hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,000 Commits 1,672 Branches 157 Tags
codeql-cli-2.21.3
Commit Graph

13116 Commits

Author SHA1 Message Date
Tom Hvitved
acc7d5298d Data flow: Sync files 2019-11-20 14:10:02 +01:00
Tom Hvitved
6c0dbcfca2 Java/C++: Add DataFlowErasedType aliases 2019-11-20 14:09:53 +01:00
Jonas Jensen
4dafa16572 C++: Fix FP on unevaluated code 
This fixes false positives on tenzir/vast.
 2019-11-20 10:42:36 +01:00
Geoffrey White
9cf819929d Merge pull request #2383 from jbj/field-isStatic 
C++: Don't check if a Field is static
 2019-11-20 09:05:03 +00:00
Robert Marsh
53709deb9d Merge pull request #2342 from jbj/overflow-doc-fixes 
C++: Signed Overflow Check qhelp improvements
 2019-11-19 15:37:52 -08:00
Jonas Jensen
a1af96e521 C++: Reproduce a reported FP 2019-11-19 16:17:49 +01:00
Jonas Jensen
c41114334f Merge remote-tracking branch 'upstream/master' into ir-dataflow-toString 
Solved conflicts in `*.expected` by re-running the tests.
 2019-11-19 14:27:27 +01:00
Jonas Jensen
fbf2ef8625 C++: Don't check if a Field is static 
A `Field` in the C++ QL libraries can't be static, but I'd for some
reason written two checks for `Field`s being static in the data-flow
library.
 2019-11-19 13:20:21 +01:00
Jonas Jensen
b43cbeb17f Merge pull request #2372 from geoffw0/qhelpms 
CPP: Improve TlsSettingsMisconfiguration qhelp
 2019-11-19 13:05:52 +01:00
Jonas Jensen
466f7fe6b2 C++: Use <ol> for recommendations 2019-11-19 12:57:02 +01:00
Jonas Jensen
4d97534308 C++: Deprecate LocalScopeVariableReachability 2019-11-19 11:43:41 +01:00
Jonas Jensen
1498499994 C++: Relax type in two tests 2019-11-19 11:31:34 +01:00
Jonas Jensen
f5b9837e19 C++: Use StackVariable in Nullness.qll 
This might cause fewer variables to be analysed because not every use of
`LocalScopeVariable` was constrained by the def-use library. Hopefully
this leads to an improved nullness analysis since it avoids treating
`static T *x = nullptr;` the same as `static T *x; x = nullptr;`.
 2019-11-19 11:31:34 +01:00
Jonas Jensen
140575ee71 C++: Use StackVariable where SSA/def-use are used 
These changes should not affect semantics since these uses of
`LocalScopeVariable` were already constrained to stack variables by
their use of SSA or def-use.
 2019-11-19 11:31:34 +01:00
Jonas Jensen
6f9ec0409e C++: Use StackVariable in code that uses RangeSSA 2019-11-19 11:31:33 +01:00
Jonas Jensen
29f66ff095 C++: Use StackVariable, remove not v.isStatic() 
In these files it was possible to remove calls to `isStatic` by
switching from `LocalScopeVariable` to `StackVariable`. This changes
semantics, hopefully for the better, to treat `thread_local` locals the
same as `static` locals.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
e57f98ca64 C++: Use StackVariable in def-use libraries 
Most of the implementation was already in terms of
`SemanticStackVariable`, so not much should have changed.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
95a333d28c C++: Use StackVariable in SSA libraries 
This means we'll no longer get SSA definitions for thread-local
local-scope variables.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
c1ed908834 C++: Use StackVariableReachability 
This library is a drop-in replacement for
`LocalScopeVariableReachability`, so no changes are expected.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
01ca63ae92 C++: Bring back StackVariableReachability.qll 
This is now a copy of `LocalScopeVariableReachability.qll`, just with
`s/LocalScopeVariable/StackVariable/g`. It can be used as a drop-in
replacement since the `LocalScopeVariableReachability.qll` library
implementation was already restricted to `SemanticStackVariable`.
 2019-11-19 11:30:59 +01:00
Jonas Jensen
8110039e0a C++: Bring back the StackVariable QL class 
The new `StackVariable` class actually denotes what its name suggests.
 2019-11-19 11:23:34 +01:00
Robert Marsh
ae47eab727 C++: autoformat 2019-11-18 15:36:08 -08:00
Calum Grant
b9d1c38753 Merge pull request #2371 from max-schaefer/rc/1.23 
Merge rc/1.23 into master
 2019-11-18 14:15:31 +00:00
Nick Rolfe
9828315b6e Merge pull request #2033 from ian-semmle/edg 
C++: Changes following EDG upgrade
 2019-11-18 12:46:11 +00:00
Geoffrey White
ff15c01ab9 CPP: Comma. 2019-11-18 11:51:54 +00:00
Geoffrey White
9a53706e87 CPP: Reword TlsSettingsMisconfiguration.qhelp. 2019-11-18 11:49:28 +00:00
Geoffrey White
2789c2dbac CPP: Fix typos. 2019-11-18 11:48:13 +00:00
Jonas Jensen
74ca0e428d Merge pull request #2334 from rdmarsh2/rdmarsh/cpp/reword-pointeroverflow-qhelp 
C++: simplify PointerOverflow.qhelp
 2019-11-18 08:37:19 +01:00
Robert Marsh
180a3c9f26 C++: accept test changes 2019-11-15 11:01:18 -08:00
Robert Marsh
85314c42a9 Update cpp/ql/src/Likely Bugs/Memory Management/PointerOverflow.qhelp 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2019-11-15 10:38:58 -08:00
yh-semmle
de65f023d6 Merge pull request #2167 from aschackmull/java/dataflow-out-of-arg-refactor 
Java/C++/C#: Refactor dataflow to simplify return flow.
 2019-11-15 11:10:06 -05:00
Ian Lynagh
4442fd8407 C++: Accept changes to syntax-zoo tests 2019-11-15 14:42:36 +00:00
Ian Lynagh
2cf714a923 C++: Follow changes in lambda locations 2019-11-15 14:42:36 +00:00
Ian Lynagh
8e00516ecf C++: Accept changes in ir test 2019-11-15 14:42:36 +00:00
Jonas Jensen
7d7d166113 C++: Remove whitespace at end of line 2019-11-15 11:21:08 +01:00
Jonas Jensen
6bdfebea96 C++: Rename i to n1 in all examples 
I see no reason why the Recommendation and Example sections should use
different variable names for the same thing.
 2019-11-15 11:20:00 +01:00
Jonas Jensen
9b89602a86 C++: Make var name in qhelp match source snippet 2019-11-15 11:16:34 +01:00
Jonas Jensen
7485cc76b2 C++: Edit Recommendation section 
1. The two last examples were misleading at best. The first of those two
   recommended casting to non-negative `int`s to `unsigned int` and then
   checking if their addition would overflow, but overflow was
   impossible because their sum (on 32-bit two's complement) could be at
   most 2^32 - 2. The second example could lead to the wrong condition
   (unsigned overflow) being checked if taken literally. Instead of
   keeping that example, I reworeded the first paragraph of the
   Recommendation section.
2. The assumptions about `delta` being positive was relaxed to
   non-negative.
3. There was no need to assume that an unsigned short was non-negative.
4. Some of the suggestions were missing `i >`.
 2019-11-15 11:05:00 +01:00
Jonas Jensen
73d9cc2e7b Merge pull request #2309 from geoffw0/cpp418 
CPP: QLDoc enhancements
 2019-11-15 08:46:08 +01:00
Robert Marsh
562f62879f C++: rename variables in PointerOverflow examples 2019-11-14 15:21:26 -08:00
Robert Marsh
c6d848caf9 C++: simplify PointerOverflow.qhelp 2019-11-14 15:11:39 -08:00
Dave Bartolomeo
81262d5948 Merge pull request #2328 from geoffw0/routinetest 
CPP: Add a quick test of RoutineType.
 2019-11-14 15:49:13 -07:00
Robert Marsh
facbd32062 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-11-14 11:09:13 -08:00
Robert Marsh
2fb1d4d1b1 C++: fix IR return block successors 2019-11-14 10:29:48 -08:00
Geoffrey White
7408726f41 Merge pull request #2312 from jbj/pointer-wraparound-query 
C++: New query: Pointer overflow check
 2019-11-14 16:13:04 +00:00
Geoffrey White
f2b7af7437 CPP: Add example code for RoutineType. 2019-11-14 15:25:00 +00:00
Geoffrey White
dc34fa366c CPP: Add a test of RoutineType. 2019-11-14 15:13:52 +00:00
Nick Rolfe
f5513342d6 C++: add missing backtick in qldoc comment 2019-11-14 13:20:41 +00:00
Geoffrey White
beb3602253 Update cpp/ql/src/semmle/code/cpp/exprs/BuiltInOperations.qll 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2019-11-14 12:49:02 +00:00
Geoffrey White
6724632413 Update cpp/ql/src/semmle/code/cpp/exprs/BuiltInOperations.qll 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2019-11-14 12:48:50 +00:00