03:05 +08:00
erik-krogh
3ab73c8552 C++: Improve the cpp/path-injection qhelp 2024-04-05 09:36:39 +02:00
Geoffrey White
a8742ea111 C++: PascalCase and US spelling fixes. 2024-04-03 14:17:55 +01:00
Geoffrey White
33164c8a43 Merge branch 'main' into mad 2024-04-02 16:14:53 +01:00
Mathias Vorreiter Pedersen
bd0ddec630 C++: Fix join order in 'cpp/double-free'. 2024-04-02 09:59:53 +01:00