hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

7071 Commits

Author SHA1 Message Date
github-actions[bot]
9d7987f822 Release preparation for version 2.13.5 2023-06-29 09:26:18 +00:00
Mathias Vorreiter Pedersen
285112f4cd C++: Move 'cpp/overrun-write' back to medium precision. 2023-06-29 08:18:47 +01:00
Jeroen Ketema
43a8119091 Merge pull request #13591 from jketema/pointer-deref-barrier 
C++: Add barrier to `InvalidPointerToDerefConfig` in `cpp/invalid-pointer-deref`
 2023-06-28 17:46:41 +02:00
Jeroen Ketema
14609a9795 C++: Add barrier to InvalidPointerToDerefConfig in cpp/invalid-pointer-deref 2023-06-28 14:04:45 +02:00
Mathias Vorreiter Pedersen
2c99009c1a Merge pull request #13117 from rdmarsh2/rdmarsh2/cpp/cobo-handle-array-casts 
C++: handle cast arrays properly in off-by-one query
 2023-06-28 09:25:12 +01:00
Mathias Vorreiter Pedersen
f2cbbab419 Merge branch 'main' into rdmarsh2/cpp/cobo-handle-array-casts 2023-06-27 12:03:42 +01:00
Mathias Vorreiter Pedersen
985650cb04 Merge pull request #13559 from MathiasVP/add-barrier-to-invalid-deref-query 
C++: Add barriers to `cpp/invalid-pointer-deref`
 2023-06-27 11:56:58 +01:00
Mathias Vorreiter Pedersen
ef383a135d C++: Prune the set of interesting pointer-arithmetic instructions by another flow. 2023-06-26 19:09:43 +01:00
Mathias Vorreiter Pedersen
d68b0605cd C++: Use 'arrayTypeCand' in 'isSourceImpl' instead of checking for array size explicitly. 2023-06-26 11:37:35 +01:00
Mathias Vorreiter Pedersen
3b4f2b22d6 C++: Fix Code Scanning errors. 2023-06-26 11:36:56 +01:00
Mathias Vorreiter Pedersen
b87bf46c30 C++: Fix joins. 2023-06-26 11:28:32 +01:00
amammad
f715a3437b better examples 2023-06-26 05:29:16 +10:00
amammad
3ddc9a8b31 fix warnings, more sinks,sources,comments 2023-06-26 05:26:30 +10:00
amammad
ae98510f77 add more source and sinks and sanitizers 2023-06-26 00:21:55 +10:00
amammad
4a37da3593 V1 2023-06-25 20:26:21 +10:00
Mathias Vorreiter Pedersen
e32f7d84a5 C++: Speed up analysis on 'Samate' by avoiding the 'Variable' column in the dataflow stages of the query. 2023-06-25 00:35:43 +01:00
Mathias Vorreiter Pedersen
e0f5c584b9 C++: Fix Code Scanning error. 2023-06-24 19:38:22 +01:00
Mathias Vorreiter Pedersen
9d5b8cff2e C++: Add a barrier to the 'cpp/invalid-pointer-deref' query. 2023-06-24 19:12:03 +01:00
Mathias Vorreiter Pedersen
600c60af8b Merge branch 'main' into rdmarsh2/cpp/cobo-array-vars 2023-06-23 10:54:46 +01:00
Remco Vermeulen
c0884432e8 Format query 2023-06-20 10:38:08 -07:00
github-actions[bot]
18b678e69e Post-release preparation for codeql-cli-2.13.4 2023-06-20 10:20:05 +00:00
Remco Vermeulen
32d7faa3b8 Account for the signedness of the lesser operand 2023-06-19 16:57:36 -07:00
Jeroen Ketema
0bb67e45b3 C++: lower the precision of cpp/overrun-write to exclude it from our query suites 2023-06-16 19:07:56 +02:00
Jeroen Ketema
000add206c Revert "Exclude cpp/overrun-write from cpp-security-extended.qls" 
This reverts commit 3aaa649076.
 2023-06-16 19:05:04 +02:00
Jeroen Ketema
3aaa649076 Exclude cpp/overrun-write from cpp-security-extended.qls 2023-06-15 16:50:42 +02:00
github-actions[bot]
e4be303a23 Release preparation for version 2.13.4 2023-06-08 19:57:37 +00:00
erik-krogh
a4ef8619c6 delete old deprecations 2023-06-08 10:10:21 +02:00
Jeroen Ketema
272ced6ea5 Merge pull request #13374 from jketema/ptr-deref-min 
C++: Remove `cpp/invalid-pointer-deref` results duplicating ones with smaller `k`
 2023-06-05 19:31:24 +02:00
Jeroen Ketema
93215ba7e1 Merge pull request #13355 from jketema/ptr-deref-forward 
C++: Ensure that the sink instruction occurs last in `cpp/invalid-pointer-deref`
 2023-06-05 15:56:50 +02:00
Jeroen Ketema
86df424fca C++: Fix query formatting 2023-06-05 15:10:54 +02:00
Jeroen Ketema
4a27028768 C++: Remove cpp/invalid-pointer-deref results duplicating ones with smaller k 2023-06-05 15:03:58 +02:00
Mathias Vorreiter Pedersen
52fb00cac3 Merge pull request #12036 from nmouha/patch-1 
CPP: Add query for CVE-2022-37454: Integer addition may overflow inside if statement
 2023-06-05 12:13:27 +01:00
Jeroen Ketema
11182e4ee4 C++: Move location where getASuccessor is used to avoid join order problems 2023-06-05 12:36:25 +02:00
Jeroen Ketema
8ac1d56a7f C++: Fix join order in cpp/invalid-pointer-deref 2023-06-02 16:37:35 +02:00
Jeroen Ketema
ac4933a9cc C++: Ensure that the sink instruction occurs last in cpp/invalid-pointer-deref 
This avoids some counter-intuitive paths where we would seemingly jump back
to an earlier instruction, which might actually have been in bounds.
 2023-06-02 12:36:34 +02:00
Robert Marsh
df4d156a36 C++: remove unneeded exists variables 2023-06-01 11:28:12 -04:00
Mathias Vorreiter Pedersen
3d9c282f48 Merge pull request #13320 from jketema/ptr-deref-dedup 2023-05-31 10:12:05 -07:00
Arthur Baars
c211b704f3 Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Jeroen Ketema
dd30acf1e3 C++: Add nodes query predicate to cpp/invalid-pointer-deref 2023-05-30 18:43:01 +02:00
Jeroen Ketema
f5ed02a433 C++: Take into account the delta at the final sink in cpp/invalid-pointer-deref 2023-05-30 18:33:20 +02:00
Jeroen Ketema
a8c76388c0 C++: Fix configuration names in comments in cpp/invalid-pointer-deref 2023-05-30 18:15:37 +02:00
Mathias Vorreiter Pedersen
f00b29d3d2 C++: The small-string optimization commonly used inside 'std::string' is causing a lot of FPs. Let's exclude this for now to reduce the number of results for this query. 2023-05-30 07:33:07 -07:00
Mathias Vorreiter Pedersen
0f08642653 C++: Fix join in 'pointerArithOverflow0'. 2023-05-26 11:16:44 -07:00
Robert Marsh
d18fb646d1 C++: handle cast arrays properly in off-by-one query 2023-05-26 13:16:21 -04:00
Robert Marsh
6e230e10f8 C++: include stack-allocated arrays in off-by-one query 2023-05-26 13:04:51 -04:00
Robert Marsh
b2fb2aa0d1 Merge pull request #13045 from rdmarsh2/rdmarsh2/cpp/improve-constant-off-by-one 
C++: stitch paths and ignore cast arrays in constant off-by-one query
 2023-05-26 12:47:08 -04:00
Mathias Vorreiter Pedersen
960e6521a4 Revert "C++: Whitespace commit to make qhelp show up in diff." 
This reverts commit ec192d621c.
 2023-05-25 15:21:09 -07:00
Mathias Vorreiter Pedersen
c3fdc83af6 C++: Also add an out barrier on all sinks. 2023-05-25 12:23:50 -07:00
Mathias Vorreiter Pedersen
ec192d621c C++: Whitespace commit to make qhelp show up in diff. 2023-05-24 16:13:42 -07:00