hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,246 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.0
Commit Graph

13679 Commits

Author SHA1 Message Date
github-actions[bot]
51cdeefafb Post-release preparation for codeql-cli-2.20.7 2025-03-17 13:00:41 +00:00
github-actions[bot]
2d64a618e6 Release preparation for version 2.20.7 2025-03-17 12:15:54 +00:00
Mathias Vorreiter Pedersen
a035c9b4d1 C++: Also update source-sink tests. 2025-03-14 20:04:45 +00:00
Mathias Vorreiter Pedersen
b7d1c56372 C++: Add change note. 2025-03-14 18:53:09 +00:00
Mathias Vorreiter Pedersen
636150ea4f C++: Adjust tests and accept test changes. 2025-03-14 18:43:33 +00:00
Mathias Vorreiter Pedersen
78697903fc C++: Move ATL models to ATL namespace. 2025-03-14 18:43:06 +00:00
Anders Schack-Mulligen
c2309442d5 C++: Accept qltest changes. 2025-03-14 10:51:28 +01:00
Mathias Vorreiter Pedersen
90774c03be C++: Remove yet another DefinitionExt reference. 2025-03-14 10:51:27 +01:00
Anders Schack-Mulligen
35687ea698 C++: Merge two cached stages. 2025-03-14 10:51:27 +01:00
Anders Schack-Mulligen
7bfd47a924 C++: Fix bad join order. 
Before:

[2025-03-12 10:27:53] Evaluated non-recursive predicate SsaInternals::UseImpl.hasIndexInBlock/2#dispred#1e34a5af@e87543ui in 935ms (size: 8905695).
Evaluated relational algebra for predicate SsaInternals::UseImpl.hasIndexInBlock/2#dispred#1e34a5af@e87543ui with tuple counts:
                          {3} r1 = SsaInternals::DirectUseImpl#a58aae88 AND NOT `_ArithmeticOperation::PostfixCrementOperation#17623ada_Expr::UnaryOperation.getOperand/0#dispred#990__#antijoin_rhs`(FIRST 3)
         8579337   ~4%    {2}    | SCAN OUTPUT In.1, In.0
         8579337   ~0%    {2}    | JOIN WITH `Operand::Operand.getUse/0#dispred#427b49d0` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
         8579337   ~0%    {3}    | JOIN WITH `IRBlock::Cached::getInstruction/2#627f9c61_201#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2

           48215   ~2%    {2} r2 = SCAN SsaInternals::GlobalUse#9cd323b4 OUTPUT In.2, In.0
        35467318   ~3%    {2}    | JOIN WITH `SSAConstruction::getInstructionEnclosingIRFunction/1#5443f355_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1

           48189   ~0%    {2} r3 = JOIN r2 WITH Instruction::ReturnInstruction#28bfb7eb ON FIRST 1 OUTPUT Lhs.0, Lhs.1

           12332   ~0%    {2} r4 = JOIN r2 WITH Instruction::UnreachedInstruction#774c7a34 ON FIRST 1 OUTPUT Lhs.0, Lhs.1

           60521   ~0%    {2} r5 = r3 UNION r4
           60521   ~2%    {3}    | JOIN WITH `IRBlock::Cached::getInstruction/2#627f9c61_201#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2

           39316   ~0%    {2} r6 = JOIN SsaInternals::FinalParameterUse#c1f84700_10#join_rhs WITH `Parameter::Parameter.getFunction/0#dispred#803faca2` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
        43821265   ~0%    {2}    | JOIN WITH `Instruction::Instruction.getEnclosingFunction/0#dispred#cb8ccc56_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1

           39194   ~0%    {2} r7 = JOIN r6 WITH Instruction::ReturnInstruction#28bfb7eb ON FIRST 1 OUTPUT Lhs.0, Lhs.1

           21255   ~2%    {2} r8 = JOIN r6 WITH Instruction::UnreachedInstruction#774c7a34 ON FIRST 1 OUTPUT Lhs.0, Lhs.1

           60449   ~0%    {2} r9 = r7 UNION r8
           60449   ~3%    {3}    | JOIN WITH `IRBlock::Cached::getInstruction/2#627f9c61_201#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2

         8784725   ~1%    {5} r10 = JOIN `_SsaInternals::DirectUseImpl#a58aae88_SsaInternals::DirectUseImpl.getBase/0#dispred#4b8c43d0_SsaInte__#shared` WITH `SsaInternals::DirectUseImpl.getBase/0#dispred#4b8c43d0` ON FIRST 1 OUTPUT Rhs.1, Lhs.0, Lhs.1, Lhs.2, Lhs.3
         8784725   ~0%    {5}    | JOIN WITH `cached_SSAConstruction::getInstructionAst/1#d0d95b50` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4
          210435   ~4%    {5}    | JOIN WITH `Expr::UnaryOperation.getOperand/0#dispred#990de484#bf_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4
          205388   ~0%    {4}    | JOIN WITH ArithmeticOperation::PostfixCrementOperation#17623ada ON FIRST 1 OUTPUT Lhs.4, Lhs.3, Lhs.2, Lhs.1
          205388   ~4%    {3}    | JOIN WITH `__IRBlock::Cached::getInstruction/2#627f9c61_201#join_rhs__ArithmeticOperation::PostfixCrementOperat__#join_rhs` ON FIRST 3 OUTPUT Rhs.4, Lhs.3, Rhs.3
          205388   ~0%    {3}    | JOIN WITH `Operand::Operand.getUse/0#dispred#427b49d0` ON FIRST 1 OUTPUT Lhs.2, Rhs.1, Lhs.1
          205388   ~1%    {3}    | JOIN WITH `IRBlock::Cached::getInstruction/2#627f9c61_021#join_rhs` ON FIRST 2 OUTPUT Lhs.2, Lhs.0, Rhs.2

         8905695   ~0%    {3} r11 = r1 UNION r5 UNION r9 UNION r10
                          return r11

After:

[2025-03-12 11:12:48] Evaluated non-recursive predicate SsaInternals::hasReturnPosition/3#02f7eab8@bc405c4l in 3ms (size: 49368).
Evaluated relational algebra for predicate SsaInternals::hasReturnPosition/3#02f7eab8@bc405c4l with tuple counts:
        49368  ~3%    {1} r1 = Instruction::ReturnInstruction#28bfb7eb UNION Instruction::UnreachedInstruction#774c7a34
        49368  ~0%    {2}    | JOIN WITH `cached_SSAConstruction::getInstructionEnclosingIRFunction/1#5443f355` ON FIRST 1 OUTPUT Lhs.0, Rhs.1
        49368  ~2%    {3}    | JOIN WITH `IRBlock::Cached::getInstruction/2#627f9c61_201#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2
                      return r1

[2025-03-12 11:12:54] Evaluated non-recursive predicate SsaInternals::UseImpl.hasIndexInBlock/2#dispred#1e34a5af@6e30cduo in 549ms (size: 8905695).
Evaluated relational algebra for predicate SsaInternals::UseImpl.hasIndexInBlock/2#dispred#1e34a5af@6e30cduo with tuple counts:
          48215   ~2%    {2} r1 = SCAN SsaInternals::GlobalUse#9cd323b4 OUTPUT In.2, In.0
          60521   ~2%    {3}    | JOIN WITH `SsaInternals::hasReturnPosition/3#02f7eab8` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2

          50725   ~0%    {2} r2 = JOIN `IRFunctionBase::IRFunctionBase.getFunction/0#dispred#b024672e_10#join_rhs` WITH `Parameter::Parameter.getFunction/0#dispred#803faca2_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
          39231   ~2%    {2}    | JOIN WITH SsaInternals::FinalParameterUse#c1f84700_10#join_rhs ON FIRST 1 OUTPUT Lhs.1, Rhs.1
          60449   ~3%    {3}    | JOIN WITH `SsaInternals::hasReturnPosition/3#02f7eab8` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2

                         {3} r3 = SsaInternals::DirectUseImpl#a58aae88 AND NOT `_ArithmeticOperation::PostfixCrementOperation#17623ada_Expr::UnaryOperation.getOperand/0#dispred#990__#antijoin_rhs`(FIRST 3)
        8579337   ~1%    {2}    | SCAN OUTPUT In.1, In.0
        8579337   ~0%    {2}    | JOIN WITH `Operand::Operand.getUse/0#dispred#427b49d0` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
        8579337   ~1%    {3}    | JOIN WITH `IRBlock::Cached::getInstruction/2#627f9c61_201#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Rhs.2

        8784725   ~0%    {5} r4 = JOIN `_SsaInternals::DirectUseImpl#a58aae88_SsaInternals::DirectUseImpl.getBase/0#dispred#4b8c43d0_SsaInte__#shared` WITH `SsaInternals::DirectUseImpl.getBase/0#dispred#4b8c43d0` ON FIRST 1 OUTPUT Rhs.1, Lhs.0, Lhs.1, Lhs.2, Lhs.3
        8784725   ~0%    {5}    | JOIN WITH `cached_SSAConstruction::getInstructionAst/1#d0d95b50` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4
         210435   ~0%    {5}    | JOIN WITH `Expr::UnaryOperation.getOperand/0#dispred#990de484#bf_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4
         205388   ~2%    {4}    | JOIN WITH ArithmeticOperation::PostfixCrementOperation#17623ada ON FIRST 1 OUTPUT Lhs.4, Lhs.3, Lhs.2, Lhs.1
         205388   ~0%    {3}    | JOIN WITH `__IRBlock::Cached::getInstruction/2#627f9c61_201#join_rhs__ArithmeticOperation::PostfixCrementOperat__#join_rhs` ON FIRST 3 OUTPUT Rhs.4, Lhs.3, Rhs.3
         205388   ~0%    {3}    | JOIN WITH `Operand::Operand.getUse/0#dispred#427b49d0` ON FIRST 1 OUTPUT Lhs.2, Rhs.1, Lhs.1
         205388   ~0%    {3}    | JOIN WITH `IRBlock::Cached::getInstruction/2#627f9c61_021#join_rhs` ON FIRST 2 OUTPUT Lhs.2, Lhs.0, Rhs.2

        8905695   ~0%    {3} r5 = r1 UNION r2 UNION r3 UNION r4
                         return r5
 2025-03-14 10:51:27 +01:00
Anders Schack-Mulligen
ba13d7fffe C++: Remove superfluous disjunct. 2025-03-14 10:51:26 +01:00
Anders Schack-Mulligen
ecb5e7ad07 C++: Fix spurious ExprNode fanout in DataFlowIntegration. 2025-03-14 10:51:26 +01:00
Anders Schack-Mulligen
b5a2f5d3ff C++: Remove useless ipa wrapper. 2025-03-14 10:51:25 +01:00
Anders Schack-Mulligen
4bd35b10fc C++: Delete dead code. 2025-03-14 10:51:25 +01:00
Anders Schack-Mulligen
6ba1d2ef14 C++: Replace DefinitionExt usage with Definition. 2025-03-14 10:51:24 +01:00
Anders Schack-Mulligen
9375e571b1 C++: Use SSA data flow integration module. 2025-03-14 10:51:24 +01:00
Anders Schack-Mulligen
c7ff2f55b5 C++: Remove yet another DefinitionExt reference. 2025-03-14 10:51:23 +01:00
Anders Schack-Mulligen
e01552c3f0 C++: Remove another DefinitionExt reference. 2025-03-14 10:51:23 +01:00
Anders Schack-Mulligen
c5755ba8d4 C++: Remove a DefinitionExt reference. 2025-03-14 10:51:23 +01:00
Anders Schack-Mulligen
0c17786ed0 C++: Delete unused predicate 2025-03-14 10:51:22 +01:00
Jeroen Ketema
de2fb037d0 Merge pull request #18980 from LeStarch/jpl-c-basic-integral-types-fix 
Fixing BasicIntTypes to allow C Standard Integers and 'bool'
 2025-03-14 08:06:55 +01:00
M Starch
7b5d604607 Updating tests to allow new typedefs 2025-03-13 15:04:37 -07:00
M Starch
7f4905987e Addressing review comments 
Reduced the category to minorAnalysis.  Handled bools via a instanceof with BoolType.  Formatted the query correctly.
 2025-03-13 11:12:35 -07:00
Mathias Vorreiter Pedersen
6f4e9ed136 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:36 +00:00
Mathias Vorreiter Pedersen
0e5fa1b5eb Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:23 +00:00
Mathias Vorreiter Pedersen
470321e8b6 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 16:00:15 +00:00
Mathias Vorreiter Pedersen
9cde2bb94d Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 15:59:57 +00:00
Mathias Vorreiter Pedersen
68b414d169 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-03-13 15:59:48 +00:00
Mathias Vorreiter Pedersen
0fe77154e1 C++: Add library change note. 2025-03-13 14:29:34 +00:00
Mathias Vorreiter Pedersen
aeb1acba97 C++: Use the new API in queries. 2025-03-12 17:09:05 +00:00
Mathias Vorreiter Pedersen
66e8b2d7e5 C++: Add an 'asDefinition' overload to check if a definition is certain or not. 2025-03-12 17:07:07 +00:00
M Starch
f01737a4c0 Fixing BasicIntTypes to allow C Standard Integers and 'bool' 
The purpose of this check is to ensure that all integral types used by the code point to some fixed size type (e.g. an unsigned 8-bit integer). However; the previous implementation only allowed JPL style typedefs (i.e. U8) and ignored C standard integer types (i.e. uint8_t). This causes the query to false-positive when a typedef resolves to a C standard int type.

'bool' has also be allowed as part of the exclusions list as it represents distinct values 'true' and 'false' in C++ code.
 2025-03-11 14:56:57 -07:00
REDMOND\brodes
8a7671dc2a Adding block mode models to openssl. 2025-03-11 15:20:05 -04:00
REDMOND\brodes
c98e6d7c56 Adding a stub EVP_CIpher_Operation for EVP_PKEY, this probably should be made into it's own class, hence it is a stub with comments. 2025-03-11 14:49:07 -04:00
REDMOND\brodes
a9458ba762 Formatting, removing dead comments, 2025-03-11 14:48:38 -04:00
REDMOND\brodes
d988afd4a4 Adding an EVP_AASYM_CIPHER_fetch getter. 2025-03-11 14:47:10 -04:00
REDMOND\brodes
7757279908 Adding a KDF algorithm getter. 2025-03-11 14:46:36 -04:00
REDMOND\brodes
44b1e921d6 commenting out hash size for now, TODO 2025-03-11 14:10:04 -04:00
REDMOND\brodes
f69b057893 Updating OpenSSLKnownAlgorithmConstants.qll (a few bugs) and also enforcing that known key sizes are on the normalized name (need to re-visit for GOST). 2025-03-11 13:35:44 -04:00
REDMOND\brodes
ae574f7cf2 Resolving hash and cipher types for openssl not using literals but KnownOpenSSLAlgorithmConstant. 2025-03-11 13:35:02 -04:00
REDMOND\brodes
f72efa638a Uncommenting out generic dataflow 2025-03-10 16:12:53 -04:00
REDMOND\brodes
c83cb533ce Adding an instantiation of the additional flow step class to automatically apply to generic dataflow. Flow step passthrough comes from the algorithm to getter flow passthroughs. 2025-03-10 15:56:01 -04:00
REDMOND\brodes
036035b6a2 Adding modeling for OpenSSL random number generation. 2025-03-10 15:04:19 -04:00
REDMOND\brodes
73368ea59a Adding hashes to openssl library import 2025-03-10 13:27:39 -04:00
REDMOND\brodes
0672027822 Tracing new notion of known getters, which now includes direct getters for cipher and hash. Removed a redundant hash qll, and fixed misplacement of has type in model. 2025-03-10 11:46:26 -04:00
REDMOND\brodes
451808616e Getting rid of commented out code. 2025-03-10 11:35:16 -04:00
REDMOND\brodes
bd07b8a4c7 Making getter flow through 'copy' more general (copy can appear in any part of the call name now. 2025-03-10 11:34:26 -04:00
REDMOND\brodes
6a4659fc7e Updating known constants for OpenSSL to handle direct algorithm getters from older versions of openssl (e.g., EVP_md5()) 2025-03-10 11:33:46 -04:00
REDMOND\brodes
3316d6135d Ctx flow comments. 2025-03-10 11:32:14 -04:00
Mathias Vorreiter Pedersen
f9a7ac4e89 C++: Accept test changes. 2025-03-07 19:59:06 +00:00