hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

944 Commits

Author SHA1 Message Date
Geoffrey White
a1e503f428 CPP: Add test cases for PotentiallyDangerousFunction. 2019-04-04 16:26:53 +01:00
Jonas Jensen
842aafc888 C++: Fix new UnsafeDaclSecurityDescriptor FP 
This query uses data flow for nullness analysis, which is always going
to be a large overapproximation. The overapproximation became too big
for one of the test cases after the recent change to make data flow go
across assignment by reference.

To make this query more conservative, it will now only report that the
`pDacl` argument can be null if there isn't also evidence that it can be
non-null.
 2019-04-02 11:31:12 +02:00
Geoffrey White
faa23a53be CPP: Update expected for changes elsewhere. 2019-03-28 15:49:36 +00:00
Geoffrey White
e7c02027f5 CPP: Fix 'BAD'. 2019-03-28 15:49:36 +00:00
Geoffrey White
8c75e730e4 CPP: Widen TaintedAllocationSize.ql. 2019-03-28 15:49:36 +00:00
Geoffrey White
dab1bba25c CPP: Add a test of TaintedAllocationSize. 2019-03-28 15:49:36 +00:00
Geoffrey White
8a5bc24b36 CPP: Replace PotentialBufferOverflow with OverrunWrite in the test. 2019-02-27 13:09:09 +00:00
Geoffrey White
7194121eae CPP: Expand the test cases covering PotentialBufferOverflow.ql. 2019-02-27 13:09:09 +00:00
Jonas Jensen
2550788598 C++: Accept test changes to getRelativePath 
After a `queries.xml` was added to the test directory,
`Container.getRelativePath` now considers source files to be relative to
the `cpp/test` directory rather than the directory of the `*.ql*` file.
This caused some benign test output changes, and it also caused an
unwanted alert for `test3.c:14` to appear in
`cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/IntegerOverflowTainted.expected`.
This alert came about because `inSystemMacroExpansion` holds for files
that don't have a relative path, but the pretend system header in
`../system_header` now does have a relative path because it's below the
`cpp/test` directory. The fix is to add another `queries.xml` just for
the directory with the affected test.
 2019-02-18 14:41:28 +01:00
Geoffrey White
2321ae911e CPP: Fix the test by adding PotentiallyDangerousFunction. 2019-02-05 17:58:30 +00:00
Geoffrey White
429f53ed74 CPP: Move the 'gets' case. 2019-02-05 17:58:30 +00:00
Geoffrey White
a82832e779 CPP: Add a test that uses 'gets'. 2019-02-05 17:58:30 +00:00
Jonas Jensen
be2a480394 Merge pull request #843 from geoffw0/strtoul 
CPP: Improve ArithmeticTainted.ql
 2019-01-31 07:04:17 -08:00
Geoffrey White
b0805f8e79 CPP: Adjust ArithmeticTainted.ql so that it can work on non-VariableAccesses. 2019-01-28 17:36:56 +00:00
Geoffrey White
f1dc538796 CPP: Add a test using strtoul in a taint query. 2019-01-28 16:59:02 +00:00
Geoffrey White
1a044a0a22 CPP: Add 'fread' to BufferAccess.qll. 2019-01-25 12:58:25 +00:00
Geoffrey White
fd6365838b CPP: Add test cases involving fread. 2019-01-25 12:58:25 +00:00
Jonas Jensen
2aca40a021 Merge pull request #736 from geoffw0/macroinv2 
CPP: Deprecate MacroInvocationExpr and MacroInvocationStmt
 2019-01-25 09:02:02 +01:00
Geoffrey White
bff23f546d CPP: Clearer naming. 2019-01-18 16:21:28 +00:00
Geoffrey White
6088ca5d5b CPP: Update our uses of MacroInvocationExpr. 2019-01-09 12:17:29 +00:00
Geoffrey White
b59c2868cd CPP: Add test cases for the macro logic and other details of ArithmeticUncontrolled.ql. 2019-01-09 12:17:29 +00:00
Geoffrey White
e443eb8889 CPP: Fix type logic. 2018-12-13 09:49:32 +00:00
Geoffrey White
c904a338f7 CPP: Add test cases. 2018-12-12 23:47:48 +00:00
Geoffrey White
0f268cac40 CPP: Fix the issue. 2018-12-07 18:43:27 +00:00
Geoffrey White
02a060fbfa CPP: Add a test. 2018-12-07 18:21:48 +00:00
Geoffrey White
f034abc275 CPP: Add the Semmle security tests. 2018-11-26 17:52:34 +00:00
Geoffrey White
e9499b59e4 CPP: Exclude switch statements. 2018-10-19 10:24:29 +01:00
Geoffrey White
298ead162d CPP: Add more test cases for HResultBooleanConversion.ql. 2018-10-19 10:24:29 +01:00
Raul Garcia
7ab723ae79 Fixing typos & incorporating feedback. 
(MSFT feedback) Adding a new tag in the header @msrc.severity important
 2018-10-16 10:00:51 -07:00
Raul Garcia
22d54801e5 Removed one false-positive scenario (no space on lpCommandLine) 
Improved the query to avoid multiple calls to hasGlobalName
Fixed typos
Simplified the test case file
 2018-10-15 15:53:02 -07:00
Raul Garcia
242d40369b Merge branch 'master' into users/raulga/c6277 2018-10-12 15:59:54 -07:00
Raul Garcia
85283d63ce C++ : NULL application name with an unquoted path in call to CreateProcess 
Calling a function of the CreatePorcess* family of functions, which may result in a security vulnerability if the path contains spaces.
 2018-10-12 15:57:01 -07:00
Raul Garcia
230724c085 Updates based on feedback 2018-10-02 11:17:23 -07:00
Raul Garcia
253b8d1287 C++ : cpp/incorrect-string-type-conversion 
Cast between semantically different string types: char* from/to wchar_t*
NOTE: Please let me know if you want to use a different CWE than CWE-704
 2018-10-01 10:25:49 -07:00
Raul Garcia
54493eb990 Merge branch 'master' into master 2018-09-25 10:58:51 -07:00
Raul Garcia
d6d27df27b Removing all usage of single quotes 2018-09-25 10:50:34 -07:00
Raul Garcia
a566ffae4a Fixed the test .expected file 2018-09-24 10:18:39 -07:00
Raul Garcia
242ee10806 Major change in order to support the rule for C as well as cpp 2018-09-21 16:47:31 -07:00
Raul Garcia
925c3b51f9 Adding semmle-extractor-options: --microsoft to test 2018-09-21 15:21:07 -07:00
Raul Garcia
8519f1a9e1 Fixing tabs replaced to spaces 2018-09-21 13:07:39 -07:00
Raul Garcia
75ef377ac1 Replace Unicode apostrophe with ANSI single quote 2018-09-21 11:34:22 -07:00
Raul Garcia
783be15a45 Fixing typos & ID. 
NOTE: There is an ongoing discussion on the proper CWE we should use
 2018-09-21 11:14:14 -07:00
Raul Garcia
48c99fb1d1 Setting a SECURITY_DESCRIPTOR’s DACL to NULL 
Closing the gap between Semmle & PreFAST
This rule is equivalent to C6248
 2018-09-20 16:28:37 -07:00
Raul Garcia
b0ec929aad Cast between semantically different integer types: HRESULT to/from a Boolean type. 
Closing the gap between Semmle and PreFast.
Covers C6214, C6215, C6216, C6217, C6230
 2018-09-20 16:16:32 -07:00