hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

7071 Commits

Author SHA1 Message Date
erik-krogh
336c7de643 updates based on review 2024-05-07 22:58:49 +02:00
Geoffrey White
575b66a054 C++: Clarify the recommendation and example. 2024-05-07 16:52:50 +01:00
Geoffrey White
dd95a2abab C++: Move qhelp. 2024-05-07 16:35:21 +01:00
Geoffrey White
c0cf1c7c8c Merge pull request #16402 from geoffw0/stringlifetimedoc 
C++: Improve UseOfStringAfterLifetimeEnds doc.
 2024-05-03 15:04:07 +01:00
Geoffrey White
807e6795a7 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-03 11:40:56 +01:00
Geoffrey White
f5431abb10 C++: Fix strncpy reference link (the old link was broken). 2024-05-02 17:37:52 +01:00
Geoffrey White
73cc211779 C++: Fix qhelp error. 2024-05-02 17:36:35 +01:00
Geoffrey White
08e08a2b3a C++: Qhelp punctuation. 2024-05-02 17:32:24 +01:00
Geoffrey White
657402b42f C++: Fix % character in qhelp. 2024-05-02 17:31:09 +01:00
Geoffrey White
ecbf7aef18 C++: Fix qhelp formatting. 2024-05-02 17:26:24 +01:00
Geoffrey White
669fc925e0 C++: Fix qhelp formatting. 2024-05-02 17:24:20 +01:00
Geoffrey White
8a04840f93 C++: Improve qhelp for IncorrectNotOperatorUsage.ql, including mention of an alternative fix. 2024-05-02 17:17:55 +01:00
Geoffrey White
f4e4e238ba C++: Add test cases for IncorrectNotOperatorUsage.ql. 2024-05-02 17:17:55 +01:00
Geoffrey White
8f682ef4e4 C++: Improve quality of some qhelp references. 2024-05-02 17:08:26 +01:00
Geoffrey White
8a261b7e7a C++: Update StrncpyFlippedArgs.qhelp. 2024-05-02 17:04:49 +01:00
Geoffrey White
06d8892e03 C++: Rename an example file. 2024-05-02 16:39:59 +01:00
Geoffrey White
e22159ab5d C++: Update WrongTypeFormatArguments.qhelp. 2024-05-02 16:34:56 +01:00
Geoffrey White
355c7d9b41 C++: Rename an example file. 2024-05-02 16:34:49 +01:00
Geoffrey White
e4cf7df38f C++: Edits to the .qhelp based on suggestions. 2024-05-02 16:00:31 +01:00
Geoffrey White
b8b3689251 C++: Autoformat. 2024-05-02 15:49:56 +01:00
Geoffrey White
0693bf9e75 C++: Improve UseOfStringAfterLifetimeEnds qhelp, references and alert message. 2024-05-02 15:40:27 +01:00
Mathias Vorreiter Pedersen
a8f2cbc2b1 Merge pull request #16331 from mario-campos/mario-campos/guarded-free 
Cpp: new experimental query cpp/guarded-free
 2024-05-01 17:32:44 +01:00
Mario Campos
5a7a1dc92e C++: forgot to import semmle.code.cpp.controlflow.Guards 2024-05-01 11:00:19 -05:00
Mario Campos
c480431ec0 C++: simplify cpp/guarded-free 
This new form is more declarative by use of the `GuardCondition`. Thanks to the tireless effort of @MathiasVP!
 2024-05-01 10:59:16 -05:00
Mathias Vorreiter Pedersen
40b6e1624f Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:23 +01:00
Mathias Vorreiter Pedersen
22e843abc6 Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:16 +01:00
Mathias Vorreiter Pedersen
708d12624f C++: Update documentation on 'cpp/iterator-to-expired-container'. 2024-04-30 16:32:32 +01:00
Mathias Vorreiter Pedersen
61ce7252e6 C++: Update the alert message in 'cpp/iterator-to-expired-container'. 2024-04-30 16:12:54 +01:00
Mathias Vorreiter Pedersen
c04e59611b Merge pull request #16355 from MathiasVP/promote-iterator-to-expired-container-out-of-experimental 
C++: Promote `cpp/iterator-to-expired-container` out of experimental
 2024-04-30 15:45:56 +01:00
github-actions[bot]
99928b82ed Post-release preparation for codeql-cli-2.17.2 2024-04-30 12:15:35 +00:00
github-actions[bot]
5228d94d42 Release preparation for version 2.17.2 2024-04-30 10:25:51 +00:00
Geoffrey White
7d9f78b2de Merge pull request #16328 from geoffw0/pathinj 
C++: Reduce duplication from cpp/path-injection
 2024-04-30 10:06:40 +01:00
Mathias Vorreiter Pedersen
94364f724e C++: Remove CP between all sinks and all states in 'cpp/iterator-to-expired-container'. 2024-04-29 16:46:00 +01:00
Mathias Vorreiter Pedersen
0fa5a1f274 C++: Add change note. 2024-04-29 11:17:53 +01:00
Mathias Vorreiter Pedersen
5c454bdd8c C++: Compute and add severity. 2024-04-29 11:09:42 +01:00
Mathias Vorreiter Pedersen
f194c70e8a C++: Set precision to medium. 2024-04-29 11:08:08 +01:00
Mathias Vorreiter Pedersen
179270ffc1 C++: Move 'cpp/iterator-to-expired-container' out of experimental. 2024-04-29 11:07:55 +01:00
Mario Campos
3195f0c828 Use more specific hasGlobalName() for stdlib function free(3) 
Based on the CodeQL documentation's example of strncpy(3) and strlen(3): https://codeql.github.com/docs/codeql-language-guides/hash-consing-and-value-numbering/#example-query
 2024-04-26 09:10:40 -05:00
Mario Campos
d7c784ef2f Initial commit of experimental query cpp/guarded-free. 2024-04-25 16:29:37 -05:00
Geoffrey White
553871678a C++: Change note. 2024-04-25 16:52:01 +01:00
Geoffrey White
15123a7b40 C++: Reduce duplication. 2024-04-25 16:49:22 +01:00
Geoffrey White
0fb71e24cb C++: Fix typo. 2024-04-25 14:52:56 +01:00
Mathias Vorreiter Pedersen
cedc84df8f C++: Fix FPs by only having one dataflow config. This means we preserve the call context all the way though from the source to the sink. 2024-04-19 08:27:41 +01:00
Mathias Vorreiter Pedersen
622f69e1a1 Merge pull request #16238 from MathiasVP/fix-terator-to-expired-container-fp 2024-04-18 10:24:13 +01:00
Alexander Eyers-Taylor
da3fa22cbd Merge pull request #16228 from github/post-release-prep/codeql-cli-2.17.1 
Post-release preparation for codeql-cli-2.17.1
 2024-04-17 11:24:34 +01:00
Mathias Vorreiter Pedersen
96ba3ec88e C++: Rename predicate. 2024-04-17 10:10:54 +01:00
Mathias Vorreiter Pedersen
eb2790ae63 C++: Fix 'case 2' in 'destroyedToBeginSink' now that we're working with the sink instead of the source. 2024-04-17 10:10:39 +01:00
Mathias Vorreiter Pedersen
d22e2bae8e C++: Select the post-update node in 'getADestroyedNode'. 2024-04-17 10:10:39 +01:00
Mathias Vorreiter Pedersen
b2974ba1c6 C++: Factor body of isSink into its own predicate. 2024-04-17 10:10:21 +01:00
Mathias Vorreiter Pedersen
c3cf425079 C++: Use interpolation to avoid a bad join order. 2024-04-16 16:24:08 +01:00