hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,593 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.6
Commit Graph

5466 Commits

Author SHA1 Message Date
zlaski-semmle
241994d1f8 Merge pull request #1107 from zlaski-semmle/cpp355 
Updated query to look for Microsoft-specific '_alloca' and '_malloca'
Merge to Semmle/ql:master.
 2019-03-19 13:40:27 -07:00
Ziemowit Laski
09e729ff59 Turns out that '__builtin_alloca' takes 'unsigned long', not 'unsigned long long'; rename some parameters to align with C11 standard. 2019-03-19 13:27:14 -07:00
Ziemowit Laski
11ed4f3312 Change __builtin_alloca declaration to use an unsigned long long parameter. 2019-03-19 13:12:29 -07:00
Ziemowit Laski
ff3430d8d0 Use '// GOOD' and '// BAD' annotations for query diagnostics. 2019-03-19 12:29:38 -07:00
Max Schaefer
6fbf487524 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19 2019-03-19 14:09:03 +00:00
Jonas Jensen
a31794f20c Merge pull request #1129 from geoffw0/unusedstatic 
CPP: Add to UnusedStaticVariables tests.
 2019-03-19 14:16:30 +01:00
Jonas Jensen
111a462d16 C++: Recover some of the good results we lost 
My recent changes to suppress FPs in `ReturnStackAllocatedMemory.ql`
caused us to lose all results where there was a `Conversion` at the
initial address escape. We cannot handle conversions in general, but
this commit restores the good results for the trivial types of
conversion that we can handle.
 2019-03-19 11:09:58 +01:00
Jonas Jensen
d864df5b7f C++: Tests for new false negatives 2019-03-19 10:30:14 +01:00
Ziemowit Laski
566fdc3f70 Change names of parameters to memcpy(), as per Geoff. 2019-03-18 11:15:43 -07:00
Geoffrey White
73b7b980c8 CPP: Add to UnusedStaticVariables tests. 2019-03-18 16:43:48 +00:00
Nick Rolfe
8e9aeffdbc C++: accept test output from changes to extractor TRAP ordering 2019-03-18 10:44:18 +00:00
Jonas Jensen
6b1cd17009 C++: Fix FPs due to data flow Conversion handling 
Since we cannot track data flow from a fully-converted expression but
only the unconverted expression, we should check whether the address
initially escapes into the unconverted expression, not the
fully-converted one.

This fixes most of the false positives observed on lgtm.com.
 2019-03-16 20:50:27 +01:00
Jonas Jensen
1a7351ef6e C++: Add tests for three FPs observed on lgtm.com 2019-03-16 20:50:27 +01:00
Ziemowit Laski
2d5bdc85b0 Add 'restrict' support to the C++ test cases. 2019-03-14 12:12:45 -07:00
Ziemowit Laski
586aa0ae41 Updated query to look for Microsoft-specific '_alloca' and '_malloca' entry points. Added sundry positive and negative test cases. 2019-03-13 18:43:24 -07:00
Nick Rolfe
ac2dbbff13 C++: accept test output from extractor changes to template class decls 2019-03-13 16:38:24 +00:00
Jonas Jensen
028e61b71c Merge pull request #1101 from robertbrignull/merge/rc/1.20 
Merge rc/1.20 => master
 2019-03-13 16:36:55 +01:00
Kevin Backhouse
08d852fa94 Merge pull request #1048 from jbj/dataflow-link-targets 
C++: Data flow dispatch across link targets
 2019-03-13 12:39:59 +00:00
Robert Brignull
5380e1df68 Merge remote-tracking branch 'upstream/rc/1.20' into merge/rc/1.20 2019-03-13 10:55:30 +00:00
Dave Bartolomeo
b5a3edfdae C++: FunctionIR -> IRFunction 2019-03-12 11:28:22 -07:00
Max Schaefer
605f6bc6a6 Merge pull request #1082 from hvitved/merge-rc 
Merge rc/1.20 into master
 2019-03-12 13:49:12 +00:00
Tom Hvitved
c5450128be Merge branch 'rc/1.20' into merge-rc 2019-03-12 09:14:38 +01:00
Ziemowit Laski
75b4a6d6b3 [CPP-80] Provide kinder, gentler wording for messages (ClassesWithManyFields.{ql,qhelp}) 2019-03-11 16:16:05 -07:00
Robert Marsh
8a2a4678d8 C++: accept dataflow test change 2019-03-07 13:14:57 -08:00
Robert Marsh
17ad124c9e C++: remove VariableAddress from points_to test 2019-03-07 13:14:56 -08:00
Robert Marsh
7e30ce0c09 C++: add phi node support to escape analysis 2019-03-07 13:14:56 -08:00
Robert Marsh
97c11a5222 C++: points-to for argument-returning calls 2019-03-07 13:14:55 -08:00
Robert Marsh
c70bd285de C++: assume arguments to virtual functions escape 2019-03-07 13:14:49 -08:00
Robert Marsh
2c94a8887d C++: test for virtual functions in escape analysis 2019-03-07 13:14:49 -08:00
Robert Marsh
6089172554 C++: escape analysis for this parameters 2019-03-07 13:14:49 -08:00
Robert Marsh
466e110338 C++: add new interprocedural escape analysis 2019-03-07 13:14:48 -08:00
Robert Marsh
bd39698528 C++: test changes for interproc escape analysis 2019-03-07 13:14:48 -08:00
Jonas Jensen
57732ee6f9 Merge pull request #1008 from geoffw0/wprintf 
CPP: Clean up and fix FormattingFunction, FormatLiteral
 2019-03-06 15:08:29 +00:00
Geoffrey White
9f9712047c CPP: Add a few more tests of '%c'. 2019-03-06 10:23:45 +00:00
Jonas Jensen
80b0765618 C++: Make IR DataFlow dispatch use non-IR version 
This removes code duplication and ensures that the IR version also gets
the support for flow across link targets.
 2019-03-06 10:08:14 +01:00
Jonas Jensen
10ce13d1e9 C++: Tests for cross-target dispatch 2019-03-06 10:08:13 +01:00
Jonas Jensen
0a57767cc6 C++: Data flow through StmtExpr 2019-03-05 14:36:40 +01:00
Jonas Jensen
a2de057c26 C++: Test for StmtExpr data flow 2019-03-05 14:34:19 +01:00
Jonas Jensen
9d595aa5ea Merge pull request #1033 from geoffw0/newdelete-perf 
CPP: NewDelete.qll performance
 2019-03-05 12:52:59 +00:00
Max Schaefer
7f5e2630a1 Merge pull request #1032 from xiemaisi/master-for-merge 
Merge master into rc/1.20
 2019-03-04 21:23:51 +00:00
Geoffrey White
df73bb3468 CPP: Fix performance issue. Also has a small positive effect on correctness. 2019-03-04 12:47:55 +00:00
Geoffrey White
f0085ed25a CPP: Additional test cases. 2019-03-04 12:45:05 +00:00
Jonas Jensen
c49c23068a Merge pull request #923 from geoffw0/potentialbufferoverflow 
CPP: Deprecate PotentialBufferOverflow.ql
 2019-03-04 08:11:27 +00:00
Robert Marsh
b8f8ed55e6 Merge pull request #1000 from jbj/dataflow-defbyref 
C++: Support definition by reference in data flow library
 2019-03-01 13:54:37 -08:00
Geoffrey White
66013272da Merge pull request #894 from jbj/ir-RedundantNullCheckSimple 
C++: IR query for redundant null check
 2019-03-01 15:34:18 +00:00
Nick Rolfe
e6ddf7f48a Merge pull request #1012 from ian-semmle/constexpr 
C++: Add Variable.isConstexpr()
 2019-03-01 14:42:35 +00:00
Ian Lynagh
a709a2d0f3 C++: Add Variable.isConstexpr() 2019-02-28 15:26:15 +00:00
Jonas Jensen
8e6daafd7c C++: Add DefinitionByReferenceNode.getParameter 
This commits also adds a test that uses `getParameter`. The new tests
demonstrate that support for array-to-pointer decay works, but we get
data flow to the array rather than its contents.
 2019-02-28 09:39:51 +01:00
Jonas Jensen
972d00822c C++: Generalize std::move data flow 2019-02-27 15:53:00 +01:00
Jonas Jensen
80183464d9 C++: Define DefinitionByReferenceNode 
This enables data flow through `memcpy` and similar functions modeled in
`semmle.code.cpp.model`.
 2019-02-27 15:53:00 +01:00