hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

3733 Commits

Author SHA1 Message Date
REDMOND\brodes
a5b57d3694 Merge branch 'main' into generic_constant_filtering 
# Conflicts:
#	cpp/ql/lib/experimental/quantum/Language.qll
#	cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll
#	cpp/ql/lib/experimental/quantum/OpenSSL/OpenSSL.qll
 2025-05-22 10:37:10 -04:00
REDMOND\brodes
09170e598c Crypto: Making generic literal filter more explicit that it is for filtering all constants, not just for algorithms. 2025-05-22 10:31:58 -04:00
REDMOND\brodes
100045d4cb Crypto: optimizing out the "getPossibleNidFromLiteral" predicate, and now relying on the charpred of OpenSSLAlgorithmCandidateLiteral. 2025-05-21 18:25:29 -04:00
REDMOND\brodes
a36fd2cb31 Crypto: Advanced literal filtering for OpenSSL, used for both unknown and known algorithm literals to improve dataflow performance. 2025-05-21 18:15:44 -04:00
REDMOND\brodes
d75fc2e8ec Crypto: Further code cleanup 2025-05-21 15:25:04 -04:00
Ben Rodes
5370bb4e45 Merge branch 'main' into ben_refactoring 2025-05-21 15:07:53 -04:00
REDMOND\brodes
bbee2c9bdf Crypto: Misc. refactoring and code clean up. 2025-05-21 15:06:46 -04:00
Nicolas Will
9cc121f414 Merge pull request #19545 from bdrodes/missing_openssl_hash_algorithm_consumers 
Quantum: Model missing OpenSSL EVP digest consumers
 2025-05-21 19:03:06 +02:00
Nicolas Will
9637aeca5e Merge pull request #19547 from bdrodes/openssl_pkey_alg_value_consumers 
Quantum: Add OpenSSL PKEY algorithm value consumers.
 2025-05-21 19:00:36 +02:00
Nicolas Will
acb19627d6 Merge branch 'main' into missing_openssl_hash_algorithm_consumers 2025-05-21 18:01:28 +02:00
REDMOND\brodes
9f65cb8c4c Comment/doc cleanup 2025-05-21 11:51:25 -04:00
Nicolas Will
48e484b438 Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-21 16:26:11 +02:00
Nicolas Will
7ee1bd61fb Merge pull request #19541 from bdrodes/openssl_ec_key_gen 
Openssl ec key gen
 2025-05-21 16:13:05 +02:00
Anders Schack-Mulligen
db01828717 Java: Deprecate redundant basic block predicates. 2025-05-21 09:01:46 +02:00
REDMOND\brodes
6ffb049b75 Crypto: Adding alg value consumers for EVP PKEY for openssl. As part of the additional modeling, updated the generic dataflow source to match JCA with how "EC" is handled as a consumed algorithm for PKEY. 2025-05-20 14:18:33 -04:00
REDMOND\brodes
d35fc64987 Crypto: Missing openssl EVP digest consumers. 2025-05-20 11:23:27 -04:00
Ben Rodes
efd9386d6e Update cpp/ql/lib/experimental/quantum/OpenSSL/Operations/ECKeyGenOperation.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-20 10:58:19 -04:00
REDMOND\brodes
c3ed4549f4 Crypto: Changing fixed key size for the key gen operation for EC key gen to be none, and rely implicitly on the connected algorithm length. (+1 squashed commits) (+1 squashed commits) 
Squashed commits:

[b7cd7baa42] Crypto: Modeled EC key gen for openssl. (+1 squashed commits)
 2025-05-20 10:39:21 -04:00
REDMOND\brodes
b56472436e Crypto: Alterations to OpenSSL cipher algorithms to use new fixed keysize predicate. 2025-05-20 10:36:56 -04:00
Ben Rodes
55119cf770 Merge branch 'main' into openssl_elliptic_curve_algorithm_instances_and_consumers 2025-05-19 15:50:00 -04:00
REDMOND\brodes
4309499c36 Switching to private imports. 2025-05-19 15:44:15 -04:00
REDMOND\brodes
03a6e134ba Crypto: Removed dead comment. 2025-05-19 13:51:42 -04:00
REDMOND\brodes
e5641eff23 Crypto: Typo fix 2025-05-19 13:50:41 -04:00
REDMOND\brodes
3e54e4d6b6 Crypto: Fixing typo. 2025-05-19 13:49:29 -04:00
REDMOND\brodes
d05d38f00c Crypto: Removing unused class field. 2025-05-19 13:48:15 -04:00
REDMOND\brodes
bbbdf89e46 Crypto: OpenSSL ellipitic curve algorithm instances and consumers. 2025-05-19 13:10:11 -04:00
REDMOND\brodes
309ad461a5 Quantum/Crypto: Adding Random.qll for OpenSSL into the general imports for the OpenSSL.qll model. 2025-05-19 10:56:17 -04:00
REDMOND\brodes
74271e4a17 Quantum/Crypto: To avoid ambiguity, altered OpenSSL EVP_Update_Call and EVP_Final_Call used for ciphers to explicitly say "Cipher", e.g., EVP_Cipher_Update_Call. This is also consistent with the new analogous digest operations. 2025-05-19 10:44:39 -04:00
REDMOND\brodes
97124745ad Quantum/Crypto:Adding interemediate hashing to the openssl (e.g., modeling final and update digest separately). 2025-05-19 10:43:32 -04:00
Jeroen Ketema
dfbe08d14c Merge pull request #19518 from jketema/depr 
C++/Swift: delete outdated deprecations
 2025-05-19 14:39:13 +02:00
Mathias Vorreiter Pedersen
adb74105fd Merge pull request #19511 from MathiasVP/as-expr-array-aggregate-literal 
C++: Make `node.asExpr() instanceof ArrayAggregateLiteral` satisfiable
 2025-05-19 12:47:28 +01:00
Napalys Klicius
673655e093 added change notes 2025-05-19 13:29:40 +02:00
Napalys Klicius
703aec1990 cpp: removed now unused predicate commandLineArg 2025-05-19 13:27:26 +02:00
Napalys Klicius
c74321a2ee all: used Erik's script to delete outdated deprecations 2025-05-19 13:26:08 +02:00
Jeroen Ketema
93517020ae Merge pull request #19515 from jketema/depr-rewrite 
C++: Do not use deprecated `hasLocationInfo` in `FlowTestCommon`
 2025-05-19 12:43:50 +02:00
Jeroen Ketema
757a4877e0 C++: Do not use deprecated hasLocationInfo in FlowTestCommon 2025-05-19 11:10:29 +02:00
Mathew Payne
9d2b46e3cd Merge branch 'main' into cpp-wmain 2025-05-19 08:52:56 +01:00
Mathias Vorreiter Pedersen
0eb55779fb C++: Add change note. 2025-05-16 20:30:21 +01:00
Mathias Vorreiter Pedersen
8e005a65bf C++: Fix missing 'asExpr' for array aggregate literals. 2025-05-16 20:12:58 +01:00
Mathew Payne
bbce0d0c65 Update cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-05-16 18:55:00 +01:00
GeekMasher
94fe9b692f feat(cpp): Add change notes 2025-05-16 18:35:50 +01:00
Mathias Vorreiter Pedersen
d7e07b0b2d Merge pull request #19492 from MathiasVP/add-cpp-models 
C++: Add summary models for `openssl` and `sqlite`
 2025-05-16 18:33:56 +01:00
Mathew Payne
c79a724f5d feat(cpp): Update FlowSources to add wmain 2025-05-16 18:21:44 +01:00
REDMOND\brodes
34f5e4e0c8 Adding cipher update modeling (model flow through update to final) 2025-05-16 11:23:19 -04:00
Mathias Vorreiter Pedersen
1d31a38362 C++: Regenerate the models for OpenSSL and sqlite after excluding tests in model-generation (sqlite is unaffected). 2025-05-16 13:53:16 +01:00
Mathias Vorreiter Pedersen
03d6633d41 Merge pull request #19501 from MathiasVP/as-expr-class-aggregate-literal 
C++: Make `node.asExpr() instanceof ClassAggregateLiteral` satisfiable
 2025-05-16 13:49:03 +01:00
Mathias Vorreiter Pedersen
560ffc0e9b C++: Regenerate the models for OpenSSL and sqlite after model-generation changes. 2025-05-16 13:33:59 +01:00
Mathias Vorreiter Pedersen
de31595cd2 C++: Add generated sqlite models. 2025-05-16 13:32:01 +01:00
Mathias Vorreiter Pedersen
0290b4369c C++: Add generated OpenSSL models. 2025-05-16 13:31:59 +01:00
Mathias Vorreiter Pedersen
e11ab0f125 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ExprNodes.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-05-16 12:06:25 +01:00