hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
77,734 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.0
Commit Graph

12966 Commits

Author SHA1 Message Date
Ziemowit Laski
926742561b [CPP-340] Eliminate superfluous print-outs of NestedStruct, 
`NestedUnion` and `MemberFunction`
 2019-07-17 13:39:43 -07:00
Geoffrey White
48a60651b6 CPP: Fix query. 2019-07-17 11:43:05 +01:00
Geoffrey White
aa368d8763 CPP: Add test cases. 2019-07-17 11:38:59 +01:00
Ziemowit Laski
f0982791e3 [CPP-340] Remove colons and extraenous QLDoc comments; add a few more classes. 2019-07-16 17:58:39 -07:00
Dave Bartolomeo
e58df94672 Remove unnecessary dependencies on cpp 2019-07-16 15:10:46 -07:00
Dave Bartolomeo
60b3ffe3d5 Make all imports of cpp private 2019-07-16 15:02:26 -07:00
zlaski-semmle
6764390970 Merge pull request #1586 from geoffw0/norm-taint-test 
CPP: Normalize the taint tests
 2019-07-16 11:49:42 -07:00
Geoffrey White
1b7d1c37ec CPP: Test showing that Adding365daysPerYear.ql doesn't actually care whether the return value of the time conversion function is checked. 2019-07-16 17:29:30 +01:00
Robert Marsh
1f17cfb8ad C++: add comments and private annotations 2019-07-15 14:47:21 -07:00
Geoffrey White
4df176ae34 CPP: Add test coverage for isModifiedByArithmeticOperation. 2019-07-15 19:42:50 +01:00
Robert Marsh
86a018b0b4 C++: overlapping def/use must share IRVariable 2019-07-15 10:35:57 -07:00
Robert Marsh
20e67eb37a C++: improve performance of overlap computation 
This is still quadratic in the number of MemoryLocations for a vvar, but
only for a single pipeline step, which is not materialized. It seems to be
fast enough in practice for the IR.
 2019-07-15 10:15:58 -07:00
Geoffrey White
cf194219b9 CPP: Fix FPs. 2019-07-15 14:58:35 +01:00
Geoffrey White
5362fef81c CPP: Additional AllocaInLoop test cases. 2019-07-15 14:50:02 +01:00
Ziemowit Laski
c906560edd Fix up expected IR output after rebase. 2019-07-13 12:57:25 -07:00
Ziemowit Laski
960a41be85 Handle __builtin_addressof. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
175ba7b3b0 Fix up .expected on the IR side. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
2637c22732 Fix up .expected file. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
2459d2ab92 Reformat PrintAST.qll ONLY. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
49b0fc0a57 [CPP-386] A few more QL classes. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
ab82aebbd7 [CPP-386] Add override keyword as needed; annotate a few more classes. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
e5fc07660d [CPP-386] Print QL AST classes next to elements in PrintAST trees. 2019-07-13 12:23:09 -07:00
Ziemowit Laski
ddb0fd90e9 [CPP-386] Provide getCanonicalQLClass() predicate for many AST elements. 2019-07-13 12:19:40 -07:00
Ziemowit Laski
a4affbebbf [CPP-386] Add ElementBase::getCanonicalQLClass(). 2019-07-13 12:19:40 -07:00
Robert Marsh
41e46f6686 Merge pull request #1584 from geoffw0/swap 
CPP: Model std::swap
 2019-07-12 10:41:14 -07:00
Geoffrey White
a9b953f89a CPP: Flip test output for consistency and easy comparison with the other tests. 2019-07-12 18:18:08 +01:00
Geoffrey White
c2fd2e273e CPP: Model taint flow through std::swap. 2019-07-12 18:00:39 +01:00
Geoffrey White
f132bca06e CPP: Add a taint flow test of 'std::swap'. 2019-07-12 16:37:01 +01:00
semmledocs-ac
e1da6e915c Merge pull request #1515 from geoffw0/continuefalseloop 
CPP: Improvements to ContinueInFalseLoop.ql
 2019-07-12 08:38:22 +01:00
Dave Bartolomeo
1b38208bab Merge pull request #1567 from jbj/ir-operand-cycles 
C++ IR: guard against cycles in operand graph
 2019-07-11 13:14:10 -07:00
Dave Bartolomeo
c73b516862 Merge pull request #1541 from jbj/ir-operand-exact 
C++ IR: Make instruction operand getters have only exact results
 2019-07-11 13:13:20 -07:00
Dave Bartolomeo
00ff2bb6c4 Merge pull request #1554 from jbj/ir-ErrorExpr 
C++ IR: support for translating ErrorExpr
 2019-07-11 13:05:04 -07:00
Jonas Jensen
23001d5471 Merge pull request #1566 from rdmarsh2/rdmarsh/cpp/pure-functions-effect-model 
C++: alias and side effect info for pure functions
 2019-07-11 21:21:54 +02:00
Geoffrey White
ed069fe3cc CPP: Upgrade precision/severity. 2019-07-11 20:00:50 +01:00
Geoffrey White
62fb216102 CPP: Fix false positive. 2019-07-11 20:00:50 +01:00
Geoffrey White
629d127174 CPP: QLDoc comments. 2019-07-11 20:00:50 +01:00
Geoffrey White
e1efdd7d47 CPP: Add a test where continue is used in a switch to exit the loop. 2019-07-11 20:00:50 +01:00
Geoffrey White
3337a859aa CPP: Corrections to qhelp. 2019-07-11 20:00:50 +01:00
Geoffrey White
4c4be2d3c2 CPP: Add (basic) qhelp. 2019-07-11 20:00:50 +01:00
Geoffrey White
8a3f8c5c1d CPP: Add precision/tags and adjust severity. 2019-07-11 20:00:50 +01:00
Geoffrey White
83d4b23ae3 CPP: Fix false positives in while/for loops. 2019-07-11 20:00:50 +01:00
Geoffrey White
136ca72297 CPP: Add a test. 2019-07-11 20:00:49 +01:00
Robert Marsh
c195420ba1 C++: respond to PR comments 2019-07-11 11:00:52 -07:00
Geoffrey White
db6be05a92 Merge pull request #1580 from jbj/inconsistent-loop-direction-perf 
C++: Fix inconsistent-loop-direction performance
 2019-07-11 16:39:05 +01:00
Jonas Jensen
2324ce77ae C++ IR: Fix soundness of ConstantAnalysis 
Now that `PhiInstruction.getAnInput` only has results for congruent
operands, a previous optimization I made to `getConstantValue` is no
longer sound. We have to check that all phi inputs give the same value,
not just the congruent ones. After this change, if there are any
non-congruent operands on a phi instruction, the whole aggregate will
have no result.
 2019-07-11 15:51:09 +02:00
Jonas Jensen
7fb43a5a03 C++ IR: getAnyDef -> getDef in RangeUtils.qll 
As recommended by Dave in PR review.
 2019-07-11 15:35:14 +02:00
ian-semmle
463547f810 Merge pull request #1581 from jbj/revert-noTarget-workaround 
Revert "C++: Work around extractor issue CPP-383"
 2019-07-11 14:26:15 +01:00
Jonas Jensen
c831c4b58e C++ IR: Fix SignAnalysis after getAnyDef -> getDef 
In the `SignAnalysis` abstract interpretation, "unknown sign"
corresponds to the set of _all_ `Sign`, but using `getDef` leads to the
operand having _no_ `Sign`. To fix that, we assign all signs to inexact
operands.
 2019-07-11 15:17:55 +02:00
Geoffrey White
59964bd9a4 Merge pull request #1575 from jbj/UncheckedLeapYear-bb 
C++: Fix performance of unchecked leap year query
 2019-07-11 13:57:07 +01:00
Jonas Jensen
ee5eaef5e4 Revert "C++: Work around extractor issue CPP-383" 
The issue is now fixed in the extractor, and I've confirmed that the
workaround is no longer needed for g/an-tao/drogon.

This reverts commit 48a3385809.
 2019-07-11 14:18:29 +02:00