hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,514 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.3
Commit Graph

3715 Commits

Author SHA1 Message Date
REDMOND\brodes
b56472436e Crypto: Alterations to OpenSSL cipher algorithms to use new fixed keysize predicate. 2025-05-20 10:36:56 -04:00
Ben Rodes
55119cf770 Merge branch 'main' into openssl_elliptic_curve_algorithm_instances_and_consumers 2025-05-19 15:50:00 -04:00
REDMOND\brodes
4309499c36 Switching to private imports. 2025-05-19 15:44:15 -04:00
REDMOND\brodes
03a6e134ba Crypto: Removed dead comment. 2025-05-19 13:51:42 -04:00
REDMOND\brodes
e5641eff23 Crypto: Typo fix 2025-05-19 13:50:41 -04:00
REDMOND\brodes
3e54e4d6b6 Crypto: Fixing typo. 2025-05-19 13:49:29 -04:00
REDMOND\brodes
d05d38f00c Crypto: Removing unused class field. 2025-05-19 13:48:15 -04:00
REDMOND\brodes
bbbdf89e46 Crypto: OpenSSL ellipitic curve algorithm instances and consumers. 2025-05-19 13:10:11 -04:00
REDMOND\brodes
309ad461a5 Quantum/Crypto: Adding Random.qll for OpenSSL into the general imports for the OpenSSL.qll model. 2025-05-19 10:56:17 -04:00
REDMOND\brodes
74271e4a17 Quantum/Crypto: To avoid ambiguity, altered OpenSSL EVP_Update_Call and EVP_Final_Call used for ciphers to explicitly say "Cipher", e.g., EVP_Cipher_Update_Call. This is also consistent with the new analogous digest operations. 2025-05-19 10:44:39 -04:00
REDMOND\brodes
97124745ad Quantum/Crypto:Adding interemediate hashing to the openssl (e.g., modeling final and update digest separately). 2025-05-19 10:43:32 -04:00
Jeroen Ketema
dfbe08d14c Merge pull request #19518 from jketema/depr 
C++/Swift: delete outdated deprecations
 2025-05-19 14:39:13 +02:00
Mathias Vorreiter Pedersen
adb74105fd Merge pull request #19511 from MathiasVP/as-expr-array-aggregate-literal 
C++: Make `node.asExpr() instanceof ArrayAggregateLiteral` satisfiable
 2025-05-19 12:47:28 +01:00
Napalys Klicius
673655e093 added change notes 2025-05-19 13:29:40 +02:00
Napalys Klicius
703aec1990 cpp: removed now unused predicate commandLineArg 2025-05-19 13:27:26 +02:00
Napalys Klicius
c74321a2ee all: used Erik's script to delete outdated deprecations 2025-05-19 13:26:08 +02:00
Jeroen Ketema
93517020ae Merge pull request #19515 from jketema/depr-rewrite 
C++: Do not use deprecated `hasLocationInfo` in `FlowTestCommon`
 2025-05-19 12:43:50 +02:00
Jeroen Ketema
757a4877e0 C++: Do not use deprecated hasLocationInfo in FlowTestCommon 2025-05-19 11:10:29 +02:00
Mathew Payne
9d2b46e3cd Merge branch 'main' into cpp-wmain 2025-05-19 08:52:56 +01:00
Mathias Vorreiter Pedersen
0eb55779fb C++: Add change note. 2025-05-16 20:30:21 +01:00
Mathias Vorreiter Pedersen
8e005a65bf C++: Fix missing 'asExpr' for array aggregate literals. 2025-05-16 20:12:58 +01:00
Mathew Payne
bbce0d0c65 Update cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-05-16 18:55:00 +01:00
GeekMasher
94fe9b692f feat(cpp): Add change notes 2025-05-16 18:35:50 +01:00
Mathias Vorreiter Pedersen
d7e07b0b2d Merge pull request #19492 from MathiasVP/add-cpp-models 
C++: Add summary models for `openssl` and `sqlite`
 2025-05-16 18:33:56 +01:00
Mathew Payne
c79a724f5d feat(cpp): Update FlowSources to add wmain 2025-05-16 18:21:44 +01:00
REDMOND\brodes
34f5e4e0c8 Adding cipher update modeling (model flow through update to final) 2025-05-16 11:23:19 -04:00
Mathias Vorreiter Pedersen
1d31a38362 C++: Regenerate the models for OpenSSL and sqlite after excluding tests in model-generation (sqlite is unaffected). 2025-05-16 13:53:16 +01:00
Mathias Vorreiter Pedersen
03d6633d41 Merge pull request #19501 from MathiasVP/as-expr-class-aggregate-literal 
C++: Make `node.asExpr() instanceof ClassAggregateLiteral` satisfiable
 2025-05-16 13:49:03 +01:00
Mathias Vorreiter Pedersen
560ffc0e9b C++: Regenerate the models for OpenSSL and sqlite after model-generation changes. 2025-05-16 13:33:59 +01:00
Mathias Vorreiter Pedersen
de31595cd2 C++: Add generated sqlite models. 2025-05-16 13:32:01 +01:00
Mathias Vorreiter Pedersen
0290b4369c C++: Add generated OpenSSL models. 2025-05-16 13:31:59 +01:00
Mathias Vorreiter Pedersen
e11ab0f125 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ExprNodes.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-16 12:06:25 +01:00
Mathias Vorreiter Pedersen
d31ddad832 C++: Small refactoring. 2025-05-15 18:04:57 +01:00
Mathias Vorreiter Pedersen
f731d0e630 C++: Add change note. 2025-05-15 17:39:51 +01:00
Mathias Vorreiter Pedersen
783560cff6 C++: Add a subclass of PostUpdateNodes and ensure that 'node.asExpr() instanceof ClassAggregateLiteral' holds for this new node subclass. 2025-05-15 17:23:32 +01:00
Mathias Vorreiter Pedersen
69a1a87aa4 C++: Update semantics of picking the static call target in dataflow. 2025-05-15 15:25:29 +01:00
Jeroen Ketema
401281331f C++: Fix IR edge case where there are no function calls taking an argument 2025-05-14 13:44:29 +02:00
github-actions[bot]
5f9dd75d7d Post-release preparation for codeql-cli-2.21.3 2025-05-13 21:49:43 +00:00
github-actions[bot]
2de4a01c86 Release preparation for version 2.21.3 2025-05-13 21:14:27 +00:00
Mathias Vorreiter Pedersen
fa7942393d Merge pull request #19477 from MathiasVP/fix-infinite-range-analysis-on-incomplete-ssa 
C++: Fix infinite range analysis loop on invalid SSA
 2025-05-13 16:59:11 +01:00
Mathias Vorreiter Pedersen
f255fc2fd5 C++: Drive-by join order fix. Before: 
```
Evaluated relational algebra for predicate SsaInternals::getDefImpl/1#1ed4f567@65628fbv with tuple counts:
          4935102  ~5%    {4} r1 = SCAN `SsaInternals::SsaImpl::Definition.definesAt/3#dispred#7eea4c8f` OUTPUT In.2, In.3, In.0, In.1
        104274503  ~1%    {3}    | JOIN WITH `SsaInternals::DefImpl.hasIndexInBlock/2#dispred#30a6c29f_120#join_rhs` ON FIRST 2 OUTPUT Rhs.2, Lhs.3, Lhs.2
          4921319  ~2%    {2}    | JOIN WITH `SsaInternals::DefImpl.getSourceVariable/0#dispred#72437659` ON FIRST 2 OUTPUT Lhs.2, Lhs.0
                          return r1
```
After:
```
Evaluated relational algebra for predicate SsaInternals::SsaImpl::Definition.definesAt/3#dispred#7eea4c8f_1230#join_rhs@b280fb5h with tuple counts:
        4935102  ~3%    {4} r1 = SCAN `SsaInternals::SsaImpl::Definition.definesAt/3#dispred#7eea4c8f` OUTPUT In.1, In.2, In.3, In.0
                        return r1

Evaluated relational algebra for predicate SsaInternals::DefImpl.hasIndexInBlock/3#dispred#31d295aa_1230#join_rhs@2be655s4 with tuple counts:
        5634706  ~1%    {4} r1 = SCAN `SsaInternals::DefImpl.hasIndexInBlock/3#dispred#31d295aa` OUTPUT In.1, In.2, In.3, In.0
                        return r1

Evaluated relational algebra for predicate SsaInternals::getDefImpl/1#1ed4f567@8afa36uu with tuple counts:
        4921319  ~2%    {2} r1 = JOIN `SsaInternals::SsaImpl::Definition.definesAt/3#dispred#7eea4c8f_1230#join_rhs` WITH `SsaInternals::DefImpl.hasIndexInBlock/3#dispred#31d295aa_1230#join_rhs` ON FIRST 3 OUTPUT Lhs.3, Rhs.3
                        return r1
```
 2025-05-13 14:21:28 +01:00
Mathias Vorreiter Pedersen
0836f0b413 C++: Cache and fix join order in 'hasIncompleteSsa'. 2025-05-13 13:41:15 +01:00
Mathias Vorreiter Pedersen
c3c18bdbd2 C++: Add change note. 2025-05-13 11:28:25 +01:00
Mathias Vorreiter Pedersen
9d2eb3d9b8 C++: Filter out instructions with incomplete SSA in range analysis. 2025-05-13 10:54:22 +01:00
Mathias Vorreiter Pedersen
510df38da2 C++: Add an 'hasIncompleteSsa' predicate to check whether a function has correctly modelled SSA information. 2025-05-13 10:54:20 +01:00
Mathias Vorreiter Pedersen
f1b4e05579 C++: Expose 'isBusyDef'. 2025-05-12 19:45:19 +01:00
Mathias Vorreiter Pedersen
e51cb478af C++: Expose 'MemoryLocation0'. 2025-05-12 19:43:19 +01:00
Nicolas Will
cd59ce5b04 Rename shared pack to quantum from experimental 2025-05-09 14:36:12 +02:00
Nicolas Will
1135fbe950 Fix EVP_Hash_Initializer typo 2025-05-08 02:58:43 +02:00
Nicolas Will
1d8a57e7da Fix EVP Cipher class, predicate, and comment typos 2025-05-08 02:56:52 +02:00