hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,672 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

7095 Commits

Author SHA1 Message Date
Jeroen Ketema
45c56fbce7 Update cpp/ql/src/change-notes/2023-08-24-remove-non-constant-assign-sources.md 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-08-24 16:17:59 +02:00
Jeroen Ketema
607f729339 C++: Add change note 2023-08-24 16:11:39 +02:00
Jeroen Ketema
9f7413eded C++: Omit assign case from cpp/non-constant-format 2023-08-24 11:02:40 +02:00
Mathias Vorreiter Pedersen
123e58767b C++: Share RangeAnalysisUtil with 'cpp/overrun-write'. 2023-08-23 22:42:00 +01:00
Alex Eyers-Taylor
949b0a2613 CPP:Move import to start of file 2023-08-23 13:39:29 +01:00
Alex Eyers-Taylor
7d99d61662 CPP: Convert SQL tainted to IR dataflow. 2023-08-23 13:39:29 +01:00
Mathias Vorreiter Pedersen
530c950b41 C++: Fix formatting. 2023-08-22 13:40:00 +01:00
Mathias Vorreiter Pedersen
66f11d427b C++: Simplify description. 2023-08-22 13:39:38 +01:00
Mathias Vorreiter Pedersen
1c3a0d1632 Update cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-22 13:03:07 +01:00
Mathias Vorreiter Pedersen
e88277bd3b Update cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-22 13:02:37 +01:00
Mathias Vorreiter Pedersen
abe28cb106 Update cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-22 13:02:29 +01:00
Mathias Vorreiter Pedersen
e776178be5 C++: Add some whitespace to make stuff appear in the diff. 2023-08-21 10:23:41 +01:00
Mathias Vorreiter Pedersen
0a41acc0a6 C++: Add change note. 2023-08-21 10:23:41 +01:00
Mathias Vorreiter Pedersen
70fdfc2ae3 C++: Set precision to medium and add security severity. 2023-08-21 10:23:23 +01:00
Mathias Vorreiter Pedersen
4daabdae2b C++: Promote 'cpp/invalid-pointer-deref' out of experimental. 2023-08-21 10:23:22 +01:00
github-actions[bot]
098dfb4242 Release preparation for version 2.14.3 2023-08-18 14:48:15 +00:00
Jonas Jensen
a002f59f58 C++: Undo BadlyBoundedWrite change from #13929 
This rolls back the query change, ensuring that there is no need for a
change note.
 2023-08-18 13:48:58 +02:00
Jonas Jensen
478a105e21 C++: delete change note 
Since the previous commit removed the best evidence we had for the
change described in this note, I'm removing the note for now.
 2023-08-18 13:35:32 +02:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
github-actions[bot]
432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
Jeroen Ketema
6100425274 C++: Add change note 2023-08-09 15:47:19 +02:00
Mathias Vorreiter Pedersen
cb1076c335 Revert "Merge pull request #13783 from MathiasVP/type-bounds-for-new-range-analysis" 
This reverts commit e9750af89f, reversing
changes made to 37a546253e.
 2023-08-09 13:02:54 +01:00
Jeroen Ketema
d0e7354a1b C++: Only consider the maximum buffer size for badly bounded write 2023-08-09 12:30:00 +02:00
github-actions[bot]
79c90fa36a Release preparation for version 2.14.2 2023-08-07 18:08:52 +00:00
Mathias Vorreiter Pedersen
9807c0b0a6 C++: Filter type-based reasons out of MCTV queries. 2023-08-04 16:11:35 +02:00
Jeroen Ketema
0c0720a962 C++: Improve use-after-free example code 
* Remove the mismatch between `new` and `free` and use `delete` instead
* Make the function `void`, so people copying the code will not forget
  to add a `return`.
* Balance out the `...` for omitted code.
 2023-08-03 11:06:15 +02:00
Chris Smowton
c69a9ea032 Merge pull request #13793 from github/post-release-prep/codeql-cli-2.14.1 
Post-release preparation for codeql-cli-2.14.1
 2023-07-26 17:22:05 +01:00
Mathias Vorreiter Pedersen
b1c6ee4396 Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-25 11:20:49 +02:00
Mathias Vorreiter Pedersen
7f7930b3bb Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-25 10:36:12 +02:00
Mathias Vorreiter Pedersen
97809e7646 Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-25 10:33:38 +02:00
Mathias Vorreiter Pedersen
e1f519fab7 Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-25 10:33:17 +02:00
Mathias Vorreiter Pedersen
9f9cf9f765 Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-25 10:31:06 +02:00
Mathias Vorreiter Pedersen
2cfa14b91f Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-25 10:30:44 +02:00
Mathias Vorreiter Pedersen
5cad8ec0a2 Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-25 10:30:38 +02:00
github-actions[bot]
f91b7a9342 Post-release preparation for codeql-cli-2.14.1 2023-07-21 16:16:25 +00:00
github-actions[bot]
c936a920b0 Release preparation for version 2.14.1 2023-07-20 16:32:27 +00:00
Mathias Vorreiter Pedersen
922f4d5496 C++: Add more documentation to the 'cpp/invalid-pointer-deref' query. 2023-07-19 14:42:20 +01:00
Anders Schack-Mulligen
a9c76d4175 Merge pull request #13717 from aschackmull/dataflow/neverskipadditionalsteps 
Dataflow: Add support for not skipping configuration-specific nodes in big-step
 2023-07-19 14:06:54 +02:00
Anders Schack-Mulligen
c01a494ea5 C/C++: Don't force-include XxeFlowStateTransformer steps in XXE.ql. 2023-07-19 11:41:15 +02:00
Mathias Vorreiter Pedersen
5099de5b3d C++: Split the query into 4 files. 2023-07-18 18:15:18 +01:00
Mathias Vorreiter Pedersen
a038b389c3 C++: More cleanup. 2023-07-18 14:03:04 +01:00
Mathias Vorreiter Pedersen
d41d2bc29e Merge pull request #13699 from MathiasVP/final-config-to-invalid-pointer-deref 
C++: Handle call-contexts mismatches in `cpp/invalid-pointer-deref`
 2023-07-18 13:08:21 +01:00
Mathias Vorreiter Pedersen
d63ead55dc C++: Remove barrier that's no longer needed. 2023-07-17 15:59:35 +01:00
Mathias Vorreiter Pedersen
c13f015b95 C++: No need to select the 'instruction' as the sink when the dataflow node has a better 'toString'. 2023-07-13 14:17:43 +01:00
Mathias Vorreiter Pedersen
5e06043120 C++: Completely get rid of merged path nodes. 2023-07-13 14:15:14 +01:00
Jeroen Ketema
52ab215560 C++/Swift: Remove none() dataflow configuration predicates 
These now have default implementations that are also `none()`
 2023-07-12 23:49:29 +02:00
Mathias Vorreiter Pedersen
2c2f9b9e17 C++: Fix comment. 2023-07-12 11:59:29 +01:00
Mathias Vorreiter Pedersen
19872d5adf Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-12 11:58:07 +01:00
Mathias Vorreiter Pedersen
3d5414b84c Update cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-12 11:57:51 +01:00
Mathias Vorreiter Pedersen
63c5684fbb C++: Join with 'invalidPointerToDerefSource' in 'hasFlowPath' to prevent conflation of paths. 2023-07-11 10:24:01 +01:00