hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
codeql-cli-2.22.4
Commit Graph

13613 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
9375e571b1 C++: Use SSA data flow integration module. 2025-03-14 10:51:24 +01:00
Anders Schack-Mulligen
c7ff2f55b5 C++: Remove yet another DefinitionExt reference. 2025-03-14 10:51:23 +01:00
Anders Schack-Mulligen
e01552c3f0 C++: Remove another DefinitionExt reference. 2025-03-14 10:51:23 +01:00
Anders Schack-Mulligen
c5755ba8d4 C++: Remove a DefinitionExt reference. 2025-03-14 10:51:23 +01:00
Anders Schack-Mulligen
0c17786ed0 C++: Delete unused predicate 2025-03-14 10:51:22 +01:00
Jeroen Ketema
de2fb037d0 Merge pull request #18980 from LeStarch/jpl-c-basic-integral-types-fix 
Fixing BasicIntTypes to allow C Standard Integers and 'bool'
 2025-03-14 08:06:55 +01:00
M Starch
7b5d604607 Updating tests to allow new typedefs 2025-03-13 15:04:37 -07:00
M Starch
7f4905987e Addressing review comments 
Reduced the category to minorAnalysis.  Handled bools via a instanceof with BoolType.  Formatted the query correctly.
 2025-03-13 11:12:35 -07:00
Mathias Vorreiter Pedersen
6f4e9ed136 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:36 +00:00
Mathias Vorreiter Pedersen
0e5fa1b5eb Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:23 +00:00
Mathias Vorreiter Pedersen
470321e8b6 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:15 +00:00
Mathias Vorreiter Pedersen
9cde2bb94d Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 15:59:57 +00:00
Mathias Vorreiter Pedersen
68b414d169 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 15:59:48 +00:00
Mathias Vorreiter Pedersen
0fe77154e1 C++: Add library change note. 2025-03-13 14:29:34 +00:00
Mathias Vorreiter Pedersen
aeb1acba97 C++: Use the new API in queries. 2025-03-12 17:09:05 +00:00
Mathias Vorreiter Pedersen
66e8b2d7e5 C++: Add an 'asDefinition' overload to check if a definition is certain or not. 2025-03-12 17:07:07 +00:00
M Starch
f01737a4c0 Fixing BasicIntTypes to allow C Standard Integers and 'bool' 
The purpose of this check is to ensure that all integral types used by the code point to some fixed size type (e.g. an unsigned 8-bit integer). However; the previous implementation only allowed JPL style typedefs (i.e. U8) and ignored C standard integer types (i.e. uint8_t). This causes the query to false-positive when a typedef resolves to a C standard int type.

'bool' has also be allowed as part of the exclusions list as it represents distinct values 'true' and 'false' in C++ code.
 2025-03-11 14:56:57 -07:00
REDMOND\brodes
8a7671dc2a Adding block mode models to openssl. 2025-03-11 15:20:05 -04:00
REDMOND\brodes
c98e6d7c56 Adding a stub EVP_CIpher_Operation for EVP_PKEY, this probably should be made into it's own class, hence it is a stub with comments. 2025-03-11 14:49:07 -04:00
REDMOND\brodes
a9458ba762 Formatting, removing dead comments, 2025-03-11 14:48:38 -04:00
REDMOND\brodes
d988afd4a4 Adding an EVP_AASYM_CIPHER_fetch getter. 2025-03-11 14:47:10 -04:00
REDMOND\brodes
7757279908 Adding a KDF algorithm getter. 2025-03-11 14:46:36 -04:00
REDMOND\brodes
44b1e921d6 commenting out hash size for now, TODO 2025-03-11 14:10:04 -04:00
REDMOND\brodes
f69b057893 Updating OpenSSLKnownAlgorithmConstants.qll (a few bugs) and also enforcing that known key sizes are on the normalized name (need to re-visit for GOST). 2025-03-11 13:35:44 -04:00
REDMOND\brodes
ae574f7cf2 Resolving hash and cipher types for openssl not using literals but KnownOpenSSLAlgorithmConstant. 2025-03-11 13:35:02 -04:00
REDMOND\brodes
f72efa638a Uncommenting out generic dataflow 2025-03-10 16:12:53 -04:00
REDMOND\brodes
c83cb533ce Adding an instantiation of the additional flow step class to automatically apply to generic dataflow. Flow step passthrough comes from the algorithm to getter flow passthroughs. 2025-03-10 15:56:01 -04:00
REDMOND\brodes
036035b6a2 Adding modeling for OpenSSL random number generation. 2025-03-10 15:04:19 -04:00
REDMOND\brodes
73368ea59a Adding hashes to openssl library import 2025-03-10 13:27:39 -04:00
REDMOND\brodes
0672027822 Tracing new notion of known getters, which now includes direct getters for cipher and hash. Removed a redundant hash qll, and fixed misplacement of has type in model. 2025-03-10 11:46:26 -04:00
REDMOND\brodes
451808616e Getting rid of commented out code. 2025-03-10 11:35:16 -04:00
REDMOND\brodes
bd07b8a4c7 Making getter flow through 'copy' more general (copy can appear in any part of the call name now. 2025-03-10 11:34:26 -04:00
REDMOND\brodes
6a4659fc7e Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5()) 2025-03-10 11:33:46 -04:00
REDMOND\brodes
3316d6135d Ctx flow comments. 2025-03-10 11:32:14 -04:00
Mathias Vorreiter Pedersen
f9a7ac4e89 C++: Accept test changes. 2025-03-07 19:59:06 +00:00
Mathias Vorreiter Pedersen
b06902a3b1 C++: Share more indirect operands and instructions. 2025-03-07 19:59:05 +00:00
REDMOND\brodes
bac0a635f9 Initial hash models for openssl. 2025-03-07 14:24:01 -05:00
REDMOND\brodes
32d29ffde3 Changed casing on TCipherType, Added some initial fixes for hash support, started developing openssl hashing modeling. 2025-03-07 10:02:36 -05:00
Jeroen Ketema
87ee191409 Merge pull request #18928 from jketema/desc 
C++: Improve query description and fix alignment of the text
 2025-03-07 10:47:31 +01:00
REDMOND\brodes
6083df2b7f Completed tying algorithm instances to consumers. Now the model should have known literals for cipher instances, and it traces those instances to consumers (inits) and those inits are traced to cipher operations. 2025-03-05 15:48:08 -05:00
REDMOND\brodes
de3ff45cba Misc updates for OpenSSL modeling to trace algorithm literals to known alg getters, and converting the literal to a TCipherType. 2025-03-05 15:17:52 -05:00
Mathias Vorreiter Pedersen
38bf9c6835 Merge pull request #18908 from aschackmull/cpp/branchlimit-adjustment-refactor 
C++: Change countNumberOfBranchesUsingParameter to match qldoc closer.
 2025-03-05 11:21:38 +00:00
REDMOND\brodes
cce5f24b38 Initial OpenSSL modeling work. 2025-03-04 15:52:57 -05:00
Jeroen Ketema
e50ebfc8c2 C++: Improve query description and fix alignment of the text 2025-03-04 20:50:27 +01:00
Jeroen Ketema
795a2e1175 Merge pull request #18923 from jketema/template-arguments 
C++: Update template test to also output the value of template arguments
 2025-03-04 17:56:14 +01:00
Jeroen Ketema
324499e447 C++: Update template test to also output the value of template arguments 
These values are currently the same as the result that `getTemplateArgument`
yields. However, this will change with the upcoming frontend update.
 2025-03-04 16:24:21 +01:00
Enrico Steffinlongo
e230166fe2 Add C++ query to extract the status of include file resolution 2025-03-04 13:57:17 +00:00
github-actions[bot]
58f355ae5a Post-release preparation for codeql-cli-2.20.6 2025-03-03 18:18:15 +00:00
github-actions[bot]
fa850cccb1 Release preparation for version 2.20.6 2025-03-03 17:13:19 +00:00
Geoffrey White
7f56c67544 Merge pull request #18837 from geoffw0/overflowbuffer 
C++: Improve and promote cpp/overflow-buffer
 2025-03-03 14:17:12 +00:00