hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,207 Commits 1,672 Branches 157 Tags
codeql-cli-2.20.5
Commit Graph

3280 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
e72a0b2f8c Dataflow: Add change notes. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
941aa7ae28 C/C++: Don't force-include default steps in DefaultTaintTrackingImpl. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
95d17045c9 Dataflow: Sync. 2023-07-19 11:41:15 +02:00
Mathias Vorreiter Pedersen
2f48cde2e5 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-19 10:28:05 +01:00
Mathias Vorreiter Pedersen
9a8fb0b93a Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-19 10:27:55 +01:00
Mathias Vorreiter Pedersen
3e1b4d97fe C++: Add QLDoc. 2023-07-18 18:15:25 +01:00
Mathias Vorreiter Pedersen
576f021c25 C++: Fix Code Scanning errors. 2023-07-18 18:15:25 +01:00
Mathias Vorreiter Pedersen
5099de5b3d C++: Split the query into 4 files. 2023-07-18 18:15:18 +01:00
Jeroen Ketema
aad094bdd0 C++: Handle FunctionAccesses with qualifiers 
Also fix the IR generation for these and add more IR tests involving value
categories.
 2023-07-18 16:35:39 +02:00
Mathias Vorreiter Pedersen
a038b389c3 C++: More cleanup. 2023-07-18 14:03:04 +01:00
Jeroen Ketema
a426010b06 Merge pull request #13621 from MathiasVP/deprecate-ast-dataflow 
C++: Deprecate AST dataflow
 2023-07-18 08:13:47 +02:00
Mathias Vorreiter Pedersen
11f2681904 Merge pull request #13740 from MathiasVP/unique-entry-point 
C++: Exclude invalid functions from new range analysis
 2023-07-17 13:32:50 +01:00
Mathias Vorreiter Pedersen
f9db6a9868 C++: Don't do range analysis on malformed IR. 2023-07-17 10:15:01 +01:00
Anders Schack-Mulligen
837df2ad37 Dataflow: Sync. 2023-07-13 10:55:39 +02:00
Ed Minnix
63299688d5 Add change notes for default implementations of isBarrier and isAdditionalFlowStep 2023-07-12 15:21:16 -04:00
Ed Minnix
2c0a456855 C++: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:24 -04:00
Ed Minnix
c73cd73001 C++: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:24 -04:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Mathias Vorreiter Pedersen
44f23bfa59 Merge pull request #13690 from github/post-release-prep/codeql-cli-2.14.0 
Post-release preparation for codeql-cli-2.14.0
 2023-07-07 23:39:38 +01:00
github-actions[bot]
13cf054a9d Post-release preparation for codeql-cli-2.14.0 2023-07-07 14:55:41 +00:00
Mathias Vorreiter Pedersen
a826c8327a Merge pull request #13682 from jketema/ptr-comp 
C++: Support pointer addition and subtraction in the IRGuards library
 2023-07-07 11:32:43 +01:00
Jeroen Ketema
2c2903d58d C++: Add change note 2023-07-07 11:27:46 +02:00
github-actions[bot]
6484ee106e Release preparation for version 2.14.0 2023-07-07 08:22:14 +00:00
Dave Bartolomeo
139585fe5c Merge pull request #13681 from github/dbartol/mergeback-3.10 
Mergeback `rc/3.10` -> `main`
 2023-07-06 12:13:17 -04:00
Jeroen Ketema
8d05d8a4dc C++: Add change note 2023-07-06 17:14:49 +02:00
Jeroen Ketema
8bc8ef4dda C++: Support pointer addition and subtraction in the IRGuards library 
It seems this was something supported by the AST Guards library
 2023-07-06 16:54:44 +02:00
Dave Bartolomeo
9631e9f2f1 Bump minor version numbers post-GHES 2023-07-06 10:10:01 -04:00
Jeroen Ketema
fa2ee26379 C++: Add more default predicates to product flow 2023-07-06 16:06:36 +02:00
Dave Bartolomeo
2bb9adfbf1 Merge remote-tracking branch 'origin/main' into dbartol/mergeback-3.10 2023-07-06 10:00:46 -04:00
Mathias Vorreiter Pedersen
83d0dec0fb DataFlow: Sync identical files. 2023-07-06 14:00:00 +01:00
Mathias Vorreiter Pedersen
4cc2771bbf C++: Speed up the big step relation by specializing the 'isUnrachableInCall' predicate. 2023-07-06 13:59:52 +01:00
Chuan-kai Lin
ce464a7d69 Remove pragma[assume_small_delta] 2023-06-30 11:09:29 -07:00
github-actions[bot]
668aaa2dc8 Post-release preparation for codeql-cli-2.13.5 2023-06-30 08:51:48 +00:00
Mathias Vorreiter Pedersen
8d3e845474 C++: Add change note. 2023-06-29 15:32:48 +01:00
Mathias Vorreiter Pedersen
cd2f0ecbc8 C++: Deprecate AST dataflow. 2023-06-29 15:13:36 +01:00
Mathias Vorreiter Pedersen
e4126ae6d4 Merge branch 'main' into implement-is-unreachable-in-call-2 2023-06-29 14:46:28 +01:00
github-actions[bot]
9d7987f822 Release preparation for version 2.13.5 2023-06-29 09:26:18 +00:00
Mathias Vorreiter Pedersen
9e82ce8a13 C++: Implement 'isUnreachableInCall'. 2023-06-28 14:37:35 +01:00
Mathias Vorreiter Pedersen
78f2fe8d5e C++: Fix join in 'argumentOf'. 
Before:
```
[2023-06-28 09:29:51] Evaluated non-recursive predicate DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff@8606bd35 in 1945ms (size: 1366058).
Evaluated relational algebra for predicate DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff@8606bd35 with tuple counts:
      764401   ~0%    {3} r1 = JOIN DataFlowPrivate#fbdd7bd7::DirectPosition#ff_10#join_rhs WITH Instruction#577b6a83::CallInstruction::getArgumentOperand#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.2, Lhs.1, Rhs.1
      764401   ~0%    {3} r2 = JOIN r1 WITH DataFlowPrivate#fbdd7bd7::PrimaryArgumentNode#fff_20#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1

          65   ~0%    {3} r3 = SCAN DataFlowPrivate#fbdd7bd7::IndirectionPosition#fff OUTPUT In.2, In.0, In.1
  180518864   ~0%    {3} r4 = JOIN r3 WITH project#DataFlowPrivate#fbdd7bd7::IndirectOperands::IndirectOperand::hasOperandAndIndirectionIndex#2#dispred#fff#3_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1
      601657   ~1%    {2} r5 = JOIN r4 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#2 ON FIRST 2 OUTPUT Lhs.0, Lhs.2
      601657   ~0%    {3} r6 = JOIN r5 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#3 ON FIRST 1 OUTPUT Lhs.0, Rhs.1, Lhs.1

    1366058   ~0%    {3} r7 = r2 UNION r6
                      return r7
```

After:
```
Tuple counts for DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff/3@d2b091vc after 1.1s:
  764381  ~2%     {3} r1 = JOIN DataFlowPrivate#fbdd7bd7::DirectPosition#ff_10#join_rhs WITH Instruction#577b6a83::CallInstruction::getArgumentOperand#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.2, Lhs.1 'pos', Rhs.1 'call'
  764381  ~0%     {3} r2 = JOIN r1 WITH DataFlowPrivate#fbdd7bd7::PrimaryArgumentNode#fff_20#join_rhs ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.2 'call', Lhs.1 'pos'

  65      ~3%     {3} r3 = SCAN num#DataFlowPrivate#fbdd7bd7::TIndirectionPosition#fff OUTPUT In.0, In.2 'pos', In.1
  1798930 ~1%     {3} r4 = JOIN r3 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#2_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.2, Lhs.1 'pos'
  601641  ~1%     {2} r5 = JOIN r4 WITH project#DataFlowPrivate#fbdd7bd7::IndirectOperands::IndirectOperand::hasOperandAndIndirectionIndex#2#dispred#fff#3 ON FIRST 2 OUTPUT Lhs.0 'n', Lhs.2 'pos'
  601641  ~0%     {3} r6 = JOIN r5 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#3 ON FIRST 1 OUTPUT Lhs.0 'n', Rhs.1 'call', Lhs.1 'pos'

  1366022 ~1%     {3} r7 = r2 UNION r6
                  return r7
```
 2023-06-28 10:13:03 +01:00
Robert Marsh
e90153fc47 C++: fix irreducible control flow logic 2023-06-27 16:52:45 -04:00
Jeroen Ketema
b1ae3a0a7b Merge remote-tracking branch 'upstream/main' into clears-content 2023-06-27 13:45:33 +02:00
Jeroen Ketema
2628552ef4 C++: Fix join-order problem in clearsContent 2023-06-27 11:59:26 +02:00
Mathias Vorreiter Pedersen
06bc460868 Merge pull request #13528 from rdmarsh2/rdmarsh2/cpp/range-analysis-back-edge 
C++: fix range analysis back edge detection for irreducible CFGs
 2023-06-27 09:14:44 +01:00
Robert Marsh
dcb349434c C++: fix comment formatting 2023-06-26 15:52:32 -04:00
Robert Marsh
aff4066020 C++: improve irreducible back edge detection 2023-06-26 15:39:09 -04:00
Jeroen Ketema
54632cd474 C++: Replace not exists by forex in clearsContent 2023-06-26 20:05:35 +02:00
Jeroen Ketema
c7e5dc2e9e C++: Fix QLDoc issues 2023-06-26 12:18:05 +02:00
Jeroen Ketema
458522a656 C++: Implement clearsContent for IR dataflow 2023-06-26 12:11:03 +02:00
Robert Marsh
69ee615119 Merge pull request #13515 from MathiasVP/dataflow-fix-for-self-iterators 
C++: Dataflow fix for the self-iterators issue
 2023-06-23 13:50:23 -04:00
Mathias Vorreiter Pedersen
0839c1aad1 C++: Allow self-flow through indirect parameters. 2023-06-22 19:33:18 +01:00