hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,688 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.0
Commit Graph

13261 Commits

Author SHA1 Message Date
Dave Bartolomeo
ce99f469a9 Update cpp/ql/src/Likely Bugs/Likely Typos/illDefinedForLoop.ql 2018-10-18 12:02:06 -07:00
Anders Schack-Mulligen
0b46ffa7d7 Java/CPP: Sync files. 2018-10-18 15:10:23 +02:00
Anders Schack-Mulligen
bf58b6c9ab Java: Remove self-ref tracking; improve AccessPath.toString on numbers. 2018-10-18 15:05:04 +02:00
Ian Lynagh
ef1552339e C++: Enhance MagicConstantsNumbers test 2018-10-18 12:36:42 +01:00
Ian Lynagh
894a37ccda C++: Accept test changes 2018-10-18 12:36:42 +01:00
Ian Lynagh
1b7961367a C++: Enhance a test 2018-10-18 12:36:42 +01:00
Raul Garcia
739804acb2 CPP : Ill-defined for-loop (C6293) 
Superset of C6293, it looks for a mismatch between the initialization statement && condition and the direction of the iteration expression in a for loop.
 2018-10-17 16:24:34 -07:00
Robert Marsh
b40219bb01 C++: add good example for DeadCodeGoto 2018-10-17 11:58:51 -07:00
Robert Marsh
17537bb88b C++: respond to doc comments 2018-10-17 11:57:54 -07:00
Geoffrey White
6e10f39612 Merge pull request #319 from raulgarciamsft/users/raulga/c6277 
C++ : NULL application name with an unquoted path in call to CreateProcess
 2018-10-17 17:36:59 +01:00
Geoffrey White
b8d7292b46 CPP: Speed up startsWithIfndef. 2018-10-17 15:26:05 +01:00
Geoffrey White
757107660f CPP: Give the query a precision. 2018-10-17 13:25:44 +01:00
Geoffrey White
48c56cf744 CPP: Remove PointsTo. 2018-10-17 13:25:43 +01:00
Geoffrey White
99374301b8 CPP: Use taint library. 2018-10-17 13:25:43 +01:00
Geoffrey White
e77f3eb5b8 CPP: Simplify slightly. 2018-10-17 13:25:43 +01:00
Geoffrey White
939a836393 CPP: Add some comments. 2018-10-17 13:25:43 +01:00
Geoffrey White
f85889d052 CPP: Fix the example code. 2018-10-17 13:25:43 +01:00
Tom Hvitved
58a0815033 Merge remote-tracking branch 'upstream/master' into mergeback-2018-10-17 2018-10-17 13:24:37 +02:00
Robert Marsh
61f338449c C++: Change note and precision for DeadCodeGoto.ql 2018-10-16 15:40:59 -07:00
Robert Marsh
73cae5390e C++: new query for dead code after goto or break 2018-10-16 15:37:06 -07:00
Raul Garcia
7ab723ae79 Fixing typos & incorporating feedback. 
(MSFT feedback) Adding a new tag in the header @msrc.severity important
 2018-10-16 10:00:51 -07:00
semmle-qlci
6172c95e60 Merge pull request #320 from geoffw0/deprecated 
Approved by yh-semmle
 2018-10-16 15:45:06 +01:00
Raul Garcia
22d54801e5 Removed one false-positive scenario (no space on lpCommandLine) 
Improved the query to avoid multiple calls to hasGlobalName
Fixed typos
Simplified the test case file
 2018-10-15 15:53:02 -07:00
Raul Garcia
cd5e788aa7 Update UnsafeCreateProcessCall.ql 2018-10-15 13:41:21 -07:00
Raul Garcia
1d853691eb Update UnsafeCreateProcessCall.qhelp 2018-10-15 13:40:40 -07:00
Raul Garcia
b8f8c99529 Update UnsafeCreateProcessCall.qhelp 2018-10-15 13:39:46 -07:00
Geoffrey White
ff34ae2a46 CPP: Add deprecated metadata. 2018-10-15 08:56:49 +01:00
Raul Garcia
242d40369b Merge branch 'master' into users/raulga/c6277 2018-10-12 15:59:54 -07:00
Raul Garcia
85283d63ce C++ : NULL application name with an unquoted path in call to CreateProcess 
Calling a function of the CreatePorcess* family of functions, which may result in a security vulnerability if the path contains spaces.
 2018-10-12 15:57:01 -07:00
semmle-qlci
a8be7f2434 Merge pull request #312 from aschackmull/java/autoformat-libs 
Approved by yh-semmle
 2018-10-12 20:02:52 +01:00
Geoffrey White
a9b55534b4 CPP: Speed up phi_node > frontier_phi_node > ssa_defn recursion. 2018-10-12 18:11:53 +01:00
Anders Schack-Mulligen
f341aa79a3 Java/C: Sync dataflow copies. 2018-10-12 13:40:32 +02:00
Geoffrey White
6fc5ff53d7 CPP: Speed up getBufferSize. 2018-10-12 12:34:22 +01:00
Geoffrey White
3b8c72bf1e Merge pull request #303 from jbj/UnsignedGEZero-templates 
C++: Suppress UnsignedGEZero.ql in template instantiations
 2018-10-12 09:43:48 +01:00
Geoffrey White
9d5e674fc5 CPP: Fix hasXMacro performance. 2018-10-11 16:42:36 +01:00
Tom Hvitved
b29b314f4e Merge remote-tracking branch 'upstream/master' into mergeback-2018-10-11 2018-10-11 14:36:44 +02:00
Felicity Chapman
e2629728ba Merge pull request #235 from jbj/hresult-boolean-qhelp 
C++: Finalise docs for cpp/hresult-boolean-conversion and cpp/unsafe-dacl-security-descriptor
 2018-10-11 11:02:17 +01:00
Jonas Jensen
a10c3bcffb C++: Suppress UnsignedGEZero in template inst. 
It still runs on uninstantiated templates because its underlying
libraries do. It's not clear whether that leads to other false
positives, but that's independent of the change I'm making here.
 2018-10-10 17:06:24 +02:00
Jonas Jensen
383dafac5c C++: Test for UnsignedGEZero with templates 2018-10-10 17:04:35 +02:00
Jonas Jensen
3e022ad36f Merge pull request #270 from geoffw0/negindex 
CPP: Improvements to Buffer.qll
 2018-10-10 14:59:41 +02:00
Jonas Jensen
4b59c0cb80 Merge branch 'master' into hresult-boolean-qhelp 2018-10-09 14:56:58 +02:00
Geoffrey White
8163def3ae CPP: Alter the dataflow case. 2018-10-08 15:45:17 +01:00
Geoffrey White
8ab830f21c CPP: Allow multiple dataflow sources. 2018-10-08 15:45:17 +01:00
Geoffrey White
fe6c9f9ea2 CPP: Stricter dataflow in getBufferSize. 2018-10-08 15:45:17 +01:00
Geoffrey White
beb21f92d3 CPP: Separate the dataflow case from dynamic allocation. 2018-10-08 15:45:17 +01:00
Geoffrey White
ef8ca5de58 CPP: Replace def-use with dataflow in getBufferSize. 2018-10-08 15:45:17 +01:00
Geoffrey White
c747f24b39 CPP: Fix the initialized array case in getBufferSize. 2018-10-08 15:45:17 +01:00
Tom Hvitved
ccebd5eb11 Merge remote-tracking branch 'upstream/master' into mergeback-2018-10-08 2018-10-08 16:23:29 +02:00
Pavel Avgustinov
2904ebb8a3 Merge pull request #291 from jbj/mergeback-20181008 
Mergeback rc/1.18 to master
 2018-10-08 13:56:50 +01:00
Jonas Jensen
4e25929f82 Merge pull request #288 from geoffw0/widechartype 
CPP: Address Widechartype / WChar_t
 2018-10-08 13:46:28 +02:00