hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

3294 Commits

Author SHA1 Message Date
github-actions[bot]
fa850cccb1 Release preparation for version 2.20.6 2025-03-03 17:13:19 +00:00
Geoffrey White
7f56c67544 Merge pull request #18837 from geoffw0/overflowbuffer 
C++: Improve and promote cpp/overflow-buffer
 2025-03-03 14:17:12 +00:00
Geoffrey White
7169c4be48 C++: Another attempt to make the fix more solid. I believe it can't produce negative numbers now. 2025-02-28 14:21:58 +00:00
Geoffrey White
998bec1efb C++: Fix the bug. 2025-02-27 21:24:07 +00:00
Geoffrey White
1354bebd7c C++: Fix an issue with padding. 2025-02-26 17:43:25 +00:00
Geoffrey White
a7ac6b137b C++: Second change note. 2025-02-25 17:02:23 +00:00
Geoffrey White
7d7498ee32 C++: Avoid problems when a variable has multiple types. 2025-02-25 16:55:13 +00:00
Geoffrey White
812315df27 C++: Use existing getSize / getRootType to find more generous bounds for arrays inside classes (though it sometimes fails, costing us TPs). 2025-02-25 16:29:49 +00:00
Jeroen Ketema
7eca4b4d82 C++: Fix join-order problem with isBefore 
Reported here: https://github.com/github/codeql/issues/17743

Without this change on the query provided by the user:
```
[2025-02-25 12:42:01] Evaluated non-recursive predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@c668c8tv in 23846ms (size: 20381473).
Evaluated relational algebra for predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@c668c8tv with tuple counts:
                 1   ~0%    {0} r1 = CONSTANT()[]
             27323   ~0%    {2}    | JOIN WITH `Location::Location.getEndLine/0#dispred#83af84ae#bf` CARTESIAN PRODUCT OUTPUT Rhs.0, Rhs.1
        6162566035   ~0%    {4}    | JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` CARTESIAN PRODUCT OUTPUT Lhs.0, Lhs.1, Rhs.0, Rhs.1
                            {4}    | REWRITE WITH TEST InOut.1 < InOut.3
        3894825644   ~5%    {2}    | SCAN OUTPUT In.2, In.0
          73148692   ~0%    {3}    | JOIN WITH fun_decls_40#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.1
          73148692   ~0%    {4}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0, Lhs.2
            864579   ~0%    {2}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 2 OUTPUT Lhs.2, Lhs.3
          13010742   ~1%    {2}    | JOIN WITH macroinvocations_20#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          20653781   ~0%    {3}    | JOIN WITH `Macro::MacroAccess.getOutermostMacroAccess/0#d58b05db_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1
          20653781   ~4%    {3}    | REWRITE WITH Out.1 := 1
          20381473   ~8%    {2}    | JOIN WITH macroinvocations_03#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2
                            return r1
```

With this change:
```
[2025-02-25 12:43:10] Evaluated non-recursive predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@11bf8956 in 928ms (size: 20381473).
Evaluated relational algebra for predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@11bf8956 with tuple counts:
            6873   ~3%    {2} r1 = SCAN fun_decls OUTPUT In.4, In.0
            6857   ~0%    {3}    | JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1
            6857   ~2%    {3}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
         6193961   ~0%    {3}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
        27389714   ~1%    {4}    | JOIN WITH macroinvocations_20#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, Rhs.1
        27389714   ~1%    {4}    | JOIN WITH locations_default ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Lhs.3, Rhs.4
                          {4}    | REWRITE WITH TEST InOut.3 < InOut.1
        13010742   ~1%    {2}    | SCAN OUTPUT In.2, In.0
        20653781   ~0%    {3}    | JOIN WITH `Macro::MacroAccess.getOutermostMacroAccess/0#d58b05db_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1
        20653781   ~4%    {3}    | REWRITE WITH Out.1 := 1
        20381473   ~8%    {2}    | JOIN WITH macroinvocations_03#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2
                          return r1
```
 2025-02-25 12:39:11 +01:00
Geoffrey White
90758b37ef C++: Change notes. 2025-02-21 19:00:12 +00:00
Geoffrey White
ae25399a47 C++: Fix offsetof bug. 2025-02-21 18:58:56 +00:00
Alex Eyers-Taylor
57e985cc21 CPP: Simplify getClassAndNameImpl 2025-02-21 16:23:45 +00:00
Alex Eyers-Taylor
53c5b8ff9e CPP: Prevent forced bad join order. 2025-02-20 16:06:42 +00:00
github-actions[bot]
ad24f94a77 Post-release preparation for codeql-cli-2.20.5 2025-02-17 17:58:24 +00:00
github-actions[bot]
6f4562f3bd Release preparation for version 2.20.5 2025-02-17 16:55:54 +00:00
Mathias Vorreiter Pedersen
9cfd3391d2 C++: Move 'getImpl' to a private non-member predicate. 2025-02-14 13:01:28 +00:00
Mathias Vorreiter Pedersen
be1af88d23 C++: Add more QLDoc. 2025-02-13 14:28:36 +00:00
Mathias Vorreiter Pedersen
aff03bd721 C++: Delete confusing class synonym. 2025-02-13 14:28:14 +00:00
Mathias Vorreiter Pedersen
f9732c746b C++: Patch up various places that depended on the old IPA type. 2025-02-13 14:28:12 +00:00
Mathias Vorreiter Pedersen
75b6855769 C++: Move useful predicates from the old IPA type for the 'DefinitionExt' type. 2025-02-13 14:28:10 +00:00
Mathias Vorreiter Pedersen
f597ea99e1 C++: Delete the unnecessary IPA type of definitions. 2025-02-13 14:01:32 +00:00
Anders Schack-Mulligen
0b5270979d SSA: Remove the need for ExitBasicBlock in SSA. 2025-02-10 14:36:18 +01:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
Arthur Baars
dd34690c17 Merge branch 'codeql-cli-2.20.4' into release-prep/2.20.4 2025-02-03 18:37:16 +01:00
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
Mathias Vorreiter Pedersen
0e6936d418 C++: Strip the type when computing the base type of a chain of qualifiers. 2025-02-03 12:42:11 +00:00
Mathias Vorreiter Pedersen
f35fea3bee Merge pull request #18629 from MathiasVP/fix-more-fps-in-buffer-overflow 
C++: Fix more FPs in `cpp/overflow-buffer`
 2025-01-30 18:28:10 +00:00
Mathias Vorreiter Pedersen
02cf458232 C++: Add change note. 2025-01-30 16:50:22 +00:00
Mathias Vorreiter Pedersen
764a84601f Update cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-30 16:09:44 +00:00
Mathias Vorreiter Pedersen
839640a82f Update cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-30 15:31:36 +00:00
Anders Schack-Mulligen
8edcad0509 Merge pull request #18634 from aschackmull/cpp/unnest-getkind 
C++: Un-nest the if-then-else sequence.
 2025-01-30 14:07:07 +01:00
Jeroen Ketema
8f25dbf98d Merge pull request #18606 from jketema/typeref 
C++: Support mixed `typedef`s and `using`s
 2025-01-30 14:04:48 +01:00
Anders Schack-Mulligen
15171eb1a5 C++: Un-nest the if-then-else sequence. 2025-01-30 13:28:44 +01:00
Mathias Vorreiter Pedersen
403a0eb8e6 C++: Fix FPs in 'cpp/overflow-buffer' caused by unions of structs. 2025-01-29 18:30:20 +00:00
Mathias Vorreiter Pedersen
941ad870cb C++: Move 'hasAFieldWithOffset' to 'Field'. 2025-01-29 18:19:17 +00:00
Mathias Vorreiter Pedersen
4b2c7ef03f Merge pull request #18615 from MathiasVP/fix-fp-buffer-overflow 
C++: Fix FPs in `cpp/overflow-buffer`
 2025-01-29 12:12:47 +00:00
Mathias Vorreiter Pedersen
be2777bc31 C++: Don't infer lambda calls when there is a static dispatch to a source or summary callable. 2025-01-28 18:51:31 +00:00
Mathias Vorreiter Pedersen
a35ed57848 Revert "C++: Don't generate parameter nodes for bodyless parameters when there is a summary of the enclosing function." 
This reverts commit ad80b36074.
 2025-01-28 17:09:45 +00:00
Mathias Vorreiter Pedersen
ff9a4d02f0 Merge pull request #18592 from MathiasVP/fix-enclosing-callable-cpp 
C++: Don't generate dataflow nodes for functions with summaries
 2025-01-28 16:57:44 +00:00
Mathias Vorreiter Pedersen
d6054c9a51 C++: Infer larger buffer sizes for non-static member variables. 2025-01-28 15:48:04 +00:00
Mathias Vorreiter Pedersen
38b66e5a8e C++: Fix a few type errors. 2025-01-28 14:08:12 +00:00
Mathias Vorreiter Pedersen
d40322f9eb C++: (Bugfix 3) Don't conflate summarized callables and source callables in 'nodeGetEnclosingCallable'. 2025-01-28 13:59:19 +00:00
Mathias Vorreiter Pedersen
06bc8add9d C++: (Bugfix 2) Don't remap isParameterOf. 2025-01-28 13:59:17 +00:00
Mathias Vorreiter Pedersen
662e74924b C++: (Bugfix 1) There should be a callable representing the source code even if there is a summarized version. 2025-01-28 13:59:16 +00:00
Erik Krogh Kristensen
f0755bfb5d Merge pull request #18601 from erik-krogh/del-deps-jan-2025 
All: delete outdated deprecations
 2025-01-28 13:31:41 +01:00
Geoffrey White
6337f5a08b Merge pull request #18586 from geoffw0/floatguards 
C++: Test and (perhaps) fix an issue with guards on floating point comparisons.
 2025-01-28 09:05:13 +00:00
erik-krogh
a1afa20d4b add change-notes 2025-01-27 22:43:13 +01:00
erik-krogh
bd8ed1dc04 cpp: revert two cpp dataflow deprecations that take more work 2025-01-27 22:16:54 +01:00
erik-krogh
34f5f61a10 all: use my script to delete outdated deprecations 2025-01-27 22:16:48 +01:00
Mathias Vorreiter Pedersen
4e44201ba8 C++: Remap calls to source functions to the summarized function. 2025-01-27 16:58:53 +00:00