hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

7095 Commits

Author SHA1 Message Date
erik-krogh
a4ef8619c6 delete old deprecations 2023-06-08 10:10:21 +02:00
Jeroen Ketema
272ced6ea5 Merge pull request #13374 from jketema/ptr-deref-min 
C++: Remove `cpp/invalid-pointer-deref` results duplicating ones with smaller `k`
 2023-06-05 19:31:24 +02:00
Jeroen Ketema
93215ba7e1 Merge pull request #13355 from jketema/ptr-deref-forward 
C++: Ensure that the sink instruction occurs last in `cpp/invalid-pointer-deref`
 2023-06-05 15:56:50 +02:00
Jeroen Ketema
86df424fca C++: Fix query formatting 2023-06-05 15:10:54 +02:00
Jeroen Ketema
4a27028768 C++: Remove cpp/invalid-pointer-deref results duplicating ones with smaller k 2023-06-05 15:03:58 +02:00
Mathias Vorreiter Pedersen
52fb00cac3 Merge pull request #12036 from nmouha/patch-1 
CPP: Add query for CVE-2022-37454: Integer addition may overflow inside if statement
 2023-06-05 12:13:27 +01:00
Jeroen Ketema
11182e4ee4 C++: Move location where getASuccessor is used to avoid join order problems 2023-06-05 12:36:25 +02:00
Jeroen Ketema
8ac1d56a7f C++: Fix join order in cpp/invalid-pointer-deref 2023-06-02 16:37:35 +02:00
Jeroen Ketema
ac4933a9cc C++: Ensure that the sink instruction occurs last in cpp/invalid-pointer-deref 
This avoids some counter-intuitive paths where we would seemingly jump back
to an earlier instruction, which might actually have been in bounds.
 2023-06-02 12:36:34 +02:00
Robert Marsh
df4d156a36 C++: remove unneeded exists variables 2023-06-01 11:28:12 -04:00
Mathias Vorreiter Pedersen
3d9c282f48 Merge pull request #13320 from jketema/ptr-deref-dedup 2023-05-31 10:12:05 -07:00
Arthur Baars
c211b704f3 Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Jeroen Ketema
dd30acf1e3 C++: Add nodes query predicate to cpp/invalid-pointer-deref 2023-05-30 18:43:01 +02:00
Jeroen Ketema
f5ed02a433 C++: Take into account the delta at the final sink in cpp/invalid-pointer-deref 2023-05-30 18:33:20 +02:00
Jeroen Ketema
a8c76388c0 C++: Fix configuration names in comments in cpp/invalid-pointer-deref 2023-05-30 18:15:37 +02:00
Mathias Vorreiter Pedersen
f00b29d3d2 C++: The small-string optimization commonly used inside 'std::string' is causing a lot of FPs. Let's exclude this for now to reduce the number of results for this query. 2023-05-30 07:33:07 -07:00
Mathias Vorreiter Pedersen
0f08642653 C++: Fix join in 'pointerArithOverflow0'. 2023-05-26 11:16:44 -07:00
Robert Marsh
d18fb646d1 C++: handle cast arrays properly in off-by-one query 2023-05-26 13:16:21 -04:00
Robert Marsh
6e230e10f8 C++: include stack-allocated arrays in off-by-one query 2023-05-26 13:04:51 -04:00
Robert Marsh
b2fb2aa0d1 Merge pull request #13045 from rdmarsh2/rdmarsh2/cpp/improve-constant-off-by-one 
C++: stitch paths and ignore cast arrays in constant off-by-one query
 2023-05-26 12:47:08 -04:00
Mathias Vorreiter Pedersen
960e6521a4 Revert "C++: Whitespace commit to make qhelp show up in diff." 
This reverts commit ec192d621c.
 2023-05-25 15:21:09 -07:00
Mathias Vorreiter Pedersen
c3fdc83af6 C++: Also add an out barrier on all sinks. 2023-05-25 12:23:50 -07:00
Mathias Vorreiter Pedersen
ec192d621c C++: Whitespace commit to make qhelp show up in diff. 2023-05-24 16:13:42 -07:00
Mathias Vorreiter Pedersen
ebc1d5feff Merge branch 'main' into rdmarsh2/cpp/improve-constant-off-by-one 2023-05-24 16:07:08 -07:00
Mathias Vorreiter Pedersen
298013a57e C++: Add in-barrier on sources to reduce duplication. 2023-05-24 16:02:27 -07:00
Mathias Vorreiter Pedersen
64d7b4923d C++: Prune flow states based on 'PointerArithmeticToDerefConfig'. 2023-05-24 16:02:17 -07:00
Mathias Vorreiter Pedersen
90824d01b4 C++: Add change note. 2023-05-24 14:39:05 -07:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Mathias Vorreiter Pedersen
e1223d0b21 C++: Add security severity. 2023-05-23 15:01:33 -07:00
Mathias Vorreiter Pedersen
0dfc9b996d C++: Promote 'cpp/overrun-write' out of experimental. 2023-05-23 14:57:42 -07:00
Mathias Vorreiter Pedersen
81dbfecbfc C++: Promote the product-dataflow library out of experimental. 2023-05-23 09:48:50 -07:00
github-actions[bot]
7aa23cf11d Release preparation for version 2.13.3 2023-05-22 20:47:00 +00:00
Robert Marsh
4ed7450689 C++: remove unneeded pragma 2023-05-22 11:09:44 -04:00
Robert Marsh
604affdeb0 C++: autoformat 2023-05-22 09:31:39 -04:00
Robert Marsh
bf07b0f97b C++: fix cxartesian product in constant off-by-one query 2023-05-19 18:32:09 -04:00
Mathias Vorreiter Pedersen
a77c62473e C++: Reduce code-duplication in 'cpp/overrun-write'. 2023-05-18 13:23:15 +01:00
Nicky Mouha
27519ce3ea Create IfStatementAdditionOverflow.qhelp 2023-05-17 15:27:19 -04:00
Nicky Mouha
5c6fc2ff01 Update IfStatementAdditionOverflow.ql 2023-05-17 15:18:52 -04:00
Jeroen Ketema
d1efffe492 Merge branch 'main' into deref-size 2023-05-17 17:13:49 +02:00
Jeroen Ketema
e3aecd3f1f Merge pull request #13200 from jketema/deref-subpath 
C++: Implement the `subpaths` query predicate for `cpp/invalid-pointer-deref`
 2023-05-17 17:13:28 +02:00
Jeroen Ketema
b83aaf9594 C++: Use range analysis-based hasSize predicate in cpp/invalid-pointer-deref 
This is copied from `cpp/overrun-write`.
 2023-05-17 11:39:41 +02:00
Jeroen Ketema
31ae513f8c C++: Implement the subpaths query predicate for cpp/invalid-pointer-deref 2023-05-17 11:27:37 +02:00
Mathias Vorreiter Pedersen
a5632a21d1 Merge branch 'main' into precompute-states-in-overrun-write 2023-05-16 18:09:16 +01:00
Mathias Vorreiter Pedersen
650e9e1088 C++: Fix Code Scanning error. 2023-05-15 14:05:41 +01:00
Mathias Vorreiter Pedersen
f1c124a3da C++: Share more code between 'ValidState' and 'StringSizeConfig'. 2023-05-15 14:01:17 +01:00
Mathias Vorreiter Pedersen
f31709fb29 C++: Make comment more clear. 2023-05-15 13:36:29 +01:00
Mathias Vorreiter Pedersen
a7712b608a C++: Add more comments. 2023-05-15 11:14:06 +01:00
Robert Marsh
584adf843a C++: restrict flowstates in constant off-by-one query 2023-05-12 12:43:10 -04:00
Mathias Vorreiter Pedersen
f20a69074a C++: Remove flow through ssa phi back-edges. 2023-05-12 13:01:29 +01:00