hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,920 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.2
Commit Graph

13732 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
91b29eee53 C++: Don't use GVN as an SSAVariable in range analysis. 2023-11-07 14:52:50 +00:00
Mathias Vorreiter Pedersen
a04830b8b2 Merge pull request #14697 from MathiasVP/range-analysis-simplify-conversions 
C++: Simplify the definition of `SemExpr` for range analysis
 2023-11-07 14:52:09 +00:00
Anders Schack-Mulligen
12cba7909b Java/C++: Move range util guard-controls predicates to shared pack. 2023-11-07 15:14:34 +01:00
Anders Schack-Mulligen
f2ca52d951 Java/C++: Move range util backEdge predicate to shared pack. 2023-11-07 15:14:34 +01:00
Mathias Vorreiter Pedersen
9dca6697fb C++: Add a testcase that fails to terminate in modulus analysis when we don't have IR operands as SSA variables. 2023-11-07 11:52:35 +00:00
Mathias Vorreiter Pedersen
6669cf805f C++: Add change note. 2023-11-07 09:32:07 +00:00
Mathias Vorreiter Pedersen
0fd4d4a114 C++: Add QLDoc. 2023-11-07 09:29:34 +00:00
Mathias Vorreiter Pedersen
022c9eb3cd C++: Add a barrier feature to 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
6bf2d47321 C++: Allow source = sink in 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
1dc08941f8 C++: Use 'MustFlow' in 'cpp/uninitialized-local'. 2023-11-07 09:23:41 +00:00
Mathias Vorreiter Pedersen
a17cd9bc1c Merge pull request #14667 from MathiasVP/more-function-input-and-output-ipa-numbers 
C++: Allocate more `FunctionInput` and `FunctionOutput`s
 2023-11-07 08:57:31 +00:00
Mathias Vorreiter Pedersen
4455ed982d C++: Accept query test changes. 2023-11-06 17:33:46 +00:00
Mathias Vorreiter Pedersen
d38fa13299 C++: Remove more uses of 'getConverted' and 'getUnconverted'. 2023-11-06 16:11:55 +00:00
Mathias Vorreiter Pedersen
e91987b1a9 C++: Accept test changes. 2023-11-06 16:02:06 +00:00
Mathias Vorreiter Pedersen
d544f47746 C++: Simplify the definition of 'SemExpr' by instead making non-overflowing conversions copy value expressions. 2023-11-06 16:01:59 +00:00
Mathias Vorreiter Pedersen
31c2a3be98 C++: Don't redefine the meaning of the single-parameter 'isParameterDeref' and accept test changes. 2023-11-06 15:52:58 +00:00
Mathias Vorreiter Pedersen
ff30308a2b C++: Only the first indirection of the argument should be the remote flow sink. 2023-11-06 13:57:14 +00:00
Mathias Vorreiter Pedersen
cd2eec0aa0 C++: Also override the single-parameter 'isParameterDeref' in 'InParameterDeref'. 2023-11-06 13:23:31 +00:00
Anders Schack-Mulligen
132cc03e3b Merge pull request #14664 from aschackmull/shared/modulus-step 
RangeAnalysis: Improve bounds that rely on relative modulus.
 2023-11-03 08:16:48 +01:00
Mathias Vorreiter Pedersen
679d64f0e8 Merge pull request #14647 from microsoft/24-odbc-model-instantiation-upstream2 
C++: Adding a model implementation for ODBC.
 2023-11-02 19:42:27 +00:00
Benjamin Rodes
30a512c96b Formatting 2023-11-02 15:01:15 -04:00
Benjamin Rodes
947e0274c7 Adding sql injection test for ODBC. 2023-11-02 13:27:42 -04:00
Benjamin Rodes
f404d7a5f8 Changes to address pr comments. 2023-11-02 13:11:23 -04:00
Mathias Vorreiter Pedersen
392b2af923 C++: Only the second indirection of the argument should be the remote flow source. 2023-11-02 16:51:24 +00:00
Mathias Vorreiter Pedersen
b82dfa9a21 C++: Fix failing test by allocating 'TFunctionInput's and 'TFunctionOutput's for more indirections. Note that we now mark two output nodes coming out of 'getaddrinfo' as a remote flow source (the first indirection and the second indirection). We'll fix that in the next commit. 2023-11-02 16:45:50 +00:00
Mathias Vorreiter Pedersen
5487b404ed C++: Add failing test. 2023-11-02 16:41:19 +00:00
Anders Schack-Mulligen
7bf271fb6c RangeAnalysis: Improve bounds that rely on relative modulus. 2023-11-02 12:51:48 +01:00
Anders Schack-Mulligen
7c3684dbb7 RangeAnalysis: Rename semExprModulus to exprModulus. 2023-11-02 08:19:23 +01:00
Anders Schack-Mulligen
400910e4d3 C++: Fix modulus analysis test. 2023-11-02 08:19:23 +01:00
Anders Schack-Mulligen
8e9aa5b560 C++: Switch to shared modulus analysis. 2023-11-01 15:59:24 +01:00
Anders Schack-Mulligen
a7f3ef1a6c Rangeanalysis: Parameterise shared modulus analysis. 2023-11-01 15:59:24 +01:00
Anders Schack-Mulligen
8e2b17cd86 Rangeanalysis: Copy C++ ModulusAnalysis file verbatim. 2023-11-01 15:59:24 +01:00
Anders Schack-Mulligen
6d859daf3d Merge pull request #14656 from aschackmull/shared/range-utils 
Rangeanalysis: Share ssaRead predicate
 2023-11-01 15:57:52 +01:00
Mathias Vorreiter Pedersen
b54b5ae0a9 Merge pull request #14648 from MathiasVP/simplify-invalid-ptr-deref 
C++: Remove one use of range analysis in `cpp/invalid-pointer-deref`
 2023-11-01 14:42:20 +00:00
Anders Schack-Mulligen
048a7c4e42 Rangeanalysis: Rename SsaBound.getAVariable to getVariable. 2023-11-01 11:58:06 +01:00
Anders Schack-Mulligen
48291dd32d Rangeanalysis: Remove superfluous ignoreZeroLowerBound. 2023-11-01 11:51:46 +01:00
Mathias Vorreiter Pedersen
9736936e54 Merge pull request #14635 from MathiasVP/assign-pointer-add-and-sub-is-not-bitwise 2023-11-01 00:40:39 +01:00
Mathias Vorreiter Pedersen
6e385cabd8 C++: Add change note. 2023-10-31 19:16:36 +00:00
Mathias Vorreiter Pedersen
37a536baf9 Merge pull request #14650 from jketema/invalid-experimental 
C++: Drop `experimental` tag from `cpp/invalid-pointer-deref`
 2023-10-31 20:14:25 +01:00
Jeroen Ketema
3478890090 C++: Drop experimental tag from cpp/invalid-pointer-deref 2023-10-31 19:46:22 +01:00
Mathias Vorreiter Pedersen
b79a5fee14 Merge pull request #14637 from MathiasVP/dataflow-for-realloc 
C++: Add a taint model for `realloc`
 2023-10-31 18:24:04 +01:00
Benjamin Rodes
b9ac038de2 Moving change log. 2023-10-31 09:21:01 -07:00
Benjamin Rodes
07ded4278f Change log 2023-10-31 09:14:47 -07:00
Benjamin Rodes
18c8d90a1a Adding a model implementation for ODBC. 
(cherry picked from commit 04147f8d91cdf018ec03cbfdb953253e23687944)
 2023-10-31 08:52:05 -07:00
Mathias Vorreiter Pedersen
b9dfeb3aac Merge pull request #14444 from alexet/range-cases 
CPP: Add some range analysis cases
 2023-10-31 15:55:41 +01:00
Anders Schack-Mulligen
34b9791e46 Rangeanalysis: Remove superfluous ignoreSsaReadCopy. 2023-10-31 15:32:25 +01:00
Anders Schack-Mulligen
322e6c91be Rangeanalysis: Remove superfluous specificSsaRead. 2023-10-31 15:30:36 +01:00
Anders Schack-Mulligen
8b6c940e76 Rangeanalysis: Remove superfluous ignoreSsaReadAssignment. 2023-10-31 15:28:37 +01:00
Anders Schack-Mulligen
6d6f89e71e Rangeanalysis: Remove superfluous ignoreSsaReadArithmeticExpr. 2023-10-31 15:25:28 +01:00
Anders Schack-Mulligen
a39a94ca8e Rangeanalysis: Switch to shared ssaRead predicate. 2023-10-31 15:23:05 +01:00