hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,514 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.3
Commit Graph

13552 Commits

Author SHA1 Message Date
Tom Hvitved
7ab9c8b90d Java/C++/C#: flowCandFwdRead() refactor 2019-08-20 14:44:04 +02:00
Tom Hvitved
14378ee41a Java/C++/C#: Remove some unbind() calls from shared data flow implementation 2019-08-20 13:59:01 +02:00
Jonas Jensen
d65b09d94a C++: Proper fix for TaintTracking2 parameter 2019-08-20 13:45:37 +02:00
Jonas Jensen
b1cd64bbf4 C++: Fix mismatch between taint and dataflow copy 2019-08-20 13:45:37 +02:00
Jonas Jensen
d388be7d3b C++: Use pyrameterized modules for TaintTracking 2019-08-20 13:45:37 +02:00
Tom Hvitved
a0c834c83d Java/C++/C#: Improve data flow join orders for field flow 2019-08-20 10:14:08 +02:00
Geoffrey White
f045035f5d CPP: Examples Include.qll. 2019-08-19 15:58:44 +01:00
Geoffrey White
abd4d39710 CPP: Examples NameQualifiers.qll. 2019-08-19 15:06:39 +01:00
Geoffrey White
3eec627321 CPP: Add a test of NameQualifiableElement and NameQualifyingElement. 2019-08-19 15:05:50 +01:00
Anders Schack-Mulligen
6ff4fe38ec Java/C++/C#: Add field flow support for stores in nested fields. 2019-08-19 14:41:06 +02:00
Geoffrey White
a889a79816 CPP: Examples Field.qll. 2019-08-19 11:48:58 +01:00
Geoffrey White
f6ccaa5caf CPP: Examples FriendDecl.qll. 2019-08-19 11:31:33 +01:00
Geoffrey White
b69df9113a CPP: Examples Comments.qll. 2019-08-19 11:29:24 +01:00
Geoffrey White
bc3e4e4143 CPP: Examples Lambda.qll. 2019-08-19 09:59:26 +01:00
Geoffrey White
d29eefd235 CPP: Examples Macro.qll. 2019-08-19 09:59:26 +01:00
Geoffrey White
4ea999872b Merge pull request #1746 from jbj/ast-field-flow-ctor 
C++: Field flow through ConstructorFieldInit
 2019-08-19 09:14:02 +01:00
zlaski-semmle
ce71b45649 Zlaski/cpp386a (#1753) 
* [CPP-386] Cumulative patch.

* Restore dataflow libraries clobbered by my last commit.
 2019-08-19 10:03:18 +02:00
Jonas Jensen
84adeda167 C++: Support flow through LambdaExpression 
I've checked with a temporary workaround for the locations problem that
my annotations in the test cpp files are on the correct lines.
 2019-08-16 16:20:22 +02:00
Geoffrey White
eb39346d85 Merge pull request #1744 from jbj/ast-field-flow-aggregate-init 
C++: Field flow through ClassAggregateLiteral
 2019-08-16 09:56:11 +01:00
Jonas Jensen
ee8c0cb29a C++: Support member initializer lists > 1000 items 2019-08-16 09:36:34 +02:00
Jonas Jensen
503cbf13bb C++: Flow from parameters to ConstructorFieldInit 
Because `ConstructorFieldInit` (member initializer lists) are not part
of the control flow graph, there was no data flow from the initial value
of parameters to their uses in member initializers. This commit adds the
necessary flow under the assumption that parameters are not overwritten
in member initializers.
 2019-08-16 09:10:31 +02:00
Jonas Jensen
45eefdb218 C++: Field flow through ConstructorFieldInit 
This allows a member initializer list to be seen as a sequence of field
assignments. For example, the constructor

    C() : a(taint()) { }

now has data flow similar to

    C() { this.a = taint(); }
 2019-08-16 09:10:17 +02:00
Jonas Jensen
1be2380511 C++: Rephrase ThisFlow to get space for ctor inits 2019-08-16 08:46:11 +02:00
Jonas Jensen
f3f89ffe3f Merge pull request #1742 from geoffw0/lambdataint 
CPP: Tests for taint through lambdas
 2019-08-16 08:45:14 +02:00
Geoffrey White
a6902bdb37 CPP: Test dataflow through lambdas. 2019-08-15 19:43:24 +01:00
Dave Bartolomeo
f1bbc9bb7e Merge pull request #1745 from jbj/ast-field-flow-ABC 
C++: Annotate field-flow tests in [ABC].cpp
 2019-08-15 09:13:26 -07:00
Dave Bartolomeo
230ff92c03 Merge pull request #1743 from nickrolfe/hmap 
C++: delete headermaps test
 2019-08-15 09:01:23 -07:00
Geoffrey White
1bd4aeebad CPP: Effects of #1715. 2019-08-15 14:05:09 +01:00
Geoffrey White
02e1edd640 CPP: Test taint through lambdas. 2019-08-15 14:00:45 +01:00
Geoffrey White
b6cf341124 Merge pull request #1715 from jbj/ast-field-flow 
C++: Initial AST-based flow through fields
 2019-08-15 13:38:58 +01:00
Nick Rolfe
c26aef2381 C++: delete headermaps test 2019-08-15 12:39:58 +01:00
Jonas Jensen
1b4b352316 C++: Field flow through ClassAggregateLiteral 2019-08-15 12:01:42 +02:00
Jonas Jensen
e419ea0140 C++: Test showing no flow through aggregate init 2019-08-15 11:33:25 +02:00
Jonas Jensen
fdd8de79da C++: Remove redundant toString override 
This time I left a comment to prevent myself from getting confused again
and adding the override in the future.
 2019-08-15 11:32:11 +02:00
Jonas Jensen
ed1e3ed1ef C++: Annotate field-flow tests in [ABC].cpp 
This brings the annotation style in sync with how we annotate new tests
these days. I also changed a few annotations to have different expected
outcome based on my understanding of the code.
 2019-08-15 10:30:46 +02:00
Jonas Jensen
e94dbe926b C++: Add forgotten toString override 
This makes `PostConstructorCallNode`s show up in the test output.
 2019-08-14 16:26:49 +02:00
Anders Schack-Mulligen
1938ac4937 Java/C++/C#: Sync. 2019-08-14 10:32:15 +02:00
yh-semmle
badfc23ce4 Merge pull request #1718 from aschackmull/java/barrierguard 
Java/C++/C#: Add support for BarrierGuards.
 2019-08-13 14:11:54 -04:00
Anders Schack-Mulligen
411bc16f44 Java/C++/C#: Address review comment. 2019-08-13 16:57:48 +02:00
Anders Schack-Mulligen
9e902066ad Java/C++/C#: Elaborate qldoc. 2019-08-13 16:57:48 +02:00
Anders Schack-Mulligen
4550175b16 Java/C++/C#: Add support for BarrierGuards. 2019-08-13 16:57:48 +02:00
Jonas Jensen
e93598e476 Merge pull request #1716 from geoffw0/qldoceg4 
CPP: Add syntax examples to QLDoc in Function.qll
 2019-08-13 16:27:20 +02:00
Geoffrey White
e4bbfb9a79 CPP: Corrections. 2019-08-13 11:25:39 +01:00
Tom Hvitved
36043d04bd Merge pull request #1729 from xiemaisi/data-flow-nodes-location 
Java/C++/C#: Provide path-node locations via `hasLocationInfo`, not `getLocation`.
 2019-08-13 12:22:59 +02:00
Geoffrey White
95749bdff8 CPP: Examples Stmt.qll. 2019-08-13 10:56:59 +01:00
Jonas Jensen
38ec693ead C++: Improved ConstructorCall field flow 
This commit changes C++ `ConstructorCall` to behave like
`new`-expressions in Java: they are both `ExprNode`s and
`PostUpdateNodes`, and there's a "pre-update node" (here called
`PreConstructorCallNode`) to play the role of the qualifier argument
when calling a constructor.
 2019-08-13 11:05:13 +02:00
Jonas Jensen
18c3bfe596 Merge pull request #1731 from geoffw0/qldoceg5 
CPP: Add syntax examples to QLDoc in Initializer.qll, Parameter.qll
 2019-08-13 08:52:05 +02:00
Jonas Jensen
1f1824cb9b C++: Exclude BlockVar computation for "large" vars 2019-08-12 16:53:48 +02:00
Geoffrey White
beada95014 CPP: Examples Block.qll. 2019-08-12 15:08:37 +01:00
Dave Bartolomeo
5d6ac2bb74 Merge pull request #1583 from jbj/ir-sanity-qlcfg 
C++: Share tests between IR and QL-CFG
 2019-08-12 07:04:40 -07:00