hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

7071 Commits

Author SHA1 Message Date
Jeroen Ketema
2fdfa0808a C++: Refactor experimental queries to use DataFlow::ConfigSig 2023-03-21 09:16:59 +01:00
Jeroen Ketema
9997326804 C++: Refactor BoostorgAsio to use DataFlow::ConfigSig 2023-03-20 13:37:18 +01:00
Ed Minnix
2d5944fb0e Refactor DataFlow configurations to use "Config" naming convention 2023-03-19 17:44:07 -04:00
github-actions[bot]
981e171525 Post-release preparation for codeql-cli-2.12.5 2023-03-17 13:27:00 +00:00
github-actions[bot]
fe4d27e8cc Release preparation for version 2.12.5 2023-03-16 12:58:50 +00:00
Mathias Vorreiter Pedersen
a5051655a1 C++: Autoformat. 2023-03-13 15:41:17 +01:00
Nicky Mouha
dc09c9218e Update IfStatementAdditionOverflow.ql 2023-03-12 01:05:18 -05:00
Mathias Vorreiter Pedersen
d25a312557 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-03-09 18:38:00 +00:00
Mathias Vorreiter Pedersen
84a61d1e02 C++: No need for 'matches'. 2023-03-09 15:36:26 +00:00
Mathias Vorreiter Pedersen
2931e5dea8 C++: Reduce duplication by blocking flow into sources (since we'll already be considering flow starting at those sources) and out of sinks (since we'll already be alerting on this sink if it's relevant). 2023-03-09 14:59:13 +00:00
Mathias Vorreiter Pedersen
03ba7ea851 C++: Move the weird global property 'not sqlite_encryption_used()' from the sink definition to the source definition. The dataflow library starts tracking flow from the sources, so it's better to to rule out the entire database in the source definition than in the sink definition. 2023-03-09 14:59:13 +00:00
Mathias Vorreiter Pedersen
7819a7d2bc C++: Severely restrict the set of sinks in 'cpp/cleartext-storage-database'. This reduces the number of sinks considered on the 'sysown/proxysql' from > 62000 sinks to ~1000 sinks. 2023-03-09 14:59:13 +00:00
Asger F
6e744093e2 Merge pull request #12398 from github/post-release-prep/codeql-cli-2.12.4 
Post-release preparation for codeql-cli-2.12.4
 2023-03-09 15:38:21 +01:00
Jeroen Ketema
30cbc91092 C++: Update XXE XML query with DataFlow::ConfigSig 2023-03-08 15:04:53 +01:00
Jeroen Ketema
8253f2d343 C++: Update UnsafeDaclSecurityDescriptor with DataFlow::ConfigSig 2023-03-08 15:04:53 +01:00
Jeroen Ketema
7fe1a9431c C++: Update PotentiallyExposedSystemData with DataFlow::ConfigSig 2023-03-08 15:04:53 +01:00
Jeroen Ketema
53aa34bdd3 C++: Update UnsafeCreateProcessCall with DataFlow::ConfigSig 2023-03-08 15:04:53 +01:00
Jeroen Ketema
af612a12de C++: Update TlsSettingsMisconfiguration with DataFlow::ConfigSig 2023-03-08 15:04:52 +01:00
Jeroen Ketema
4363a8ea30 C++: Update leap year queries with DataFlow::ConfigSig 2023-03-08 15:04:52 +01:00
Jeroen Ketema
e65ba13da4 C++: Update NonConstantFormat with DataFlow::ConfigSig 2023-03-08 15:04:52 +01:00
Jeroen Ketema
661160a98e C++: Update PrivateCleartextWrite with DataFlow::ConfigSig 2023-03-08 15:04:45 +01:00
Mathias Vorreiter Pedersen
a247a8b3ea Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-03-08 13:35:35 +00:00
Jeroen Ketema
5391b13db9 C++: Make dataflow configuration modules private in qll files 2023-03-08 09:18:09 +01:00
Jeroen Ketema
0f8a12f3ac C++: Add change note for deprecated data flow configurations in qll files 2023-03-08 09:00:43 +01:00
Jeroen Ketema
13bdd9c0c6 C++: Fix query compliation 
Apparently some queries we skipped in the testing I did locally.
 2023-03-07 19:16:10 +01:00
Jeroen Ketema
57c5d5f2c7 C++: Add QLDoc on configuration modules where the original class had one 2023-03-07 19:01:05 +01:00
Jeroen Ketema
0c39d1e5ca C++: Fix query formatting 2023-03-07 18:55:58 +01:00
Jeroen Ketema
2eb2e11ef7 C++: Fix query compilation 2023-03-07 18:53:07 +01:00
Jeroen Ketema
fb57914751 C++: Convert a number of data flow based queries to use ConfigSig 2023-03-07 18:21:52 +01:00
Mathias Vorreiter Pedersen
cc0b8bbebb Merge pull request #12430 from MathiasVP/no-to-string-on-state-in-cast-array-pointer-arith 
C++: Convert `cpp/upcast-array-pointer-arithmetic` to the new API
 2023-03-07 16:48:15 +00:00
Mathias Vorreiter Pedersen
ce02de48a0 C++: Fix Code Scanning error. 2023-03-07 14:40:36 +00:00
Mathias Vorreiter Pedersen
f2b311a008 C++: We don't need to check type equivalence at the end anymore: the dataflow state now precisely tracks the types. 2023-03-07 14:31:11 +00:00
Mathias Vorreiter Pedersen
ce6366f023 C++: Use the parameterized module dataflow API in 'cpp/upcast-array-pointer-arithmetic'. 
This allows us to swap out the old string state with the Type-based state.
 2023-03-07 14:17:12 +00:00
Mathias Vorreiter Pedersen
63690066c5 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-03-07 13:06:43 +00:00
Mathias Vorreiter Pedersen
b054b9c5cd Merge pull request #12408 from jketema/merge-main 
C++: use-use dataflow merge main
 2023-03-07 13:05:30 +00:00
Paolo Tranquilli
c4fd39ec3f C++: fix example code for FilePermissions.qll 2023-03-07 13:50:20 +01:00
Jeroen Ketema
3a4c0a2aae Merge pull request #12389 from jketema/more-deprecated 
C++: Add `deprecated` to predicates that are deprecated according to the QLDoc
 2023-03-07 11:21:43 +01:00
Jeroen Ketema
9ec479a2a0 C++: Update queries to use DataFlow::ConfigSig 2023-03-07 10:15:11 +01:00
Jeroen Ketema
47930f94e2 Merge remote-tracking branch 'upstream/main' into merge-main 2023-03-06 15:20:39 +01:00
Anders Schack-Mulligen
5c7f2ac7f7 Merge pull request #12186 from aschackmull/dataflow/refactor-configuration 
Data flow: Refactor configuration
 2023-03-06 13:38:59 +01:00
Mathias Vorreiter Pedersen
8836cbae5b C++: Make sure we use an indirect sink only for the sinks that receive a 
pointer to the data. Also fix a bug where we used 'asExpr' instead
of 'asIndirectExpr'.
 2023-03-06 11:22:58 +00:00
github-actions[bot]
af61b45785 Post-release preparation for codeql-cli-2.12.4 2023-03-04 14:16:55 +00:00
Jeroen Ketema
aa00424b75 C++: Fix experimental query that uses the deprecated freeCall predicate 2023-03-03 17:53:49 +01:00
Mathias Vorreiter Pedersen
907e6299a4 C++: Convert 'ExecTainted' to use the new refactored dataflow library. 2023-03-03 14:41:29 +00:00
github-actions[bot]
462da63970 Release preparation for version 2.12.4 2023-03-03 14:11:51 +00:00
Geoffrey White
7b596f4928 Merge pull request #10431 from ihsinme/ihsinme-patch-111 
CPP: Add query for CWE-369: Divide By Zero.
 2023-03-03 10:42:04 +00:00
Mathias Vorreiter Pedersen
075a83c987 Stage stats before on 'ExecTainted.ql' before: 
```
1	10	1 Fwd	609968	1398	-1	94	769936	ExecTaintConfiguration
2	15	1 Rev	239464	774	-1	52	320663	ExecTaintConfiguration
3	20	2 Fwd	205794	511	650	39	18576546	ExecTaintConfiguration
4	25	2 Rev	161966	351	428	39	13639502	ExecTaintConfiguration
5	30	3 Fwd	31889	322	791	39	5982574	ExecTaintConfiguration
6	35	3 Rev	30068	303	661	39	4181421	ExecTaintConfiguration
7	40	4 Fwd	24031	232	1432	39	14725618	ExecTaintConfiguration
8	45	4 Rev	21506	219	907	39	5962780	ExecTaintConfiguration
9	50	5 Fwd	20149	204	1527	38	8350094	ExecTaintConfiguration
10	55	5 Rev	20102	204	1472	38	7515307	ExecTaintConfiguration
11	60	6 Fwd	19950	200	904	33	9673369	ExecTaintConfiguration
12	65	6 Rev	18431	200	901	33	7030957	ExecTaintConfiguration
```

Stage stats after:
```
1	10	1 Fwd	368610	699	-1	65	445199	ExecTaintConfiguration
2	15	1 Rev	112848	336	-1	23	150522	ExecTaintConfiguration
3	20	2 Fwd	91528	219	270	22	4120713	ExecTaintConfiguration
4	25	2 Rev	66017	141	159	22	2657398	ExecTaintConfiguration
5	30	3 Fwd	12161	119	208	22	792468	ExecTaintConfiguration
6	35	3 Rev	11640	111	167	22	569193	ExecTaintConfiguration
7	40	4 Fwd	11423	109	331	22	1203871	ExecTaintConfiguration
8	45	4 Rev	10851	107	323	22	904017	ExecTaintConfiguration
9	50	5 Fwd	10694	107	763	22	2428404	ExecTaintConfiguration
10	55	5 Rev	10332	104	735	22	2355698	ExecTaintConfiguration
11	60	6 Fwd	10302	104	729	22	5772762	ExecTaintConfiguration
12	65	6 Rev	9482	102	725	22	4020951	ExecTaintConfiguration
```
 2023-02-28 15:05:29 +00:00
Mathias Vorreiter Pedersen
8dd0bdbdb0 C++: Rename 'fst' and 'snd' to 'incoming' and 'outgoing'. 2023-02-28 15:05:18 +00:00
Mathias Vorreiter Pedersen
d93d22ba3e C++: Fix FPs in 'cpp/non-constant-format'. 2023-02-28 10:05:05 +00:00
Mathias Vorreiter Pedersen
354a12c906 C++: Fix queries. Since there's no longer indirect -> direct flow in 
taint-tracking we need to make sure the affected sink definitions also
handle indirect flow.
 2023-02-27 14:57:36 +00:00