hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,404 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.1
Commit Graph

1888 Commits

Author SHA1 Message Date
Jeroen Ketema
718663415b C++: Stop flow from going through another source 
Without this we get confusing results:
```
    char *userAndFile = argv[2];
    char *fileName = argv[1];
    fopen(fileName, "wb+"); // Both argv[1] and argv[2] marked as source without
                            // this change.
```

While here add some more test cases.
 2022-11-29 10:52:57 +01:00
Jeroen Ketema
63334764d7 C++: Rewrite cpp/path-injection to not use DefaultTaintTracking 2022-11-29 10:52:57 +01:00
Jeroen Ketema
2ef13d1df7 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-29 10:43:01 +01:00
Jeroen Ketema
4607f5990e C++: Add more tests that exercise the default taint barrier implementation 2022-11-25 10:19:45 +01:00
Jeroen Ketema
223eeb6921 C++: Fix upper bound detection in default taint flow 2022-11-24 14:38:36 +01:00
Jeroen Ketema
6fa5fdfeb2 C++: Fix CWE-611 XXE query to work with use-use dataflow - take 2 
This commit ensures stack allocated parsers are also handled.
 2022-11-23 23:59:04 +01:00
Jeroen Ketema
30bdd25228 C++: Fix CWE-611 XXE query to work with use-use dataflow 2022-11-23 16:14:28 +01:00
Mathias Vorreiter Pedersen
349c5cd800 Merge pull request #11254 from MathiasVP/fix-ssa-flow 
C++: Fix spurious reference flow
 2022-11-23 09:52:28 +00:00
Jeroen Ketema
4731f9222c Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-22 10:53:24 +01:00
Mathias Vorreiter Pedersen
fc3d6a1847 Merge branch 'replace-ast-with-ir-use-usedataflow' into fix-ssa-flow 2022-11-21 20:57:24 +00:00
Mathias Vorreiter Pedersen
d1274e2769 C++: Accept more test changes. 2022-11-21 18:33:14 +00:00
Mathias Vorreiter Pedersen
ef6b85fa77 C++: Accept test changes. 2022-11-18 16:43:30 +00:00
Mathias Vorreiter Pedersen
aa385a293d C++: Accept test changes. 2022-11-16 23:00:00 +00:00
Mathias Vorreiter Pedersen
29f4b26280 Merge branch 'replace-ast-with-ir-use-usedataflow' into fix-ssa-flow 2022-11-16 16:09:35 +00:00
Mathias Vorreiter Pedersen
a9173727cf Merge branch 'replace-ast-with-ir-use-usedataflow' into fix-ssa-flow 2022-11-16 14:22:54 +00:00
Mathias Vorreiter Pedersen
4f2c2e6d5e C++: Accept test changes. 2022-11-16 14:05:54 +00:00
Mathias Vorreiter Pedersen
2cebd5c51d C++: Accept test changes. 2022-11-16 13:56:24 +00:00
Mathias Vorreiter Pedersen
1f43a1a924 Merge branch 'replace-ast-with-ir-use-usedataflow' into merge-some-indirect-and-instruction-nodes 2022-11-15 16:00:52 +00:00
Mathias Vorreiter Pedersen
16565401c7 C++: Reduce path duplication. 2022-11-14 15:29:57 +00:00
Mathias Vorreiter Pedersen
0c7f57e0c4 C++: Accept test changes. 2022-11-11 11:09:38 +00:00
Jeroen Ketema
0d27d63984 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-09 14:28:47 +01:00
Geoffrey White
d72ea52f68 C++: More accurate test tags. 2022-11-07 16:32:46 +00:00
Geoffrey White
55a7adff20 C++: Make the message clearer. 2022-11-07 16:32:45 +00:00
Geoffrey White
b911556896 C++: Add a test showing the motivation. 2022-11-07 16:17:32 +00:00
Jeroen Ketema
5732c3bca0 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-07 15:03:26 +01:00
Tom Hvitved
a533c95640 C++: Update expected test output 2022-11-03 15:52:30 +01:00
Mathias Vorreiter Pedersen
1ca7c5b97d Merge pull request #11091 from JarLob/assign 
Fix AV Rule 76
 2022-11-03 13:06:10 +00:00
Mathias Vorreiter Pedersen
5d5c64a58b C++: Accept test change. 2022-11-03 10:27:07 +00:00
Mathias Vorreiter Pedersen
18802a2883 Merge pull request #11042 from MathiasVP/simplify-buffer.qll 
C++: Simplify `buffer.qll` repair
 2022-11-03 09:18:39 +00:00
JarLob
3317223e19 Fix AV Rule 76 2022-11-02 22:50:25 +01:00
Dave Bartolomeo
9d5e5e3ee7 ${workspace} all the things 2022-11-01 13:29:05 -04:00
Mathias Vorreiter Pedersen
30f15473db C++: Use 'max' instead of 'unique.' 2022-11-01 16:55:45 +00:00
Jeroen Ketema
80ef3b39ff Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-10-31 18:26:34 +01:00
Jeroen Ketema
b43cbf7f95 Update cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-10-31 17:03:29 +01:00
Jeroen Ketema
abe9258943 C++: Add strcpy test for cpp/non-constant-format 2022-10-31 15:29:17 +01:00
Jeroen Ketema
83afc2a0ad C++: Add strcpy prototype to test 2022-10-31 15:25:35 +01:00
Mathias Vorreiter Pedersen
aa8214addf C++: Simplify 'Buffer.qll' by avoiding 'asIndirectExpr'. This removes the flow from 'x' to 'x++', which makes the whole library a lot simpler. 2022-10-30 12:58:53 +01:00
Mathias Vorreiter Pedersen
9888de8acb Merge branch 'replace-ast-with-ir-use-usedataflow' into rdmarsh2/repair-365-days-per-year 2022-10-28 13:48:12 +02:00
Mathias Vorreiter Pedersen
172261495f Merge branch 'replace-ast-with-ir-use-usedataflow' into fix-as-expr 2022-10-28 10:32:31 +02:00
Robert Marsh
a334dc9b2b C++: repair Adding365DaysPerYear.ql 2022-10-27 15:06:48 -04:00
Robert Marsh
b7e42e805b Merge pull request #10994 from rdmarsh2/rdmarsh2/return-cstr-repair 
C++: repair the ReturnCstr query
 2022-10-27 14:25:22 -04:00
Mathias Vorreiter Pedersen
2fc7e6159e C++: Accept test changes. 2022-10-27 12:12:34 +02:00
Mathias Vorreiter Pedersen
e43422a090 Merge pull request #10975 from rdmarsh2/rdmarsh2/inconsistent-loop-direction-repair 
C++: repair InconsistentLoopDirection
 2022-10-26 18:17:53 +02:00
Mathias Vorreiter Pedersen
562f052eb0 C++: Accept test changes. 2022-10-26 17:06:38 +02:00
Robert Marsh
de89b4c69f C++: repair the ReturnCstr query 2022-10-26 11:02:23 -04:00
Mathias Vorreiter Pedersen
4bcba16748 Merge pull request #10833 from MathiasVP/repair-badly-bounded-write-2 
C++: Prepare `Buffer.qll` for IR-based use-use dataflow
 2022-10-26 16:38:33 +02:00
Mathias Vorreiter Pedersen
2ba94f7c89 Merge pull request #10838 from MathiasVP/repair-cleartext-transmission-2 
C++: Prepare `cpp/cleartext-transmission` for IR-based use-use dataflow
 2022-10-26 13:43:56 +02:00
Robert Marsh
8a125d1ae5 C++: repair InconsistentLoopDirection 2022-10-25 13:34:08 -04:00
Mathias Vorreiter Pedersen
1bd48f8d02 Merge branch 'replace-ast-with-ir-use-usedataflow' into repair-cleartext-transmission-2 2022-10-25 14:27:33 +02:00
Mathias Vorreiter Pedersen
c8f81bc6b8 Merge branch 'replace-ast-with-ir-use-usedataflow' into repair-badly-bounded-write-2 2022-10-25 14:24:38 +02:00