hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

7071 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
dba46bd324 Update cpp/ql/src/Critical/DoubleFree.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-17 07:38:30 +01:00
github-actions[bot]
075d063370 Release preparation for version 2.13.0 2023-04-14 13:31:30 +00:00
Alex Ford
9169ddb9c1 Merge pull request #12823 from alexet/alexet/bump-version 
Bump all qlpacks major versions
 2023-04-14 12:18:27 +01:00
Alex Eyers-Taylor
c6a482819a Bump all qlpacks major versions 2023-04-13 19:15:27 +01:00
Mathias Vorreiter Pedersen
b7bbdb76ba Update cpp/ql/src/Likely Bugs/RedundantNullCheckSimple.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-04-13 18:42:12 +01:00
Mathias Vorreiter Pedersen
f1a7b1a853 C++: Add change note. 2023-04-13 17:35:28 +01:00
Mathias Vorreiter Pedersen
b8d2896d5d C++: Convert 'cpp/redundant-null-check-simple' to a path-problem query and assigned it precision high. 2023-04-13 17:28:07 +01:00
Mathias Vorreiter Pedersen
0db05fe4fa C++: Use the new dataflow library in the 'missing scanf' query. 2023-04-13 14:51:08 +01:00
Alex Ford
8c46bfd051 Merge pull request #12816 from github/rc/3.9 
Merge `rc/3.9` into `main`
 2023-04-13 12:35:41 +01:00
Mathias Vorreiter Pedersen
40dde93beb C++: Fix FP and accept test changes. 2023-04-13 11:00:08 +01:00
Mathias Vorreiter Pedersen
23a7cd943f C++: Fix missing result and accept test changes. 2023-04-13 10:50:46 +01:00
Tom Hvitved
3cc9dec9c8 Remove all queries.xml files 2023-04-13 11:18:58 +02:00
Mathias Vorreiter Pedersen
d304022685 C++: Add QLDoc to 'isExcludeFreePair'. 2023-04-13 10:15:23 +01:00
Mathias Vorreiter Pedersen
e0aeea058e C++: Fix qhelp for double-free. 2023-04-13 10:10:42 +01:00
Mathias Vorreiter Pedersen
ba4e3ae949 Update cpp/ql/src/Critical/FlowAfterFree.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-04-12 16:50:57 +01:00
Mathias Vorreiter Pedersen
d1e3c1b407 C++: Fix joins in 'select' of 'cpp/constant-array-overflow'. 2023-04-12 11:39:35 +01:00
Mathias Vorreiter Pedersen
49cceb2901 C++: Fix joins. 2023-04-12 09:58:24 +01:00
Mathias Vorreiter Pedersen
259d5b6452 C++: Add use-after-free change note. 2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen
c1960c6ff9 C++: Add double-free change note. 2023-04-11 15:30:51 +01:00
Mathias Vorreiter Pedersen
725004a6fe C++: Modernize use-after-free query using dataflow. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
17fe5f2317 C++: Change the id of the experimental double-free query to not overlap with the new non-experimental one. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
fb2ec15dad C++: Add double-free query documentation. 2023-04-11 15:21:21 +01:00
Mathias Vorreiter Pedersen
cc12e74c23 C++: Add double-free query. 2023-04-11 14:44:15 +01:00
Mathias Vorreiter Pedersen
dfe00ffe4b C++: Add a flow-after-free library. 2023-04-11 14:40:17 +01:00
Jeroen Ketema
9123657fd2 C++: Update product flow to match data flow naming 2023-04-06 17:13:12 +02:00
Jeroen Ketema
886abd1231 C++: Fix typo 2023-04-06 17:11:03 +02:00
Jeroen Ketema
39272def2d C++: Clean up the ProductFlow FlowStates 2023-04-06 17:10:44 +02:00
Jeroen Ketema
4e12924521 C++: Refactor ProductFlow to have a DataFlow::ConfigSig-like interface 2023-04-06 17:10:40 +02:00
Jeroen Ketema
c8798637fa Merge pull request #12777 from jketema/mctv-join 
C++: Fix number of join order problems in memory corruption queries
 2023-04-06 16:55:42 +02:00
Jeroen Ketema
8e7eec173b C++: inline isInvalidPointerDerefSink 2023-04-06 12:49:10 +02:00
Mathias Vorreiter Pedersen
025081e223 C++: Add change note. 2023-04-06 10:54:16 +01:00
Mathias Vorreiter Pedersen
8fef101432 C++: Fix missing result and accept test changes. 2023-04-06 10:41:08 +01:00
Jeroen Ketema
f98576bcb4 C++: Fix number of join order problems in memory corruption queries 2023-04-06 10:53:18 +02:00
github-actions[bot]
ac426b1302 Post-release preparation for codeql-cli-2.12.6 2023-04-04 16:49:26 +00:00
Mathias Vorreiter Pedersen
f007083ef0 C++: Switch back to a 'Bound' instead of a 'SemBound'. 2023-04-04 09:43:23 +01:00
Mathias Vorreiter Pedersen
c19edc5f0b C++: Fix Code Scanning errors. 2023-04-03 15:17:37 +01:00
Mathias Vorreiter Pedersen
aa337c72c2 C++: Update import paths in tests and experimental queries. 2023-04-03 15:17:37 +01:00
Mathias Vorreiter Pedersen
e5700e07c7 C++: Fix join order in 'cpp/unsafe-strncat'. 2023-03-31 21:33:28 +01:00
github-actions[bot]
0a3218676c Release preparation for version 2.12.6 2023-03-30 19:25:06 +00:00
github-actions[bot]
e87ce62f95 Post-release preparation for codeql-cli-2.12.5 2023-03-30 13:48:58 +00:00
Mathias Vorreiter Pedersen
cbd4662696 Merge branch 'main' into skip-safe-conversions-in-range-analysis 2023-03-27 21:18:49 +01:00
Jeroen Ketema
213c4b0818 C++: Fix join-order problem in cpp/overrun-write 
Before on Wireshark:
```
[2023-03-27 12:59:25] Evaluated non-recursive predicate OverrunWriteProductFlow#fb5ce006::isSinkPairImpl#5#fffff@2ba90584 in 99742ms (size: 52640).
Evaluated relational algebra for predicate OverrunWriteProductFlow#fb5ce006::isSinkPairImpl#5#fffff@2ba90584 with tuple counts:
        1047588019  ~1%    {3} r1 = JOIN DataFlowUtil#47741e1f::InstructionNode#fff_20#join_rhs WITH OverrunWriteProductFlow#fb5ce006::bounded#3#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Rhs.2
          67558965  ~0%    {4} r2 = JOIN r1 WITH Instruction#577b6a83::CallInstruction::getArgument#fbf_201#join_rhs ON FIRST 1 OUTPUT Rhs.2, Lhs.1, Lhs.2, Rhs.1
         613572640  ~0%    {5} r3 = JOIN r2 WITH ArrayFunction#ca0b6b68::ArrayFunction::hasArrayWithVariableSize#2#dispred#fff_201#join_rhs ON FIRST 1 OUTPUT Lhs.3, Rhs.1, Lhs.1, Lhs.2, Rhs.2
             52640  ~0%    {4} r4 = JOIN r3 WITH Instruction#577b6a83::CallInstruction::getStaticCallTarget#0#dispred#ff ON FIRST 2 OUTPUT Lhs.0, Lhs.4, Lhs.2, Lhs.3
             52640  ~0%    {4} r5 = JOIN r4 WITH Instruction#577b6a83::CallInstruction::getArgument#fbf ON FIRST 2 OUTPUT Rhs.2, Lhs.2, Lhs.3, Lhs.0
             52640  ~0%    {5} r6 = JOIN r5 WITH DataFlowUtil#47741e1f::InstructionNode#fff_20#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, Lhs.3, Rhs.1
             52640  ~0%    {5} r7 = JOIN r6 WITH Instruction#577b6a83::Instruction::getUnconvertedResultExpression#0#dispred#ff ON FIRST 1 OUTPUT Lhs.3, Lhs.4, Lhs.1, Lhs.2, Rhs.1
                           return r7
```

After:
```
[2023-03-27 13:56:36] Evaluated non-recursive predicate OverrunWriteProductFlow#fb5ce006::isSinkPairImpl#5#fffff@f936aapd in 777ms (size: 52640).
Evaluated relational algebra for predicate OverrunWriteProductFlow#fb5ce006::isSinkPairImpl#5#fffff@f936aapd with tuple counts:
        565480  ~5%    {2} r1 = SCAN Instruction#577b6a83::CallInstruction::getStaticCallTarget#0#dispred#ff OUTPUT In.1, In.0
          4420  ~1%    {3} r2 = JOIN r1 WITH ArrayFunction#ca0b6b68::ArrayFunction::hasArrayWithVariableSize#2#dispred#fff ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2
          4420  ~0%    {3} r3 = JOIN r2 WITH Instruction#577b6a83::CallInstruction::getArgument#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.2, Lhs.0
          4420  ~0%    {4} r4 = JOIN r3 WITH DataFlowUtil#47741e1f::InstructionNode#fff_20#join_rhs ON FIRST 1 OUTPUT Lhs.0, Lhs.1, Lhs.2, Rhs.1
          4420  ~0%    {4} r5 = JOIN r4 WITH Instruction#577b6a83::Instruction::getUnconvertedResultExpression#0#dispred#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Lhs.3, Rhs.1
          4420  ~3%    {4} r6 = JOIN r5 WITH Instruction#577b6a83::CallInstruction::getArgument#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.0, Lhs.2, Lhs.3
         52825  ~0%    {5} r7 = JOIN r6 WITH OverrunWriteProductFlow#fb5ce006::bounded#3#fff ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Rhs.2
         52640  ~0%    {5} r8 = JOIN r7 WITH DataFlowUtil#47741e1f::InstructionNode#fff_20#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Rhs.1, Lhs.4, Lhs.3
                       return r8
```
 2023-03-27 14:28:22 +02:00
Mathias Vorreiter Pedersen
125c013052 Merge branch 'main' into skip-safe-conversions-in-range-analysis 2023-03-24 17:01:11 +00:00
Anders Schack-Mulligen
978c5f7bd8 Java/C++: Autoformat 2023-03-23 13:06:19 +01:00
Anders Schack-Mulligen
72415c7c2c C++: Rename references. 2023-03-23 13:06:19 +01:00
Mathias Vorreiter Pedersen
d325082db3 C++: Fix another place that assumed that 'Expr' was always 'Instruction'. 2023-03-22 16:51:39 +00:00
Jeroen Ketema
574b2201cb Merge pull request #12608 from jketema/configsig 
C++: Use `DataFlow::ConfigSig` in more places
 2023-03-21 14:37:32 +01:00
Mathias Vorreiter Pedersen
98dc73c6dd Merge pull request #12611 from MathiasVP/buffer-access-should-be-evaluated 
C++: Exclude unevaluated accesses in `BufferAccess`
 2023-03-21 12:10:37 +00:00
Asger F
6d665da4dc Merge pull request #12570 from github/post-release-prep/codeql-cli-2.12.5 
Post-release preparation for codeql-cli-2.12.5
 2023-03-21 13:06:25 +01:00
Mathias Vorreiter Pedersen
40cc2e7891 C++: Also exclude unevaluated buffers in 'OverflowStatic'. 2023-03-21 09:53:39 +00:00