hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,672 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

7071 Commits

Author SHA1 Message Date
Robert Marsh
61017a7997 C++: prevent a bad join order 2022-09-13 09:39:11 +01:00
intrigus
894a0f1c3b Add string to int sanitizer. 2022-09-12 21:02:18 +02:00
Geoffrey White
6011ae9ecc Merge branch 'main' into cleartext-perf 2022-09-09 11:40:47 +01:00
Geoffrey White
edefda9213 C++: Make QL-for-QL happy. 2022-09-09 11:26:42 +01:00
Geoffrey White
813d166ad7 C++: Restore results in cpp/cleartext-storage-database using . 2022-09-09 11:03:29 +01:00
github-actions[bot]
a9d80a5a48 Release preparation for version 2.10.5 2022-09-08 11:35:54 +00:00
Mathias Vorreiter Pedersen
e37848ec6d C++: Remove 'IRConfiguration' since we no longer generate bad IR for range analysis. 2022-09-07 16:39:45 +01:00
Mathias Vorreiter Pedersen
5ce47d97b2 Merge branch 'main' into rdmarsh2/cpp/product-flow 2022-09-07 11:14:42 +01:00
Mathias Vorreiter Pedersen
9745073024 C++: Speedup 'cpp/using-expired-stack-address' by avoiding a large negation. 2022-09-06 14:33:33 +01:00
Geoffrey White
b6d5b6731a C++: Make QLDoc meet style guide. 2022-09-05 17:17:57 +01:00
Geoffrey White
234da636a4 C++: Change note. 2022-09-05 17:01:25 +01:00
Geoffrey White
008d583da8 C++: Modernize cpp/cleartext-storage-database. 2022-09-05 16:47:14 +01:00
Geoffrey White
946456acc2 C++: Apply the sanitizer improvement from cpp/cleartext-storage-buffer in cpp/cleartext-storage-file and cpp/cleartext-transmission. 2022-09-05 14:44:33 +01:00
Nora Dimitrijević
7584434b80 Merge pull request #10163 from d10c/missing-check-scanf-squashed 
C++: New Query: missing return-value check for scanf-like functions
 2022-09-01 23:43:21 +02:00
Robert Marsh
ca2694ae1d C++: exclude end pointers in iterator-style loops 2022-09-01 17:42:19 -04:00
Robert Marsh
35701373ee C++: more semantic range analysis perf tweaks 2022-09-01 10:49:54 -04:00
Edoardo Pirovano
8f332714f4 Merge pull request #10260 from github/edoardo/3.7-mergeback 
Merge `rc/3.7` into `main`
 2022-09-01 15:44:17 +01:00
Nora Dimitrijević
f5a30c7bbe C++: Add correctness tag 
As that seems to be appropriate for this query.
 2022-08-31 16:59:57 +02:00
Nora Dimitrijević
38f185bee4 C++: Correct CWE tags in metadata 2022-08-31 16:58:05 +02:00
Nora Dimitrijević
0729e42536 C++: Update metadata based on cwe-scores 
Though the codeql/cwe-scores update-queries.py script did not make any changes on its own,
I looked up the score of the CWEs that @geoffw0 suggested using the explain.py script.

As discussed elsewhere, this should be more of a warning than a recommendation.
 2022-08-31 15:50:37 +02:00
Nora Dimitrijević
ce1e4ad422 Merge branch 'main' into missing-check-scanf-squashed 2022-08-30 11:34:00 +02:00
Nora Dimitrijević
e10042be7d C++: Improve docs based on doc-review 
Thanks to @mchammer01 and @geoffw0 for the suggestions latest.
 2022-08-30 11:14:57 +02:00
github-actions[bot]
3b4ad3c4f1 Post-release preparation for codeql-cli-2.10.4 2022-08-26 09:32:11 +00:00
erik-krogh
cc7a9ef97a rename more acronyms 2022-08-25 20:52:27 +02:00
Nora Dimitrijević
7d24d96d80 C++: Optimize MissingCheckScanf/bigStep() 2022-08-25 17:12:25 +02:00
Nora Dimitrijević
2bd866cc82 C++: improve change note and move to right place 2022-08-25 16:00:25 +02:00
Nora Dimitrijević
ad56274a73 C++: Small improvements to query qldoc and message 2022-08-25 15:22:41 +02:00
Nora Dimitrijević
a6a30b3725 C++: clarify ScanfOutput.getMinimumGuardConstant() 2022-08-25 15:07:39 +02:00
github-actions[bot]
0f63bc077f Release preparation for version 2.10.4 2022-08-25 12:52:26 +00:00
Nora Dimitrijević
e39229d59e C++: Remove unique-Instruction kludge in ScanfOutput 
Passes tests.
 2022-08-25 14:38:58 +02:00
Nora Dimitrijević
d8800c03b6 C++: new helper predicates in ScanfFunctionCall 
Extract some of the logic from the `cpp/missing-check-scanf` query into
the more generally useful `getOutputArgument(int index)`, `getAnOutputArgument()`,
and `getNumberOfOutputArguments()` predicates.
 2022-08-25 14:32:15 +02:00
Nora Dimitrijević
5c894ae40b Merge branch 'main' into missing-check-scanf-squashed 2022-08-24 21:14:57 +02:00
Nora Dimitrijević
170d12bf5a Write MissingCheckScanf.qhelp 2022-08-24 19:58:19 +02:00
erik-krogh
1c0f2251e2 Merge branch 'main' into msgConsis 2022-08-24 14:38:57 +02:00
Nora Dimitrijević
ca162a4365 C++: complete initial implementation of cpp/missing-check-scanf 
There are still some remaining FPs (haven't fully tested them)
that should be ironed out in a follow-up to increase the precision, e.g.:

  * if scanf(&i) != 1 return
    if maybe() && scanf(&i) != 1 return
    use(i) // should be OK on both counts

  * The minimum guard constant for the *_s variants may not be right.

  * int i[2]
    scanf(i, i+1) // second i is flagged as a use of the first

  * Maybe loosen the "unguarded or badly guarded use() = bad" policy to
    "unguarded but already-initialized = good" and "badly guarded = bad",
    since a lot of FPs in MRVA fall into the "unguarded but already-
    initialized" bucket.
 2022-08-24 11:25:06 +02:00
erik-krogh
a50234adb0 apply suggestion from review 2022-08-23 15:41:37 +02:00
erik-krogh
afadcd9b45 use a more detailed alert message in bitwise-sign-check 2022-08-23 11:18:45 +02:00
erik-krogh
d96d6721ba change the alert message of unused-local-variable 2022-08-23 11:15:11 +02:00
erik-krogh
f7846a598e add change-notes 2022-08-23 07:54:01 +02:00
erik-krogh
678e433013 update cpp/missing-case-in-switch to match java 2022-08-22 21:41:45 +02:00
erik-krogh
ea2777fa3e update {cs/cpp}/equality-on-floats to use the same alert-message/description 2022-08-22 21:41:45 +02:00
erik-krogh
39c1832995 update {cpp/js}/bitwise-sign-check to match java 2022-08-22 21:41:45 +02:00
erik-krogh
cc41a83a8d update {py/cpp}/commented-out-code to match csharp/java/javascript 2022-08-22 21:41:45 +02:00
erik-krogh
698ccd8850 update {cpp/java}/unused-local to match python 2022-08-22 21:41:45 +02:00
erik-krogh
5a312cd0da update cpp/complex-block to match java/csharp 2022-08-22 21:41:45 +02:00
erik-krogh
b1c9843d15 update {cs/cpp}/empty-block so they have the same alert message 2022-08-22 21:41:45 +02:00
erik-krogh
a593a52b5e add missing qldoc (that was already missing?) 2022-08-22 21:22:39 +02:00
erik-krogh
e89e0eb7fb make some acronyms camelCase 2022-08-22 21:22:35 +02:00
Mathias Vorreiter Pedersen
831f143fe6 C++: Add change note. 2022-08-22 12:40:08 +01:00
Mathias Vorreiter Pedersen
65abb54a73 C++: Add a sanitizer to 'cpp/cleartext-storage-buffer' to improve the performance of the query. 2022-08-22 11:01:31 +01:00