hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,258 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.3
Commit Graph

1855 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
7fbc62358e C++: Accept test changes after making the exprMightOverFlow predicates more sound. 2021-04-15 13:57:44 +02:00
Mathias Vorreiter Pedersen
d1457995dd C++: Use range analysis in Overflow.qll 2021-04-13 16:39:28 +02:00
Geoffrey White
4879104568 C++: Add more dataflow cases to replace the loss. 2021-04-13 15:09:12 +01:00
Geoffrey White
b0ad927fdd C++: Remove useUsePair. 2021-04-13 15:03:06 +01:00
Geoffrey White
3b437fe6cf C++: Replace GVN with some other libraries. 2021-04-09 15:21:42 +01:00
Geoffrey White
517fd23ca5 C++: Correct and add to test cases. 2021-04-08 09:48:38 +01:00
Geoffrey White
a8193dac08 C++: Reintroduce the exprMightOverflowNegatively bit. 2021-04-06 22:36:59 +01:00
Geoffrey White
60e4faba4c C++: Add linear expression logic. 2021-04-06 22:28:36 +01:00
Geoffrey White
48ff8e237c C++: Rewrite the range analysis exclusion to be recursive and more robust. 2021-04-06 22:26:55 +01:00
Geoffrey White
3ecd13531f C++: Improve isGuarded. 2021-04-06 22:21:59 +01:00
Geoffrey White
59ff3f315b C++: Add test cases exploring issues and potential issues with the query (especially related to simple range analysis). 2021-04-06 22:21:25 +01:00
Mathias Vorreiter Pedersen
a5f4d43d61 C++: Fix false positive by adding another allow-list pattern in AssignWhereCompareMeant. 2021-04-06 11:01:38 +02:00
Mathias Vorreiter Pedersen
7045597139 C++: Add testcase with false positive from #5318. 2021-04-06 10:58:15 +02:00
Mathias Vorreiter Pedersen
fe76b0849b Merge pull request #5569 from geoffw0/memoryfree 
C++: Add a test of memory freed queries with strdup.
 2021-03-30 17:22:18 +02:00
Mathias Vorreiter Pedersen
92839123ae Merge pull request #5570 from geoffw0/mutextest 
C++: Add mutex test cases.
 2021-03-30 17:16:19 +02:00
Geoffrey White
a8284d5b97 C++: Add mutex test case. 2021-03-30 15:39:21 +01:00
Geoffrey White
244966e216 C++: Add a test with strdup. 2021-03-30 14:49:05 +01:00
Geoffrey White
ec952248a9 C++: Test strdup with AV Rule 79. 2021-03-30 12:58:04 +01:00
Geoffrey White
f27203cc43 C++: Test spacing. 2021-03-30 12:57:43 +01:00
Mathias Vorreiter Pedersen
c7c65736a9 C++: Accept test changes. These happened because of the incorrect usage of multiple configurations in 6c1ec6d96b. 2021-03-26 10:57:58 +01:00
Mathias Vorreiter Pedersen
983b64a05f Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-26 09:11:12 +01:00
Geoffrey White
b38a9d51e6 C++: Effect of 'Don't override getParameterSizeIndex in the model for Accept'... 2021-03-23 12:26:59 +00:00
Geoffrey White
13eb9e0833 C++: Fix the test. 2021-03-23 12:26:58 +00:00
Geoffrey White
30e1b88b7f C++: Extend test. 2021-03-23 12:26:58 +00:00
Mathias Vorreiter Pedersen
6c1ec6d96b C++: Accept test changes. 2021-03-19 16:09:05 +01:00
Jonas Jensen
98c1aa5298 Merge pull request #5271 from github/files-query 
C++: Summary metrics queries
 2021-03-19 12:56:19 +01:00
Cornelius Riemenschneider
fa3ac30894 C++: Update query to latest spec. 2021-03-16 09:56:38 +00:00
Cornelius Riemenschneider
f75b969ffc C++: Only include sum of LoC in the new non-alert summary queries for now. 2021-03-15 11:32:10 +00:00
Mathias Vorreiter Pedersen
5667901a2a C++: Accept test changes after merge from main (which changed the path explanations). 2021-03-11 21:16:57 +01:00
Mathias Vorreiter Pedersen
a2d75c4fed Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-11 18:06:37 +01:00
Cornelius Riemenschneider
97ab842010 C++: Update summary queries. 2021-03-11 12:44:30 +00:00
Mathias Vorreiter Pedersen
01cc2f2c77 Merge pull request #5366 from MathiasVP/better-path-explanation-for-this-indirection 
C++: Replace 'Argument -1 indirection' with 'This indirection'
 2021-03-11 10:48:44 +01:00
Jonas Jensen
e1adf5e8b0 Merge pull request #5218 from MathiasVP/no-write-side-effects-for-const-pointer-params 
C++: Don't generate write side effects for const parameter indirections
 2021-03-11 09:48:05 +01:00
Mathias Vorreiter Pedersen
55da16c4a9 C++: Accept test changes. 2021-03-11 09:27:45 +01:00
Mathias Vorreiter Pedersen
bc36e0db43 C++: Accept more test changes. 2021-03-10 16:51:13 +01:00
Mathias Vorreiter Pedersen
0b6589c8be C++: Accept test changes. 2021-03-10 15:47:06 +01:00
Mathias Vorreiter Pedersen
19d08d7b40 Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-09 12:35:44 +01:00
Mathias Vorreiter Pedersen
7207a17f6f C++: Accept more tests. 2021-03-08 16:50:12 +01:00
Dave Bartolomeo
863497c695 C++: Update naming of queries and paths to use "summary" instead of "metrics" 2021-03-05 14:36:26 -05:00
Mathias Vorreiter Pedersen
748f5344ff Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-02 10:43:37 +01:00
Mathias Vorreiter Pedersen
72daf2eef9 C++: Make the tests more realistic by actually using the local variable for something. Otherwise it looks like a zero-initialization of a buffer, which the query now tries to exclude. 2021-02-26 09:19:05 +01:00
Dave Bartolomeo
2e02625f22 C++: Summary metrics queries 
This is a first attempt at implementing, for C++, the set of summary queries that we expect all languages to implement to help diagnose extraction failures and build configuration problems. See the spec in [this document](https://docs.google.com/document/d/1V3zpkj0OGh8GEUVwACRx7fiafE5zklujAftZaYUyf9s/edit?usp=sharing). The five queries are:

- Total number of source files (including .c/.cpp and header files)
- Total number of lines of text across all text files
- Total number of lines of code across all text files
- Number of lines of text in each source file
- Number of lines of code in each source file

I've added some simple unit tests that cover all five of these.
 2021-02-25 12:53:39 -05:00
Mathias Vorreiter Pedersen
d33209388d C++: Fix test annotations. Also exclude static locals from the query and add a testcase for this. 2021-02-25 13:25:11 +01:00
Mathias Vorreiter Pedersen
ef8b734863 C++: Move tests out of experimental and merge with old existing tests from the other memset PRs. 2021-02-24 18:02:16 +01:00
Mathias Vorreiter Pedersen
299f371715 C++: Accept more test changes. 2021-02-19 16:01:31 +01:00
Mathias Vorreiter Pedersen
25beadcb05 Update cpp/ql/test/query-tests/Security/CWE/CWE-079/semmle/CgiXss/search.c 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-02-17 11:54:24 +01:00
Mathias Vorreiter Pedersen
f5d5460dde C++: Fix testcase. 2021-02-17 10:53:31 +01:00
Mathias Vorreiter Pedersen
fa44cedd38 C++: Add isBarrier to CgiXss.ql. 2021-02-16 18:58:28 +01:00
Mathias Vorreiter Pedersen
fd596ebbbb C++: Move cpp/unsigned-difference-expression-compared-zero out of experimental. 2021-02-04 16:10:34 +01:00
Jonas Jensen
e3bdebf7a0 Merge pull request #5077 from jbj/revert-nested-fields 
C++: Revert #4784
 2021-02-03 14:07:28 +01:00