hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,734 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.4
Commit Graph

12858 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
9762313500 C++: Implement jumpStep using the indirection instead of index. 2023-11-09 20:27:23 +00:00
Mathias Vorreiter Pedersen
95bb70f577 C++: Also add a 'getIndirection' on 'GlobalDef' as well. This will be useful in the next commit. 2023-11-09 20:25:29 +00:00
Benjamin Rodes
5e140021fb Removed non-ascii characters. 2023-11-09 15:24:58 -05:00
Mathias Vorreiter Pedersen
fd26ae18bf C++: Obtain the SSA variable of a 'GlobalUse' using the indirection instead of the index (like we do for non-global uses as well). 2023-11-09 20:20:27 +00:00
Mathias Vorreiter Pedersen
bb5a78d3f1 C++: Factor the IPA body of 'TGlobalUse' and 'TGlobalDef' out into predicates. 2023-11-09 20:17:47 +00:00
Anders Schack-Mulligen
657c29f409 Java/C++: Share valueFlowStep. 2023-11-09 20:24:28 +01:00
Benjamin Rodes
8674139de6 Change log file name change 2023-11-09 13:24:14 -05:00
Mathias Vorreiter Pedersen
0963af2ee7 C++: Add failing tests. 2023-11-09 18:01:22 +00:00
Jeroen Ketema
a051a57e00 Update cpp/ql/lib/semmle/code/cpp/models/implementations/Strcat.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-11-09 17:48:45 +01:00
Jeroen Ketema
0b91310357 C++: Add models for strlcpy and strlcat 2023-11-09 17:21:37 +01:00
Anders Schack-Mulligen
b8e7e1d15e Java/C++: Share ssaUpdateStep. 2023-11-09 16:02:44 +01:00
Anders Schack-Mulligen
daffae020b Java/C++: Share eqFlowCond. 2023-11-09 16:00:46 +01:00
Mathias Vorreiter Pedersen
7048190929 Update cpp/ql/src/Security/CWE/CWE-120/UnboundedWrite.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-11-09 12:39:10 +00:00
Anders Schack-Mulligen
abe0bb70ac C++: Fix operand ssa variables for range analysis. 2023-11-09 12:26:53 +01:00
Ben Rodes
79dcb4b48c Update cpp/ql/lib/change-notes/2023-11-8-strsafe-models.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-11-08 12:37:55 -05:00
Benjamin Rodes
bdae2af0e2 Adding missing strsafe sprintf variants. 2023-11-08 12:20:53 -05:00
Benjamin Rodes
c3ff181198 Adding change log 2023-11-08 12:20:04 -05:00
Mathias Vorreiter Pedersen
38bd893c81 Merge branch 'main' into no-dtt-in-unbounded-write 2023-11-08 15:06:59 +00:00
Mathias Vorreiter Pedersen
e90803a81c C++: Rewrite 'cpp/unbounded-write' away from DefaultTaintTracking. 2023-11-08 14:57:04 +00:00
Anders Schack-Mulligen
1f4cd74a1c Java/C++: Move SsaReadPosition to shared qlpack. 2023-11-08 12:11:17 +01:00
Mathias Vorreiter Pedersen
ab64d9a9d6 Merge pull request #14713 from MathiasVP/no-gvn-as-ssa-in-range-analysis 
C++: Don't use GVN as SSAVariable in new range analysis
 2023-11-08 09:28:15 +00:00
Anders Schack-Mulligen
45ae4ed362 Merge pull request #14711 from aschackmull/shared/rangeutil-share2 
Java/C++/RangeAnalysis: Move a couple of utility predicates to shared qlpack
 2023-11-08 08:33:12 +01:00
Mathias Vorreiter Pedersen
a8eed6bd7e Merge pull request #14704 from MathiasVP/fix-uninitialized-local 
C++: IR'ify `cpp/uninitialized-local` and fix FPs
 2023-11-07 22:45:34 +00:00
Mathias Vorreiter Pedersen
69502d0c31 C++: Add some more tests. 2023-11-07 17:31:01 +00:00
Mathias Vorreiter Pedersen
1c8f474848 C++: Add comment as suggested in the PR review for #14708. 2023-11-07 15:16:38 +00:00
Mathias Vorreiter Pedersen
2787f0a0fc Merge pull request #14708 from MathiasVP/add-testcase-for-range-analysis 
C++: Add range analysis testcase
 2023-11-07 15:15:45 +00:00
Mathias Vorreiter Pedersen
2d43eec3c3 C++: Accept test changes. 2023-11-07 14:57:30 +00:00
Mathias Vorreiter Pedersen
91b29eee53 C++: Don't use GVN as an SSAVariable in range analysis. 2023-11-07 14:52:50 +00:00
Mathias Vorreiter Pedersen
a04830b8b2 Merge pull request #14697 from MathiasVP/range-analysis-simplify-conversions 
C++: Simplify the definition of `SemExpr` for range analysis
 2023-11-07 14:52:09 +00:00
Anders Schack-Mulligen
12cba7909b Java/C++: Move range util guard-controls predicates to shared pack. 2023-11-07 15:14:34 +01:00
Anders Schack-Mulligen
f2ca52d951 Java/C++: Move range util backEdge predicate to shared pack. 2023-11-07 15:14:34 +01:00
Mathias Vorreiter Pedersen
9dca6697fb C++: Add a testcase that fails to terminate in modulus analysis when we don't have IR operands as SSA variables. 2023-11-07 11:52:35 +00:00
Mathias Vorreiter Pedersen
6669cf805f C++: Add change note. 2023-11-07 09:32:07 +00:00
Mathias Vorreiter Pedersen
0fd4d4a114 C++: Add QLDoc. 2023-11-07 09:29:34 +00:00
Mathias Vorreiter Pedersen
022c9eb3cd C++: Add a barrier feature to 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
6bf2d47321 C++: Allow source = sink in 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
1dc08941f8 C++: Use 'MustFlow' in 'cpp/uninitialized-local'. 2023-11-07 09:23:41 +00:00
Mathias Vorreiter Pedersen
a17cd9bc1c Merge pull request #14667 from MathiasVP/more-function-input-and-output-ipa-numbers 
C++: Allocate more `FunctionInput` and `FunctionOutput`s
 2023-11-07 08:57:31 +00:00
Mathias Vorreiter Pedersen
4455ed982d C++: Accept query test changes. 2023-11-06 17:33:46 +00:00
Mathias Vorreiter Pedersen
d38fa13299 C++: Remove more uses of 'getConverted' and 'getUnconverted'. 2023-11-06 16:11:55 +00:00
Mathias Vorreiter Pedersen
e91987b1a9 C++: Accept test changes. 2023-11-06 16:02:06 +00:00
Mathias Vorreiter Pedersen
d544f47746 C++: Simplify the definition of 'SemExpr' by instead making non-overflowing conversions copy value expressions. 2023-11-06 16:01:59 +00:00
Mathias Vorreiter Pedersen
31c2a3be98 C++: Don't redefine the meaning of the single-parameter 'isParameterDeref' and accept test changes. 2023-11-06 15:52:58 +00:00
Mathias Vorreiter Pedersen
ff30308a2b C++: Only the first indirection of the argument should be the remote flow sink. 2023-11-06 13:57:14 +00:00
Mathias Vorreiter Pedersen
cd2eec0aa0 C++: Also override the single-parameter 'isParameterDeref' in 'InParameterDeref'. 2023-11-06 13:23:31 +00:00
Anders Schack-Mulligen
132cc03e3b Merge pull request #14664 from aschackmull/shared/modulus-step 
RangeAnalysis: Improve bounds that rely on relative modulus.
 2023-11-03 08:16:48 +01:00
Mathias Vorreiter Pedersen
679d64f0e8 Merge pull request #14647 from microsoft/24-odbc-model-instantiation-upstream2 
C++: Adding a model implementation for ODBC.
 2023-11-02 19:42:27 +00:00
Benjamin Rodes
30a512c96b Formatting 2023-11-02 15:01:15 -04:00
Benjamin Rodes
947e0274c7 Adding sql injection test for ODBC. 2023-11-02 13:27:42 -04:00
Benjamin Rodes
f404d7a5f8 Changes to address pr comments. 2023-11-02 13:11:23 -04:00