hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,307 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.2
Commit Graph

5635 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
b85d3bc829 Merge branch 'main' into replace-ast-with-ir-use-usedataflow 2022-10-25 12:51:30 +02:00
Mathias Vorreiter Pedersen
a7d6f4ff19 C++: Fix pointer/pointee conflation and handle flow through '++' when tracking indirect flow. 2022-10-24 14:23:43 +02:00
Geoffrey White
dfe336cd33 C++: Autoformat tests. 2022-10-21 18:36:12 +01:00
Geoffrey White
0d030d2b13 C++: Fix FormatLiteral.getMaxConvertedLength bug. 2022-10-21 17:29:55 +01:00
Geoffrey White
06e86accac C++: Add a few cases to the formatLiteral test. 2022-10-21 17:29:28 +01:00
Geoffrey White
c8bf0d03a5 C++: Add formatAttribute test. 2022-10-21 17:29:27 +01:00
Geoffrey White
1376385abb C++: Add formatLiteral test. 2022-10-21 17:29:26 +01:00
Jeroen Ketema
4b5674af32 C++: Update test result after extractor changes 2022-10-20 22:18:32 +02:00
Geoffrey White
73f977c98c Merge pull request #10510 from geoffw0/staticfn 
C++: Fix FPs for cpp/unused-static-function in files that were not extracted completely
 2022-10-18 14:53:49 +01:00
Robert Marsh
500004dbe0 Merge pull request #10841 from MathiasVP/repair-command-line-injection-2 
C++: Prepare `cpp/command-line-injection` for IR-based use-use dataflow
 2022-10-17 13:42:32 -04:00
Robert Marsh
ccea372fd0 Merge pull request #10842 from MathiasVP/repair-non-constant-format-2 
C++: Prepare `cpp/non-constant-format` for IR-based use-use dataflow
 2022-10-17 13:39:56 -04:00
Geoffrey White
2b3ab180fa Merge pull request #10077 from intrigus-lgtm/cpp/wexpand-commmand-injection 
Add query for tainted `wordexp` calls.
 2022-10-17 11:18:38 +01:00
Jeroen Ketema
45a0b66f73 C++: Fix test after spelling fixes 2022-10-15 14:23:08 +02:00
Mathias Vorreiter Pedersen
e7b0536896 C++: Repair 'cpp/non-constant-format' in preparation for IR-based use-use dataflow. 2022-10-14 15:26:25 +02:00
Mathias Vorreiter Pedersen
b1f93b07c9 C++: Repair the 'cpp/command-line-injection' query in preparation for IR-based use-use dataflow. 2022-10-14 15:11:41 +02:00
Mathias Vorreiter Pedersen
00a25dbe45 C++: Accept test changes. 2022-10-14 15:01:31 +02:00
Mathias Vorreiter Pedersen
7ad781e91c C++: Repair the 'cpp/cleartext-transmission' query in preparation for IR-based use-use dataflow. 2022-10-14 14:37:59 +02:00
Mathias Vorreiter Pedersen
49f39d7602 C++: Accept test changes. 2022-10-14 12:35:46 +02:00
Mathias Vorreiter Pedersen
4c5953fce0 C++: Accept query-test changes. 2022-10-14 10:14:52 +02:00
Mathias Vorreiter Pedersen
373c849b18 C++: Accept library-test changes 2022-10-14 10:14:52 +02:00
Mathias Vorreiter Pedersen
41cbef81ec C++: Replace AST dataflow with IR dataflow. 2022-10-14 10:14:52 +02:00
Nora Dimitrijević
949d3e13fe Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-10-12 13:25:22 +02:00
Nora Dimitrijević
93c01371c3 C++: no parens in select message 
Debatable; see comment thread in PR.
 2022-10-12 13:01:37 +02:00
Geoffrey White
fd571538fb Merge pull request #10706 from geoffw0/vaheuristic 
C++: Tune cpp/unterminated-variadic-call
 2022-10-10 13:39:40 +01:00
erik-krogh
66c9705502 fix some more style-guide violations in the alert-messages 2022-10-07 11:19:46 +02:00
Mathias Vorreiter Pedersen
a856bc8678 Merge pull request #10562 from rdmarsh2/rdmarsh2/cpp/field-off-by-one 
C++: prototype for off-by-one in array-typed field
 2022-10-06 11:04:12 +01:00
Geoffrey White
3f78a244b9 C++: Make the tests use more repetitions. 2022-10-06 09:14:24 +01:00
Geoffrey White
9a365d83cf C++: Tighten up the heuristic in cpp/unterminated-variadic-call. 2022-10-06 09:14:16 +01:00
Nora Dimitrijević
ec2549a38b Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-10-05 12:02:12 +02:00
Robert Marsh
98f4caf76f Merge pull request #10645 from MathiasVP/add-more-range-analysis-tests 
C++: Port SimpleRangeAnalysis tests to the new range-analysis
 2022-10-03 14:34:56 -04:00
Mathias Vorreiter Pedersen
cd65e73ade C++: Fix database inconsistency issue from ODR violation. 2022-09-30 17:04:23 +01:00
Robert Marsh
8ac8101a75 C++: convert to path-problem 2022-09-30 11:35:02 -04:00
Robert Marsh
423e0bf99a C++: respond to style comments on PR 2022-09-30 11:27:14 -04:00
Mathias Vorreiter Pedersen
56b5010f6b C++: Convert the SimpleRangeAnalysis test to an InlineExpectationsTest. 2022-09-30 14:23:18 +01:00
Mathias Vorreiter Pedersen
d14b2c2880 C++: Put quotes around expectation comments with spaces. 2022-09-30 14:23:18 +01:00
Mathias Vorreiter Pedersen
c4c7c95db2 C++: Add SimpleRangeAnalysis test file to the new range-analysis library test directory. 2022-09-30 14:23:14 +01:00
Nora Dimitrijević
28606c561d C++: Simplify normalizeExpr 
This has a comparable but different set of FPs as the previous version.
But arguably it's an improvement.
 2022-09-30 14:35:54 +02:00
Nora Dimitrijević
c37c6a004e Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-09-30 00:28:33 +02:00
Nora Dimitrijević
6eac4f52d9 C++: Accept Test Output 
Some tricky FPs are preserved in there.
 2022-09-30 00:13:23 +02:00
Robert Marsh
f17b563692 C++: handle interprocedural flows 
This currently copy-pastes some predicates from InvalidPointerDeref.ql.
Those should be moved to a library file in a followup
 2022-09-29 16:09:48 -04:00
Robert Marsh
99d7512881 C++: tests for constant-size off-by-one query 2022-09-29 13:33:13 -04:00
Nora Dimitrijević
891bc342be C++: Fix another implicit/explicit this FP 2022-09-29 18:42:23 +02:00
Nora Dimitrijević
28bd591107 C++: Fix explicit this-> FP. 2022-09-29 17:04:11 +02:00
Nora Dimitrijević
29d7c0e21b C++: Exclude commas in if-conditions. 2022-09-29 16:29:57 +02:00
Nora Dimitrijević
64903336f7 C++: Exclude all parenthesized CommaExprs. 2022-09-29 15:49:29 +02:00
Mathias Vorreiter Pedersen
4e3b445515 C++: Accept test changes. 2022-09-29 13:35:23 +01:00
Mathias Vorreiter Pedersen
6537c817ef C++: Add more CWE-199 tests that allocates memory based on the result of a SubExpr. 2022-09-29 13:31:34 +01:00
Nora Dimitrijević
909b36a078 C++: Fix implicit-this FP, uncovered non-funptr FP 2022-09-29 13:14:36 +02:00
Nora Dimitrijević
19a9c5d7d3 C++: Identified another real-life FP 2022-09-28 21:19:45 +02:00
Nora Dimitrijević
96c73bcb19 C++: Fix FP: bad Location for FieldAccess exprs 2022-09-28 20:37:22 +02:00