hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

5690 Commits

Author SHA1 Message Date
Geoffrey White
cf194219b9 CPP: Fix FPs. 2019-07-15 14:58:35 +01:00
Geoffrey White
5362fef81c CPP: Additional AllocaInLoop test cases. 2019-07-15 14:50:02 +01:00
Ziemowit Laski
c906560edd Fix up expected IR output after rebase. 2019-07-13 12:57:25 -07:00
Ziemowit Laski
960a41be85 Handle __builtin_addressof. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
175ba7b3b0 Fix up .expected on the IR side. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
2637c22732 Fix up .expected file. 2019-07-13 12:23:40 -07:00
Ziemowit Laski
e5fc07660d [CPP-386] Print QL AST classes next to elements in PrintAST trees. 2019-07-13 12:23:09 -07:00
Robert Marsh
41e46f6686 Merge pull request #1584 from geoffw0/swap 
CPP: Model std::swap
 2019-07-12 10:41:14 -07:00
Geoffrey White
a9b953f89a CPP: Flip test output for consistency and easy comparison with the other tests. 2019-07-12 18:18:08 +01:00
Geoffrey White
c2fd2e273e CPP: Model taint flow through std::swap. 2019-07-12 18:00:39 +01:00
Geoffrey White
f132bca06e CPP: Add a taint flow test of 'std::swap'. 2019-07-12 16:37:01 +01:00
semmledocs-ac
e1da6e915c Merge pull request #1515 from geoffw0/continuefalseloop 
CPP: Improvements to ContinueInFalseLoop.ql
 2019-07-12 08:38:22 +01:00
Dave Bartolomeo
c73b516862 Merge pull request #1541 from jbj/ir-operand-exact 
C++ IR: Make instruction operand getters have only exact results
 2019-07-11 13:13:20 -07:00
Dave Bartolomeo
00ff2bb6c4 Merge pull request #1554 from jbj/ir-ErrorExpr 
C++ IR: support for translating ErrorExpr
 2019-07-11 13:05:04 -07:00
Jonas Jensen
23001d5471 Merge pull request #1566 from rdmarsh2/rdmarsh/cpp/pure-functions-effect-model 
C++: alias and side effect info for pure functions
 2019-07-11 21:21:54 +02:00
Geoffrey White
62fb216102 CPP: Fix false positive. 2019-07-11 20:00:50 +01:00
Geoffrey White
e1efdd7d47 CPP: Add a test where continue is used in a switch to exit the loop. 2019-07-11 20:00:50 +01:00
Geoffrey White
83d4b23ae3 CPP: Fix false positives in while/for loops. 2019-07-11 20:00:50 +01:00
Geoffrey White
136ca72297 CPP: Add a test. 2019-07-11 20:00:49 +01:00
Robert Marsh
c195420ba1 C++: respond to PR comments 2019-07-11 11:00:52 -07:00
Jonas Jensen
0889d5d27a C++ IR: Improve ErrorExpr test 
The previous version of the test used `0 = 1;` to test an lvalue-typed
`ErrorExpr`, but the extractor replaced the whole assignment expression
with `ErrorExpr` instead of just the LHS. This variation of the test
only leads to an `ErrorExpr` for the part of the syntax that's supposed
to be an lvalue-typed expression, so that's an improvement.
Unfortunately it still doesn't demonstrate that we can `Store` into an
address computed by an `ErrorExpr`.
 2019-07-09 13:35:20 +02:00
Jonas Jensen
4324c97d39 C++: Use Opcode::Error for ErrorExpr translation 2019-07-09 13:26:00 +02:00
Jonas Jensen
a86ddd50de C++ IR: Translate ErrorExpr to NoOp 2019-07-09 13:18:11 +02:00
Jonas Jensen
e2a43eeed6 C++ IR: Tests with ErrorExpr 2019-07-09 13:18:09 +02:00
Jonas Jensen
46d779248d Merge pull request #1559 from zlaski-semmle/zlaski/futile-params-fix 
Reduce precision from `very-high` to `low` due to inability to handle…
 2019-07-09 06:51:56 +02:00
Dave Bartolomeo
7bbfffec4d Merge pull request #1552 from jbj/ir-builtin_addressof 
C++ IR: Support __builtin_addressof
 2019-07-08 17:08:38 -07:00
Dave Bartolomeo
52e0f3fb62 Merge pull request #1551 from jbj/ir-DeleteExpr-placeholder 
C++: Placeholder translation of delete expressions
 2019-07-08 17:07:16 -07:00
Robert Marsh
41e4d920e3 C++: alias and side effect info for pure functions 2019-07-08 12:26:58 -07:00
Ziemowit Laski
ed5e2f3211 It turns out that the bminor/bash alert spewage was caused by 
a bug in the extractor, which is verified fixed in the next release.
Reverting query to its original form.
 2019-07-08 12:11:15 -07:00
Robert Marsh
ea7602b571 C++: add test for Alias and SideEffect models 2019-07-08 11:41:46 -07:00
Ziemowit Laski
be0db66a55 Squelch bminor/bash alerts and set query precision to high. 2019-07-06 14:27:02 -07:00
Jonas Jensen
8d3cb78a9d C++: Fix DeclarationHidesVariable FP 
We don't want alerts about the compiler-generated variables that appear
in the desugaring of range-based `for`.
 2019-07-05 20:39:43 +02:00
Jonas Jensen
443a8fbc07 C++: Test for DeclarationHidesVariable FP 2019-07-05 20:34:30 +02:00
Jonas Jensen
4b4e7caf9f C++ IR: Support __builtin_addressof 2019-07-05 11:05:00 +02:00
Jonas Jensen
6fe9945c04 C++: Placeholder translation of delete expressions 
Before this change, `delete` and `delete[]` expressions had no control
flow after them, which caused the reachability analysis to remove all
code after a delete expression. This commit adds placeholder support for
delete expression by translating them to `NoOp` instructions so their
presence doesn't cause large chunks of the program to be removed.
 2019-07-05 10:54:35 +02:00
Jonas Jensen
2f8787379a Merge pull request #1535 from geoffw0/nospacezero 
CPP: Fix false positives from NoSpaceForZeroTerminator.ql
 2019-07-04 22:36:04 +02:00
Jonas Jensen
8c733fd58d Merge pull request #1537 from geoffw0/add-tests 
CPP: Add some tests
 2019-07-04 21:20:55 +02:00
Geoffrey White
7fc31f263a CPP: Basic fix. 2019-07-04 17:27:40 +01:00
Geoffrey White
34d307ecef CPP: Test a common false positive. 2019-07-04 17:27:40 +01:00
Geoffrey White
8ce6822d6f CPP: Fix format literal. 2019-07-04 16:31:35 +01:00
Jonas Jensen
984405be2e C++ IR: Change many uses of getAnyDef to getDef 
This changes all the getters on `Instruction` to use `getDef` instead of
`getAnyDef`, with the result that these getters now only have a result
if the definition is exact.

This is a backwards-INCOMPATIBLE change.
 2019-07-03 11:04:57 +02:00
Jonas Jensen
206a96df94 C++ IR: Rename getters for def/use on Operand 
This renames `getDefinitionInstruction` to `getAnyDef`, reflecting that
it includes definitions without exact overlap. It renames
`getUseInstruction` to `getUse` for consistency.

    perl -p -i -e 's/\bgetUseInstruction\b/getUse/g; s/\bgetDefinitionInstruction\b/getAnyDef/g' \
      cpp/ql/src/semmle/code/cpp/ir/**/*.ql* \
      cpp/ql/test/**/*.ql* \
      cpp/ql/src/semmle/code/cpp/rangeanalysis/**/*.ql*
 2019-07-03 10:06:48 +02:00
Jonas Jensen
757ec97e7a Merge pull request #1251 from zlaski-semmle/zlaski/cpp370 
[CPP-370] Non-constant `format` arguments to `printf` and friends
 2019-07-01 14:43:19 +02:00
Geoffrey White
95ab8cc706 CPP: Add a test of More64BitWaste.ql. 2019-06-27 17:14:46 +01:00
Geoffrey White
5e328908a0 CPP: Modify violation message of NonPortablePrintf.ql for consistency with WrongTypeFormatArguments.ql. 2019-06-27 17:11:37 +01:00
Geoffrey White
5cef0e21c6 CPP: Add a test of NonPortablePrintf.ql. 2019-06-27 16:51:07 +01:00
Geoffrey White
a7fb2e1261 CPP: More test cases for ArithmeticWithExtremeValues. 2019-06-26 15:38:23 +01:00
Geoffrey White
f8655b1664 CPP: Add a test that uses Function.getAThrownType() and Function.isNoThrow(). 2019-06-26 15:20:46 +01:00
Geoffrey White
e237507208 CPP: Add a reference to the ReturnConstType tests. 2019-06-26 15:20:46 +01:00
Geoffrey White
627fba81ce CPP: Improve wording of UnsafeArrayForDAysOfYear.ql. 2019-06-25 14:42:18 +01:00