hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,514 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.3
Commit Graph

3715 Commits

Author SHA1 Message Date
REDMOND\brodes
6a4659fc7e Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5()) 2025-03-10 11:33:46 -04:00
REDMOND\brodes
3316d6135d Ctx flow comments. 2025-03-10 11:32:14 -04:00
Mathias Vorreiter Pedersen
b06902a3b1 C++: Share more indirect operands and instructions. 2025-03-07 19:59:05 +00:00
REDMOND\brodes
bac0a635f9 Initial hash models for openssl. 2025-03-07 14:24:01 -05:00
REDMOND\brodes
32d29ffde3 Changed casing on TCipherType, Added some initial fixes for hash support, started developing openssl hashing modeling. 2025-03-07 10:02:36 -05:00
REDMOND\brodes
6083df2b7f Completed tying algorithm instances to consumers. Now the model should have known literals for cipher instances, and it traces those instances to consumers (inits) and those inits are traced to cipher operations. 2025-03-05 15:48:08 -05:00
REDMOND\brodes
de3ff45cba Misc updates for OpenSSL modeling to trace algorithm literals to known alg getters, and converting the literal to a TCipherType. 2025-03-05 15:17:52 -05:00
Mathias Vorreiter Pedersen
38bf9c6835 Merge pull request #18908 from aschackmull/cpp/branchlimit-adjustment-refactor 
C++: Change countNumberOfBranchesUsingParameter to match qldoc closer.
 2025-03-05 11:21:38 +00:00
REDMOND\brodes
cce5f24b38 Initial OpenSSL modeling work. 2025-03-04 15:52:57 -05:00
github-actions[bot]
58f355ae5a Post-release preparation for codeql-cli-2.20.6 2025-03-03 18:18:15 +00:00
github-actions[bot]
fa850cccb1 Release preparation for version 2.20.6 2025-03-03 17:13:19 +00:00
Geoffrey White
7f56c67544 Merge pull request #18837 from geoffw0/overflowbuffer 
C++: Improve and promote cpp/overflow-buffer
 2025-03-03 14:17:12 +00:00
Anders Schack-Mulligen
5d91f2e119 C++: Change countNumberOfBranchesUsingParameter to match qldoc closer. 2025-03-03 15:14:28 +01:00
Geoffrey White
7169c4be48 C++: Another attempt to make the fix more solid. I believe it can't produce negative numbers now. 2025-02-28 14:21:58 +00:00
Geoffrey White
998bec1efb C++: Fix the bug. 2025-02-27 21:24:07 +00:00
Geoffrey White
1354bebd7c C++: Fix an issue with padding. 2025-02-26 17:43:25 +00:00
Geoffrey White
a7ac6b137b C++: Second change note. 2025-02-25 17:02:23 +00:00
Geoffrey White
7d7498ee32 C++: Avoid problems when a variable has multiple types. 2025-02-25 16:55:13 +00:00
Geoffrey White
812315df27 C++: Use existing getSize / getRootType to find more generous bounds for arrays inside classes (though it sometimes fails, costing us TPs). 2025-02-25 16:29:49 +00:00
Jeroen Ketema
7eca4b4d82 C++: Fix join-order problem with isBefore 
Reported here: https://github.com/github/codeql/issues/17743

Without this change on the query provided by the user:
```
[2025-02-25 12:42:01] Evaluated non-recursive predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@c668c8tv in 23846ms (size: 20381473).
Evaluated relational algebra for predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@c668c8tv with tuple counts:
                 1   ~0%    {0} r1 = CONSTANT()[]
             27323   ~0%    {2}    | JOIN WITH `Location::Location.getEndLine/0#dispred#83af84ae#bf` CARTESIAN PRODUCT OUTPUT Rhs.0, Rhs.1
        6162566035   ~0%    {4}    | JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` CARTESIAN PRODUCT OUTPUT Lhs.0, Lhs.1, Rhs.0, Rhs.1
                            {4}    | REWRITE WITH TEST InOut.1 < InOut.3
        3894825644   ~5%    {2}    | SCAN OUTPUT In.2, In.0
          73148692   ~0%    {3}    | JOIN WITH fun_decls_40#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Rhs.1
          73148692   ~0%    {4}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0, Lhs.2
            864579   ~0%    {2}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 2 OUTPUT Lhs.2, Lhs.3
          13010742   ~1%    {2}    | JOIN WITH macroinvocations_20#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          20653781   ~0%    {3}    | JOIN WITH `Macro::MacroAccess.getOutermostMacroAccess/0#d58b05db_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1
          20653781   ~4%    {3}    | REWRITE WITH Out.1 := 1
          20381473   ~8%    {2}    | JOIN WITH macroinvocations_03#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2
                            return r1
```

With this change:
```
[2025-02-25 12:43:10] Evaluated non-recursive predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@11bf8956 in 928ms (size: 20381473).
Evaluated relational algebra for predicate quickquery::UnrealFunctionAnnotation.annotates/1#dispred#9cd6c269@11bf8956 with tuple counts:
            6873   ~3%    {2} r1 = SCAN fun_decls OUTPUT In.4, In.0
            6857   ~0%    {3}    | JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Rhs.1
            6857   ~2%    {3}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
         6193961   ~0%    {3}    | JOIN WITH `Location::Location.getFile/0#dispred#d1f8b5d1_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
        27389714   ~1%    {4}    | JOIN WITH macroinvocations_20#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, Rhs.1
        27389714   ~1%    {4}    | JOIN WITH locations_default ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Lhs.3, Rhs.4
                          {4}    | REWRITE WITH TEST InOut.3 < InOut.1
        13010742   ~1%    {2}    | SCAN OUTPUT In.2, In.0
        20653781   ~0%    {3}    | JOIN WITH `Macro::MacroAccess.getOutermostMacroAccess/0#d58b05db_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, _, Lhs.1
        20653781   ~4%    {3}    | REWRITE WITH Out.1 := 1
        20381473   ~8%    {2}    | JOIN WITH macroinvocations_03#join_rhs ON FIRST 2 OUTPUT Lhs.0, Lhs.2
                          return r1
```
 2025-02-25 12:39:11 +01:00
Geoffrey White
90758b37ef C++: Change notes. 2025-02-21 19:00:12 +00:00
Geoffrey White
ae25399a47 C++: Fix offsetof bug. 2025-02-21 18:58:56 +00:00
Alex Eyers-Taylor
57e985cc21 CPP: Simplify getClassAndNameImpl 2025-02-21 16:23:45 +00:00
Alex Eyers-Taylor
53c5b8ff9e CPP: Prevent forced bad join order. 2025-02-20 16:06:42 +00:00
github-actions[bot]
ad24f94a77 Post-release preparation for codeql-cli-2.20.5 2025-02-17 17:58:24 +00:00
github-actions[bot]
6f4562f3bd Release preparation for version 2.20.5 2025-02-17 16:55:54 +00:00
Nicolas Will
b777a22d35 Expand model and specialize newtype relations 2025-02-14 23:43:07 +01:00
Mathias Vorreiter Pedersen
9cfd3391d2 C++: Move 'getImpl' to a private non-member predicate. 2025-02-14 13:01:28 +00:00
Mathias Vorreiter Pedersen
be1af88d23 C++: Add more QLDoc. 2025-02-13 14:28:36 +00:00
Mathias Vorreiter Pedersen
aff03bd721 C++: Delete confusing class synonym. 2025-02-13 14:28:14 +00:00
Mathias Vorreiter Pedersen
f9732c746b C++: Patch up various places that depended on the old IPA type. 2025-02-13 14:28:12 +00:00
Mathias Vorreiter Pedersen
75b6855769 C++: Move useful predicates from the old IPA type for the 'DefinitionExt' type. 2025-02-13 14:28:10 +00:00
Mathias Vorreiter Pedersen
f597ea99e1 C++: Delete the unnecessary IPA type of definitions. 2025-02-13 14:01:32 +00:00
Nicolas Will
874e3b5e06 Modify model to use newtypes, expand modeling 2025-02-12 17:58:15 +01:00
Anders Schack-Mulligen
0b5270979d SSA: Remove the need for ExitBasicBlock in SSA. 2025-02-10 14:36:18 +01:00
Nicolas Will
3dc28c2d17 Move language-agnostic model to shared library 2025-02-06 21:54:18 +01:00
Nicolas Will
cd70acde66 Merge pull request #1 from nicolaswill/brodes/experiments 
Concepts for elliptic curves and misc. updates.
 2025-02-06 14:43:09 +01:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
Arthur Baars
dd34690c17 Merge branch 'codeql-cli-2.20.4' into release-prep/2.20.4 2025-02-03 18:37:16 +01:00
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
Mathias Vorreiter Pedersen
0e6936d418 C++: Strip the type when computing the base type of a chain of qualifiers. 2025-02-03 12:42:11 +00:00
Mathias Vorreiter Pedersen
f35fea3bee Merge pull request #18629 from MathiasVP/fix-more-fps-in-buffer-overflow 
C++: Fix more FPs in `cpp/overflow-buffer`
 2025-01-30 18:28:10 +00:00
Mathias Vorreiter Pedersen
02cf458232 C++: Add change note. 2025-01-30 16:50:22 +00:00
Mathias Vorreiter Pedersen
764a84601f Update cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-30 16:09:44 +00:00
Mathias Vorreiter Pedersen
839640a82f Update cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-30 15:31:36 +00:00
Anders Schack-Mulligen
8edcad0509 Merge pull request #18634 from aschackmull/cpp/unnest-getkind 
C++: Un-nest the if-then-else sequence.
 2025-01-30 14:07:07 +01:00
Jeroen Ketema
8f25dbf98d Merge pull request #18606 from jketema/typeref 
C++: Support mixed `typedef`s and `using`s
 2025-01-30 14:04:48 +01:00
Anders Schack-Mulligen
15171eb1a5 C++: Un-nest the if-then-else sequence. 2025-01-30 13:28:44 +01:00
Nicolas Will
9af18bc100 WIP: add dgml/dot output/remove test code 2025-01-29 19:45:04 +01:00
Mathias Vorreiter Pedersen
403a0eb8e6 C++: Fix FPs in 'cpp/overflow-buffer' caused by unions of structs. 2025-01-29 18:30:20 +00:00