hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,258 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.3
Commit Graph

3218 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
2f8d71762c C++: Disable standard order for 'convertsIntoArgumentRev'. 2023-03-01 15:16:49 +00:00
Mathias Vorreiter Pedersen
d5b0ad6bfc C++: Remove cached predicate that's no longer used. 2023-02-28 16:20:29 +00:00
Mathias Vorreiter Pedersen
85c7116e8f C++: Fix the following join (I canceled it mid-way): 
```
Tuple counts for SsaInternals#7b362d2f::getAPriorDefinition#1#ff/2@bfabfc7o after 11.4s:
  1000      ~4%     {2} r1 = SCAN Ssa#da392372::Make#SsaInternals#7b362d2f::SsaInput#::Definition::definesAt#3#dispred#ffff OUTPUT In.1, In.0
  474321529 ~0%     {4} r2 = JOIN r1 WITH SsaInternals#7b362d2f::DefOrUse::hasIndexInBlock#3#dispred#ffff_3012#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.2, Rhs.3, Rhs.1
  0         ~0%     {2} r3 = JOIN r2 WITH SsaInternals#7b362d2f::SsaCached::lastRefRedef#4#ffff ON FIRST 3 OUTPUT Lhs.3, Rhs.3
  0         ~0%     {2} r4 = JOIN r3 WITH SsaInternals#7b362d2f::nodeToDefOrUse#3#fff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1 'result'
  0         ~0%     {2} r5 = JOIN r4 WITH SsaInternals#7b362d2f::ssaDefinition#1#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'defOrUse', Lhs.1 'result'
                    return r5
```
 2023-02-28 09:53:37 +00:00
Mathias Vorreiter Pedersen
3906a1923b Merge branch 'mathiasvp/replace-ast-with-ir-use-usedataflow' into no-taint-indirect-direct-conflation 2023-02-27 18:40:04 +00:00
Mathias Vorreiter Pedersen
f9c724d9a3 Merge pull request #12325 from MathiasVP/gets-return-deref 
C++: Make `gets` indirect output a LocalFlowSource
 2023-02-27 18:39:36 +00:00
Jeroen Ketema
9c202f508f Merge pull request #12324 from jketema/taint-fix 
C++: Use correct DataFlow import in new TaintTracking.qll
 2023-02-27 18:37:46 +01:00
Mathias Vorreiter Pedersen
7bb806563f Merge branch 'mathiasvp/replace-ast-with-ir-use-usedataflow' into no-taint-indirect-direct-conflation 2023-02-27 17:19:36 +00:00
Mathias Vorreiter Pedersen
a4c075f03b C++: The data pointed to by 'gets' is also a source of user input. 2023-02-27 16:25:32 +00:00
Jeroen Ketema
b4f6d519db C++: Use correct DataFlow import in new TaintTracking.qll 
Using the IR version directly gives errors about conflicting imports if both
DataFlow and TaintTracking are imported.
 2023-02-27 17:22:12 +01:00
Mathias Vorreiter Pedersen
d2f8cb6920 Merge branch 'mathiasvp/replace-ast-with-ir-use-usedataflow' into fix-enclosing-callable 2023-02-27 15:02:39 +00:00
Mathias Vorreiter Pedersen
31f3504113 C++: Remove this bad materialization: 
```
Evaluated relational algebra for predicate _CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs_SsaInternals#50208335::DefO__#shared@ec353boa with tuple counts:
  459594    ~0%     {2} r1 = JOIN _IRVariable#e9bf30b2::IRVariable::getAst#0#dispred#ff_Parameter#ed81dd8f::Parameter#f#shared WITH SsaInternalsCommon#3c4fa02d::BaseIRVariable::getIRVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'arg1', Rhs.1
  461383    ~2%     {3} r2 = JOIN r1 WITH Variable#7a968d4e::Variable::getUnspecifiedType#0#dispred#ff ON FIRST 1 OUTPUT Lhs.0 'arg1', Lhs.1, Rhs.1
  477945    ~6%     {4} r3 = JOIN r2 WITH Variable#7a968d4e::Variable::getUnspecifiedType#0#dispred#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.0 'arg1', Lhs.1, Rhs.1
  346338    ~2%     {4} r4 = JOIN r3 WITH SsaInternalsCommon#3c4fa02d::Indirection::getNumberOfIndirections#0#dispred#ff ON FIRST 1 OUTPUT Lhs.3, Lhs.1 'arg1', Lhs.2, Rhs.1 'arg2'
  178593374 ~0%     {4} r5 = JOIN r4 WITH CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs ON FIRST 1 OUTPUT Lhs.2, Lhs.1 'arg1', Lhs.3 'arg2', Rhs.1 'arg3'
  934806228 ~0%     {4} r6 = JOIN r5 WITH SsaInternals#50208335::DefOrUse::getSourceVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0', Lhs.1 'arg1', Lhs.2 'arg2', Lhs.3 'arg3'
                    return r6

Tuple counts for _DataFlowPrivate#fbdd7bd7::InstructionNode0#class#ff_SsaInternals#50208335::Def#ff_SsaInternals#5020__#antijoin_rhs/4@305d42l5 after 25.6s:
  180185672 ~0%     {4} r1 = JOIN _CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs_SsaInternals#50208335::DefO__#shared WITH SsaInternals#50208335::Def#ff ON FIRST 1 OUTPUT Lhs.0 'arg3', Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2'
  180185672 ~0%     {5} r2 = JOIN r1 WITH SsaInternals#50208335::Def::getValue#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.0 'arg3'
  180185672 ~0%     {5} r3 = JOIN r2 WITH DataFlowPrivate#fbdd7bd7::InstructionNode0#class#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.4 'arg3'
  178459578 ~1%     {4} r4 = JOIN r3 WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.4 'arg3'
                    return r4

Tuple counts for SsaInternals#7b362d2f::TFinalParameterUse#dom#ff/2@9ff4dbcg after 7.9s:
  180185672 ~1%         {4} r1 = JOIN _CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs_SsaInternals#50208335::DefO__#shared WITH SsaInternals#50208335::Def#ff ON FIRST 1 OUTPUT Lhs.1 'p', Lhs.2, Lhs.3, Lhs.0
  1726094   ~0%         {4} r2 = r1 AND NOT _DataFlowPrivate#fbdd7bd7::InstructionNode0#class#ff_SsaInternals#50208335::Def#ff_SsaInternals#5020__#antijoin_rhs(Lhs.0 'p', Lhs.1, Lhs.2, Lhs.3)
  1726094   ~54%        {4} r3 = SCAN r2 OUTPUT In.0 'p', In.1, In.2, 1
  1769636   ~54%        {5} r4 = JOIN r3 WITH PRIMITIVE range#bbf ON Lhs.3,Lhs.1

  1769636   ~45%        {4} r5 = SCAN r4 OUTPUT In.2, (In.4 'indirectionIndex' + 1), In.0 'p', In.4 'indirectionIndex'
  591253    ~11541%     {2} r6 = JOIN r5 WITH SsaInternalsCommon#3c4fa02d::isModifiableAtImpl#2#ff ON FIRST 2 OUTPUT Lhs.2 'p', Lhs.3 'indirectionIndex'

  1769636   ~52%        {4} r7 = SCAN r4 OUTPUT In.2, In.0 'p', In.4 'indirectionIndex', (In.4 'indirectionIndex' + 1)
  1724893   ~41%        {5} r8 = JOIN r7 WITH CppType#d1355c92::CppType::hasType#2#dispred#fff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'p', Lhs.0, Lhs.2 'indirectionIndex', Lhs.3
  1718843   ~46%        {5} r9 = JOIN r8 WITH Type#2e8eb3ef::Type::stripType#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'p', Lhs.2, Lhs.3 'indirectionIndex', Lhs.4
  8608      ~0%         {5} r10 = JOIN r9 WITH SmartPointer#917721ba::SmartPtr#f ON FIRST 1 OUTPUT Lhs.1 'p', Lhs.2, Lhs.3 'indirectionIndex', Lhs.4, Lhs.0
  8608      ~0%         {5} r11 = r10 AND NOT PointerWrapper#7cc81d2d::PointerWrapper::pointsToConst#0#dispred#f(Lhs.4)
  8608      ~4986%      {2} r12 = SCAN r11 OUTPUT In.0 'p', In.2 'indirectionIndex'

  599861    ~11711%     {2} r13 = r6 UNION r12
                        return r13
```
 2023-02-27 14:57:36 +00:00
Mathias Vorreiter Pedersen
1db24dd28d C++: Fix missing types. We now assign the node corresponding to **p 
an `UnknownType`.
 2023-02-27 14:57:36 +00:00
Mathias Vorreiter Pedersen
16ba4652af C++: Allocate an additional indirection for void pointers. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
52e6e1dece C++: Fix flow through partial definitions. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
057e810122 C++: Fix flow through arrays. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
2cb4a554ea C++: Fix a bug in Expr <-> Node mapping. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
5a8b900394 C++: Properly track smart pointer wrappers. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
64abf5b163 C++: Add conflation into DefaultTaintTracking. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
b951bf0f8f C++: Remove conflation from taint-tracking. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
a5bb093935 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-02-27 14:57:06 +00:00
Mathias Vorreiter Pedersen
7437de2909 C++: Fix issue where 'getEnclosingCallable' didn't exist for some globals. 2023-02-27 14:06:13 +00:00
Anders Schack-Mulligen
7e3e10c34b C/C++: Remove reference to Partial Flow. 2023-02-27 14:30:05 +01:00
Anders Schack-Mulligen
bf650c755c Dataflow: Sync changes to all languages. 2023-02-27 14:30:05 +01:00
github-actions[bot]
8eb8daa4d4 Post-release preparation for codeql-cli-2.12.3 2023-02-16 17:23:25 +00:00
github-actions[bot]
b0315119c6 Release preparation for version 2.12.3 2023-02-16 11:49:06 +00:00
Mathias Vorreiter Pedersen
2203eb6607 C++: Fix Code Scanning error. 2023-02-15 11:51:55 +00:00
Mathias Vorreiter Pedersen
c11218fcde Merge pull request #12184 from MathiasVP/discriminate-union-contents 2023-02-14 23:36:02 +00:00
Jeroen Ketema
1d4e9745a3 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-02-14 15:40:36 +01:00
Mathias Vorreiter Pedersen
2591460731 Merge pull request #12181 from MathiasVP/fix-node-type 
C++: Fix node types
 2023-02-14 13:54:12 +00:00
Mathias Vorreiter Pedersen
ba0be2fd9f C++: Better discriminate for unions. 2023-02-14 13:26:40 +00:00
Mathias Vorreiter Pedersen
b01a45f7be C++: Respond to PR reviews. 2023-02-14 09:51:48 +00:00
Mathias Vorreiter Pedersen
bda46b3748 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-02-14 09:49:32 +00:00
Mathias Vorreiter Pedersen
ffef81bc47 C++: Add QLDoc. 2023-02-14 09:38:43 +00:00
Mathias Vorreiter Pedersen
0a3f958849 C++: Use content approximations. 2023-02-14 09:10:10 +00:00
Mathias Vorreiter Pedersen
cc036c188f C++: Fix missing and spurious types. 2023-02-14 09:01:42 +00:00
Anders Schack-Mulligen
e877b161d8 Merge pull request #12124 from hvitved/dataflow/stage1-dispatch 
Data flow: Call context virtual dispatch pruning in stage 1
 2023-02-13 13:13:43 +01:00
Jeroen Ketema
b9200c92d5 C++: Address review comments 2023-02-13 11:14:48 +01:00
Jeroen Ketema
3dfe0adf0a C++: Fix formatting 2023-02-13 09:45:23 +01:00
Jeroen Ketema
3482158fee C++: Add semmle.code.cpp.dataflow.new 2023-02-13 09:38:23 +01:00
Tom Hvitved
f7a5a33474 Address review comment 2023-02-13 09:01:15 +01:00
Mathias Vorreiter Pedersen
378484ec01 Merge pull request #12149 from MathiasVP/fewer-flowthroughs 
C++: Fix spurious flow-through
 2023-02-10 18:45:46 +00:00
Jeroen Ketema
7bd28183ba Merge pull request #12151 from jketema/remove-experimental-dataflow 
C++: Remove experimental copy of the use-use IR dataflow library
 2023-02-10 18:08:14 +01:00
Jeroen Ketema
b023c6bb23 C++: Remove experimental copy of the use-use IR dataflow library 2023-02-10 16:20:33 +01:00
Jeroen Ketema
1a83b712a0 C++: Add change note 2023-02-10 15:27:49 +01:00
Mathias Vorreiter Pedersen
9a8b3bad31 C++: Respond to PR reviews. 2023-02-10 13:56:19 +00:00
Jeroen Ketema
ecdeb9a970 C++: Revert semmle.code.cpp.dataflow to its old state 
While here make sure all queries and tests use IR dataflow when appropriate.
 2023-02-10 14:21:44 +01:00
Mathias Vorreiter Pedersen
5bd7589109 C++: Fix spurious flow though and accept test changes. 2023-02-10 12:42:40 +00:00
Mathias Vorreiter Pedersen
e1aef3127c Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-02-10 09:23:37 +00:00
Mathias Vorreiter Pedersen
9aa9187dd7 Merge pull request #12141 from MathiasVP/fix-multiple-out-nodes 
C++: Deduplicate `OutNode`s
 2023-02-10 08:39:16 +00:00
Mathias Vorreiter Pedersen
981c976754 C++: Expand comments. 2023-02-09 17:10:07 +00:00