5635 Commits

Author	SHA1	Message	Date
ihsinme	a2836dc72a	Update test.cpp	2022-12-18 00:38:32 +03:00
ihsinme	945cdef18d	Update DivideByZeroUsingReturnValue.expected	2022-12-18 00:35:28 +03:00
Robert Marsh	df7a4ac093	Merge pull request #11722 from MathiasVP/make-buffer.qll-unique-again ... C++: Use `unique` in `getBufferSize`	2022-12-16 15:00:18 -05:00
Mathias Vorreiter Pedersen	c09ed10d33	Merge pull request #11727 from MathiasVP/fix-crement-and-assign-op-dataflow-mappings ... C++: Fix `DataFlow <-> Expr` mappings for `CrementOperation` and `AssignOperation`	2022-12-16 17:05:13 +00:00
Mathias Vorreiter Pedersen	33649ed7d3	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-16 17:02:06 +00:00
Mathias Vorreiter Pedersen	a7aa1a7d8b	C++: Accept more test changes	2022-12-16 16:04:35 +00:00
Jeroen Ketema	32800bca96	Merge pull request #11680 from jketema/predefined-typedef-for-float ... C++: Update tests after frontend changes	2022-12-16 15:21:58 +01:00
Mathias Vorreiter Pedersen	45f69be94c	C++: Accept test changes	2022-12-16 14:14:58 +00:00
Mathias Vorreiter Pedersen	2de2887ebb	C++: Accept test changes	2022-12-16 13:27:08 +00:00
Mathias Vorreiter Pedersen	81de93da2d	C++: Accept test changes	2022-12-16 12:58:53 +00:00
Mathias Vorreiter Pedersen	a36afc6bff	C++: Accept more test changes.	2022-12-15 13:29:05 +00:00
Mathias Vorreiter Pedersen	cb47bdd9fd	C++: Accept test changes.	2022-12-15 11:55:25 +00:00
Jeroen Ketema	4fb43d56b3	C++: Exclude deallocation functions as scanf result accesses	2022-12-15 09:39:16 +01:00
Jeroen Ketema	31b4dda7bd	Merge pull request #11687 from jketema/tainted-path-use-use ... C++: Make `cpp/path-injection` work with use-use dataflow	2022-12-14 18:06:05 +01:00
Mathias Vorreiter Pedersen	22b04af0fa	Merge pull request #11658 from MathiasVP/uncertain-writes ... C++: Flow through uncertain writes	2022-12-14 15:26:28 +00:00
Jeroen Ketema	bb256514c0	Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-14 15:52:20 +01:00
Erik Krogh Kristensen	7615668f92	Merge pull request #11662 from erik-krogh/c-useInstanceOf ... Swift/C++: Use instanceof in more places	2022-12-14 14:30:21 +01:00
Jeroen Ketema	4075f693bd	C++: Make cpp/path-injection work with use-use dataflow	2022-12-14 13:38:55 +01:00
Jeroen Ketema	19fb73ce24	C++: Update tests after frontend changes	2022-12-13 19:52:59 +01:00
Jeroen Ketema	3be0b3e6c7	C++: Recognize indirect argv accesses as flow sources for use-use dataflow ... This fixes the test regression on `cpp/command-line-injection`.	2022-12-13 16:18:17 +01:00
Tom Hvitved	cfcb3a60ba	C++: Update expected test output	2022-12-13 09:53:01 +01:00
Jeroen Ketema	18dea55071	C++: Fix cpp/alloca-in-loop regressions with use-use dataflow	2022-12-12 19:15:50 +01:00
erik-krogh	698e05f85a	Swift/C++: Use instanceof in more places	2022-12-12 16:58:13 +01:00
Mathias Vorreiter Pedersen	a161dddbbf	C++: Accept test changes. These happen because these remote flow sources specify that the remote source is both 'isReturnValue' and 'isReturnValueDeref'.	2022-12-12 13:39:09 +00:00
Mathias Vorreiter Pedersen	8722fb2cf5	C++: Accept test changes.	2022-12-12 10:54:40 +00:00
Mathias Vorreiter Pedersen	2999243e34	C++: Add failing IR dataflow testcase.	2022-12-12 10:42:59 +00:00
Jeroen Ketema	b2091e8632	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-12 11:40:36 +01:00
Jeroen Ketema	beb66d027e	C++: Use FlowSource in cpp/path-injection	2022-12-10 20:27:56 +01:00
Jeroen Ketema	ce92ba640a	C++: Accept test changes	2022-12-09 23:38:03 +01:00
Mathias Vorreiter Pedersen	1169c1b898	C++: Accept test changes caused by the new consitency check.	2022-12-09 09:20:29 +00:00
Jeroen Ketema	ec0ce56269	C++: Model getaddrinfo as flow source	2022-12-08 19:20:11 +01:00
Robert Marsh	f235b991db	Merge pull request #11374 from MathiasVP/indirect-outnodes-are-post-update-nodes ... C++: Field flow through reference-returning functions	2022-12-08 10:46:19 -05:00
Jeroen Ketema	b216c79992	C++: Accept test changes	2022-12-08 15:22:41 +01:00
Jeroen Ketema	f35b7f8fe8	C++: Model scanf and fscanf as flow sources	2022-12-08 15:22:41 +01:00
Mathias Vorreiter Pedersen	0a1097d735	C++: Accept test changes to 'sources-and-sinks.cpp'.	2022-12-08 13:17:35 +00:00
Mathias Vorreiter Pedersen	4fd6ac5657	Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-12-08 13:10:18 +00:00
Jeroen Ketema	a6bc9fd10f	Merge pull request #11591 from jketema/getenv ... C++: Model `secure_getenv` and `_wgetenv` as local flow sources	2022-12-08 10:44:28 +01:00
Jeroen Ketema	a2dac3a41e	C++: Move remote flow sink test and also handle local and remote sinks	2022-12-08 09:36:19 +01:00
Jeroen Ketema	b5147bbfb0	C++: Deprecate DefaultTaintTracking and TaintTrackingImpl	2022-12-06 17:45:16 +01:00
Mathias Vorreiter Pedersen	2c500142c7	Merge pull request #11435 from jketema/rewrite-tainted-path ... C++: Rewrite `cpp/path-injection` to not use `DefaultTaintTracking`	2022-12-06 14:54:57 +00:00
Jeroen Ketema	5637d573c1	C++: Add test case that is no longer detected after latest changes	2022-12-06 08:31:22 +01:00
Jeroen Ketema	6dbc59d5b5	C++: Simplify isSink based on reviewer comments	2022-12-05 23:23:08 +01:00
Tom Hvitved	7972db68bc	C++: Update expected test output	2022-12-05 17:07:32 +01:00
Jeroen Ketema	d3cccca7f1	C++: Filter duplicate (source, sink)-pairs	2022-11-29 11:17:39 +01:00
Jeroen Ketema	378206ae7d	C++: Stop taint from flowing to arithmetic types ... These are not likely to give the user much control over what can be accessed.	2022-11-29 11:15:28 +01:00
Jeroen Ketema	718663415b	C++: Stop flow from going through another source ... Without this we get confusing results: ``` char *userAndFile = argv[2]; char *fileName = argv[1]; fopen(fileName, "wb+"); // Both argv[1] and argv[2] marked as source without // this change. ``` While here add some more test cases.	2022-11-29 10:52:57 +01:00
Jeroen Ketema	63334764d7	C++: Rewrite cpp/path-injection to not use DefaultTaintTracking	2022-11-29 10:52:57 +01:00
Jeroen Ketema	2ef13d1df7	Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow	2022-11-29 10:43:01 +01:00
Jeroen Ketema	4607f5990e	C++: Add more tests that exercise the default taint barrier implementation	2022-11-25 10:19:45 +01:00
Jeroen Ketema	223eeb6921	C++: Fix upper bound detection in default taint flow	2022-11-24 14:38:36 +01:00