hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
76,612 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.7
Commit Graph

12904 Commits

Author SHA1 Message Date
Robert Marsh
6f76c13385 C++: fix unused variable warning 2019-03-07 13:14:50 -08:00
Robert Marsh
726f38c802 C++: refactor alias analysis for performance 2019-03-07 13:14:50 -08:00
Robert Marsh
c70bd285de C++: assume arguments to virtual functions escape 2019-03-07 13:14:49 -08:00
Robert Marsh
2c94a8887d C++: test for virtual functions in escape analysis 2019-03-07 13:14:49 -08:00
Robert Marsh
6089172554 C++: escape analysis for this parameters 2019-03-07 13:14:49 -08:00
Robert Marsh
466e110338 C++: add new interprocedural escape analysis 2019-03-07 13:14:48 -08:00
Robert Marsh
bd39698528 C++: test changes for interproc escape analysis 2019-03-07 13:14:48 -08:00
Robert Marsh
0efb110512 C++: docs for AllocaInLoop 2019-03-06 09:35:17 -08:00
Jonas Jensen
57732ee6f9 Merge pull request #1008 from geoffw0/wprintf 
CPP: Clean up and fix FormattingFunction, FormatLiteral
 2019-03-06 15:08:29 +00:00
Geoffrey White
693937367d Merge pull request #1047 from jbj/dataflow-StmtExpr 
C++: Data flow through StmtExpr
 2019-03-06 10:33:12 +00:00
Geoffrey White
2bac7f1516 CPP: Deprecate old mechanisms FormattingFunction.isWideCharDefault and FormatLiteral.isWideCharDefault. 2019-03-06 10:23:46 +00:00
Geoffrey White
5b8a6c8335 CPP: Remove no longer used FormatLiteral.getEffectiveCharConversionChar. 2019-03-06 10:23:45 +00:00
Geoffrey White
e1447787e3 CPP: Remove dubious case from FormatLiteral.getMaxConvertedLength. 2019-03-06 10:23:45 +00:00
Geoffrey White
1b71accbfe CPP: Fix a bug in FormattingFunction.getDefaultCharType. 2019-03-06 10:23:45 +00:00
Geoffrey White
e59b3c28e4 CPP: Modernize FormatLiteral.getConversionType1b. 2019-03-06 10:23:45 +00:00
Geoffrey White
ac708a569e CPP: Clean up formatting in FormatLiteral.getEffectiveCharConversionChar somewhat. 2019-03-06 10:23:45 +00:00
Geoffrey White
9f9712047c CPP: Add a few more tests of '%c'. 2019-03-06 10:23:45 +00:00
Jonas Jensen
80b0765618 C++: Make IR DataFlow dispatch use non-IR version 
This removes code duplication and ensures that the IR version also gets
the support for flow across link targets.
 2019-03-06 10:08:14 +01:00
Jonas Jensen
10ce13d1e9 C++: Tests for cross-target dispatch 2019-03-06 10:08:13 +01:00
Jonas Jensen
14f1ecb456 C++: Data flow dispatch across link targets 2019-03-06 10:08:13 +01:00
Jonas Jensen
94699175a4 Merge pull request #1046 from xiemaisi/rc/1.20 
Merge rc/1.20 into master
 2019-03-06 07:49:15 +00:00
Jonas Jensen
6ef946c2b0 C++: Make IR TaintTracking available on LGTM 
Because this new library is not used in a default query, it needs to be
imported here in order to be available in the LGTM query console.
 2019-03-05 18:05:27 +01:00
Jonas Jensen
b3d935063f Merge pull request #815 from geoffw0/keyset 
CPP: dbscheme annotations
 2019-03-05 14:53:46 +00:00
Jonas Jensen
0a57767cc6 C++: Data flow through StmtExpr 2019-03-05 14:36:40 +01:00
Jonas Jensen
a2de057c26 C++: Test for StmtExpr data flow 2019-03-05 14:34:19 +01:00
Jonas Jensen
9d595aa5ea Merge pull request #1033 from geoffw0/newdelete-perf 
CPP: NewDelete.qll performance
 2019-03-05 12:52:59 +00:00
Jonas Jensen
d310338c9b C++: Implement dominanceFrontier with recursion 
This implementation is borrowed from Java's QL library and offers a
great performance improvement. For example, on Wireshark the performance
goes from

    Dominance::bbDominates#ff ....... 40.3s
    SSAUtils::dominanceFrontier#ff .. 30s

to

    SSAUtils::dominanceFrontier#ff .. 418ms (executed 67 times)

The big performance problem before was the need to materialize
`bbDominates`, which is the reflexive-transitive "basic block dominates"
relation. It had 79 million rows on Wireshark.
 2019-03-05 11:54:45 +01:00
Geoffrey White
4e1e3131ac CPP: Revert annotation on 'externalData'. 2019-03-05 10:22:33 +00:00
Geoffrey White
56fe91d774 CPP: cached -> pragma[nomagic]. 2019-03-05 08:59:16 +00:00
Max Schaefer
7f5e2630a1 Merge pull request #1032 from xiemaisi/master-for-merge 
Merge master into rc/1.20
 2019-03-04 21:23:51 +00:00
Geoffrey White
eb4efc4745 Merge pull request #1023 from jbj/gets-qualified 
C++: Use getQualifiedName() = "gets", not hasName
 2019-03-04 18:10:15 +00:00
Kevin Backhouse
8cee18b479 Add assignments to the set of analyzable expressions to simplify overflow detection. 2019-03-04 17:07:11 +00:00
Geoffrey White
a9ce2f7a62 CPP: Simplify out some old optimizations (that make little difference now). 2019-03-04 13:13:04 +00:00
Geoffrey White
df73bb3468 CPP: Fix performance issue. Also has a small positive effect on correctness. 2019-03-04 12:47:55 +00:00
Geoffrey White
f0085ed25a CPP: Additional test cases. 2019-03-04 12:45:05 +00:00
Jonas Jensen
4f9ffb38e6 C++: Set cpp/command-line-injection precision=low 
This query is only appropriate for setuid programs. Since such programs
are at most 0.1% of all code we analyse, I would say this query has a
precision of at most 0.1%.
 2019-03-04 09:51:33 +01:00
Jonas Jensen
c49c23068a Merge pull request #923 from geoffw0/potentialbufferoverflow 
CPP: Deprecate PotentialBufferOverflow.ql
 2019-03-04 08:11:27 +00:00
Jonas Jensen
0ed1618824 C++: Use getQualifiedName() = "gets", not hasName 
This fixes false positives on
https://lgtm.com/projects/g/brandonpelfrey/Construct caused by a member
function named `gets` -- probably short for "get s".
 2019-03-04 09:01:20 +01:00
Robert Marsh
b8f8ed55e6 Merge pull request #1000 from jbj/dataflow-defbyref 
C++: Support definition by reference in data flow library
 2019-03-01 13:54:37 -08:00
Geoffrey White
66013272da Merge pull request #894 from jbj/ir-RedundantNullCheckSimple 
C++: IR query for redundant null check
 2019-03-01 15:34:18 +00:00
Nick Rolfe
e6ddf7f48a Merge pull request #1012 from ian-semmle/constexpr 
C++: Add Variable.isConstexpr()
 2019-03-01 14:42:35 +00:00
Geoffrey White
28304e4fde Merge pull request #1005 from jbj/dataflow-Node-cached 
C++: Cache TNode and localFlowStep
 2019-02-28 17:43:14 +00:00
Ian Lynagh
a709a2d0f3 C++: Add Variable.isConstexpr() 2019-02-28 15:26:15 +00:00
Geoffrey White
832a436a49 Revert "C++: Revert doc-related changes to dbscheme" 
This reverts commit e81d197ebd.
 2019-02-28 14:50:49 +00:00
Geoffrey White
e55dc43111 CPP: Consistency changes suggested by Dave. 2019-02-28 14:50:49 +00:00
Geoffrey White
b1bf1b8f1c CPP: More annotations. 2019-02-28 14:50:49 +00:00
Geoffrey White
dd271f1c93 CPP: Fix type 'diagnosstic'. 2019-02-28 14:50:49 +00:00
Geoffrey White
0c84e06234 CPP: Fix typo. 2019-02-28 14:50:49 +00:00
Geoffrey White
6398298bea CPP: Add keyset annotations to the CPP dbscheme. 2019-02-28 14:50:49 +00:00
Jonas Jensen
40f3fecb00 C++: Simplify stubs in DataFlowDispatch.qll 
Some of these stubs were quite slow to evaluate. It's possible they
could be optimised, but it seems pointless as long as we don't have
call-context-sensitive virtual dispatch in the C++ library.
 2019-02-28 14:38:29 +01:00