hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,671 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

3427 Commits

Author SHA1 Message Date
REDMOND\brodes
d988afd4a4 Adding an EVP_AASYM_CIPHER_fetch getter. 2025-03-11 14:47:10 -04:00
REDMOND\brodes
7757279908 Adding a KDF algorithm getter. 2025-03-11 14:46:36 -04:00
REDMOND\brodes
44b1e921d6 commenting out hash size for now, TODO 2025-03-11 14:10:04 -04:00
REDMOND\brodes
f69b057893 Updating OpenSSLKnownAlgorithmConstants.qll (a few bugs) and also enforcing that known key sizes are on the normalized name (need to re-visit for GOST). 2025-03-11 13:35:44 -04:00
REDMOND\brodes
ae574f7cf2 Resolving hash and cipher types for openssl not using literals but KnownOpenSSLAlgorithmConstant. 2025-03-11 13:35:02 -04:00
REDMOND\brodes
f72efa638a Uncommenting out generic dataflow 2025-03-10 16:12:53 -04:00
REDMOND\brodes
c83cb533ce Adding an instantiation of the additional flow step class to automatically apply to generic dataflow. Flow step passthrough comes from the algorithm to getter flow passthroughs. 2025-03-10 15:56:01 -04:00
REDMOND\brodes
036035b6a2 Adding modeling for OpenSSL random number generation. 2025-03-10 15:04:19 -04:00
REDMOND\brodes
73368ea59a Adding hashes to openssl library import 2025-03-10 13:27:39 -04:00
REDMOND\brodes
0672027822 Tracing new notion of known getters, which now includes direct getters for cipher and hash. Removed a redundant hash qll, and fixed misplacement of has type in model. 2025-03-10 11:46:26 -04:00
REDMOND\brodes
451808616e Getting rid of commented out code. 2025-03-10 11:35:16 -04:00
REDMOND\brodes
bd07b8a4c7 Making getter flow through 'copy' more general (copy can appear in any part of the call name now. 2025-03-10 11:34:26 -04:00
REDMOND\brodes
6a4659fc7e Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5()) 2025-03-10 11:33:46 -04:00
REDMOND\brodes
3316d6135d Ctx flow comments. 2025-03-10 11:32:14 -04:00
Mathias Vorreiter Pedersen
b06902a3b1 C++: Share more indirect operands and instructions. 2025-03-07 19:59:05 +00:00
REDMOND\brodes
bac0a635f9 Initial hash models for openssl. 2025-03-07 14:24:01 -05:00
REDMOND\brodes
32d29ffde3 Changed casing on TCipherType, Added some initial fixes for hash support, started developing openssl hashing modeling. 2025-03-07 10:02:36 -05:00
REDMOND\brodes
6083df2b7f Completed tying algorithm instances to consumers. Now the model should have known literals for cipher instances, and it traces those instances to consumers (inits) and those inits are traced to cipher operations. 2025-03-05 15:48:08 -05:00
REDMOND\brodes
de3ff45cba Misc updates for OpenSSL modeling to trace algorithm literals to known alg getters, and converting the literal to a TCipherType. 2025-03-05 15:17:52 -05:00
Mathias Vorreiter Pedersen
38bf9c6835 Merge pull request #18908 from aschackmull/cpp/branchlimit-adjustment-refactor 
C++: Change countNumberOfBranchesUsingParameter to match qldoc closer.
 2025-03-05 11:21:38 +00:00
REDMOND\brodes
cce5f24b38 Initial OpenSSL modeling work. 2025-03-04 15:52:57 -05:00
github-actions[bot]
58f355ae5a Post-release preparation for codeql-cli-2.20.6 2025-03-03 18:18:15 +00:00
github-actions[bot]
fa850cccb1 Release preparation for version 2.20.6 2025-03-03 17:13:19 +00:00
Geoffrey White
7f56c67544 Merge pull request #18837 from geoffw0/overflowbuffer 
C++: Improve and promote cpp/overflow-buffer
 2025-03-03 14:17:12 +00:00
Anders Schack-Mulligen
5d91f2e119 C++: Change countNumberOfBranchesUsingParameter to match qldoc closer. 2025-03-03 15:14:28 +01:00
Geoffrey White
7169c4be48 C++: Another attempt to make the fix more solid. I believe it can't produce negative numbers now. 2025-02-28 14:21:58 +00:00
Geoffrey White
998bec1efb C++: Fix the bug. 2025-02-27 21:24:07 +00:00
Geoffrey White
1354bebd7c C++: Fix an issue with padding. 2025-02-26 17:43:25 +00:00
Geoffrey White
a7ac6b137b C++: Second change note. 2025-02-25 17:02:23 +00:00
Geoffrey White
7d7498ee32 C++: Avoid problems when a variable has multiple types. 2025-02-25 16:55:13 +00:00
Geoffrey White
812315df27 C++: Use existing getSize / getRootType to find more generous bounds for arrays inside classes (though it sometimes fails, costing us TPs). 2025-02-25 16:29:49 +00:00
Jeroen Ketema
7eca4b4d82 C++: Fix join-order problem with isBefore 
Reported here: https://github.com/github/codeql/issues/17743

Without this change on the query provided by the user:
```
[2025-02-25 12:42:01] Evaluated non-recursive predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@c668c8tv in 23846ms (size: 20381473).
Evaluated relational algebra for predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@c668c8tv with tuple counts:
                 1   ~0%    {0} r1 = CONSTANT()[]
             27323   ~0%    {2}    | JOIN WITH `Location::Location.getEndLine/0#dispred#83af84ae#bf` CARTESIAN PRODUCT OUTPUT Rhs.0, Rhs.1
        6162566035   ~0%    {4}    | JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` CARTESIAN PRODUCT OUTPUT Lhs.0, Lhs.1, Rhs.0, Rhs.1
                            {4}    | REWRITE WITH TEST InOut.1 < InOut.3
        3894825644   ~5%    {2}    | SCAN OUTPUT In.2, In.0
          73148692   ~0%    {3}    | JOIN WITH fun_decls_40#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.1
          73148692   ~0%    {4}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0, Lhs.2
            864579   ~0%    {2}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 2 OUTPUT Lhs.2, Lhs.3
          13010742   ~1%    {2}    | JOIN WITH macroinvocations_20#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          20653781   ~0%    {3}    | JOIN WITH `Macro::MacroAccess.getOutermostMacroAccess/0#d58b05db_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1
          20653781   ~4%    {3}    | REWRITE WITH Out.1 := 1
          20381473   ~8%    {2}    | JOIN WITH macroinvocations_03#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2
                            return r1
```

With this change:
```
[2025-02-25 12:43:10] Evaluated non-recursive predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@11bf8956 in 928ms (size: 20381473).
Evaluated relational algebra for predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@11bf8956 with tuple counts:
            6873   ~3%    {2} r1 = SCAN fun_decls OUTPUT In.4, In.0
            6857   ~0%    {3}    | JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1
            6857   ~2%    {3}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
         6193961   ~0%    {3}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
        27389714   ~1%    {4}    | JOIN WITH macroinvocations_20#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, Rhs.1
        27389714   ~1%    {4}    | JOIN WITH locations_default ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Lhs.3, Rhs.4
                          {4}    | REWRITE WITH TEST InOut.3 < InOut.1
        13010742   ~1%    {2}    | SCAN OUTPUT In.2, In.0
        20653781   ~0%    {3}    | JOIN WITH `Macro::MacroAccess.getOutermostMacroAccess/0#d58b05db_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1
        20653781   ~4%    {3}    | REWRITE WITH Out.1 := 1
        20381473   ~8%    {2}    | JOIN WITH macroinvocations_03#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2
                          return r1
```
 2025-02-25 12:39:11 +01:00
Geoffrey White
90758b37ef C++: Change notes. 2025-02-21 19:00:12 +00:00
Geoffrey White
ae25399a47 C++: Fix offsetof bug. 2025-02-21 18:58:56 +00:00
Alex Eyers-Taylor
57e985cc21 CPP: Simplify getClassAndNameImpl 2025-02-21 16:23:45 +00:00
Alex Eyers-Taylor
53c5b8ff9e CPP: Prevent forced bad join order. 2025-02-20 16:06:42 +00:00
github-actions[bot]
ad24f94a77 Post-release preparation for codeql-cli-2.20.5 2025-02-17 17:58:24 +00:00
github-actions[bot]
6f4562f3bd Release preparation for version 2.20.5 2025-02-17 16:55:54 +00:00
Nicolas Will
b777a22d35 Expand model and specialize newtype relations 2025-02-14 23:43:07 +01:00
Mathias Vorreiter Pedersen
9cfd3391d2 C++: Move 'getImpl' to a private non-member predicate. 2025-02-14 13:01:28 +00:00
Mathias Vorreiter Pedersen
be1af88d23 C++: Add more QLDoc. 2025-02-13 14:28:36 +00:00
Mathias Vorreiter Pedersen
aff03bd721 C++: Delete confusing class synonym. 2025-02-13 14:28:14 +00:00
Mathias Vorreiter Pedersen
f9732c746b C++: Patch up various places that depended on the old IPA type. 2025-02-13 14:28:12 +00:00
Mathias Vorreiter Pedersen
75b6855769 C++: Move useful predicates from the old IPA type for the 'DefinitionExt' type. 2025-02-13 14:28:10 +00:00
Mathias Vorreiter Pedersen
f597ea99e1 C++: Delete the unnecessary IPA type of definitions. 2025-02-13 14:01:32 +00:00
Nicolas Will
874e3b5e06 Modify model to use newtypes, expand modeling 2025-02-12 17:58:15 +01:00
Anders Schack-Mulligen
0b5270979d SSA: Remove the need for ExitBasicBlock in SSA. 2025-02-10 14:36:18 +01:00
Nicolas Will
3dc28c2d17 Move language-agnostic model to shared library 2025-02-06 21:54:18 +01:00
Nicolas Will
cd70acde66 Merge pull request #1 from nicolaswill/brodes/experiments 
Concepts for elliptic curves and misc. updates.
 2025-02-06 14:43:09 +01:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00