hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,294 Commits 1,671 Branches 157 Tags
codeql-cli-2.23.3
Commit Graph

7095 Commits

Author SHA1 Message Date
Nora Dimitrijević
c37c6a004e Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-09-30 00:28:33 +02:00
Nora Dimitrijević
818be2765e C++: Add Change Note 2022-09-30 00:28:12 +02:00
Nora Dimitrijević
a124dcf436 C++: Update QLDoc 
Arguably warning, not just recommendation; it may be a logic error.

TODO: What CWE/CVEs should I tag this with?
 2022-09-30 00:06:53 +02:00
Nora Dimitrijević
981a9798b8 C++: Update .qhelp with precision disclaimer. 2022-09-29 23:59:22 +02:00
Nora Dimitrijević
68b473377a C++: Fix QL-on-QL Redundant Cast warning 2022-09-29 23:19:49 +02:00
Nora Dimitrijević
2a046352ce C++: Simplify 2022-09-29 23:06:17 +02:00
Robert Marsh
f17b563692 C++: handle interprocedural flows 
This currently copy-pastes some predicates from InvalidPointerDeref.ql.
Those should be moved to a library file in a followup
 2022-09-29 16:09:48 -04:00
Mathias Vorreiter Pedersen
2a514d60d4 C++: Add 'isBarrierIn' to prevent path duplication. 2022-09-29 19:55:58 +01:00
Mathias Vorreiter Pedersen
d12a76559a C++: Use the new class in 'cpp/invalid-pointer-deref'. 2022-09-29 19:54:03 +01:00
Nora Dimitrijević
891bc342be C++: Fix another implicit/explicit this FP 2022-09-29 18:42:23 +02:00
Nora Dimitrijević
28bd591107 C++: Fix explicit this-> FP. 2022-09-29 17:04:11 +02:00
Robert Marsh
447c11cd07 C++: move ConstantSizeArrayOffByOne.ql to CWE-193 2022-09-29 10:56:29 -04:00
Robert Marsh
e46b215c9d C++: fix metadata and result format 2022-09-29 10:53:29 -04:00
Nora Dimitrijević
29d7c0e21b C++: Exclude commas in if-conditions. 2022-09-29 16:29:57 +02:00
Nora Dimitrijević
64903336f7 C++: Exclude all parenthesized CommaExprs. 2022-09-29 15:49:29 +02:00
Mathias Vorreiter Pedersen
70837dbd93 C++: Use range analysis to properly deduce the initial 'state2' instead of traversing the AST. Also fix state-passing related to negative states. 2022-09-29 13:32:39 +01:00
Nora Dimitrijević
909b36a078 C++: Fix implicit-this FP, uncovered non-funptr FP 2022-09-29 13:14:36 +02:00
Nora Dimitrijević
96c73bcb19 C++: Fix FP: bad Location for FieldAccess exprs 2022-09-28 20:37:22 +02:00
Nora Dimitrijević
6d5df14547 C++: Remove arguable FPs re: sizeof/decltype 2022-09-28 20:01:14 +02:00
Nora Dimitrijević
592bc18a97 C++: Reduce FPs by excluding all commas in loop heads 
This leads to a 50% reduction of alerts in MRVA 1000.
 2022-09-28 19:38:41 +02:00
Mathias Vorreiter Pedersen
4ab676774e C++: Add qhelp to new query. 2022-09-28 15:17:08 +01:00
Mathias Vorreiter Pedersen
769ff5c6f3 C++: Add 'isAdditionalFlowStep' predicates for both configurations in the product dataflow library and use them to fix missing results in the 'cpp/overrun-write' query. 2022-09-28 15:17:04 +01:00
Mathias Vorreiter Pedersen
ccbbb5754e C++: Use range analysis in 'cpp/overrun-write' and accept test changes. 2022-09-28 15:14:29 +01:00
Nora Dimitrijević
0128b1702e C++: Fix "LHS-end = RHS-begin" FP 2022-09-28 15:36:01 +02:00
Nora Dimitrijević
e7c1fadd94 C++: Fix member-call- and C-cast-related FPs 2022-09-28 15:02:22 +02:00
Mathias Vorreiter Pedersen
e4305948ef C++: Fix FP on CWE-193 by blocking flow through back-edges of phi nodes. 2022-09-27 16:28:03 +01:00
erik-krogh
0f1a8a6f5b deleted unused internal code 2022-09-26 20:20:52 +02:00
Erik Krogh Kristensen
c2b5c39436 Merge pull request #10507 from erik-krogh/cpp-followMsg 
CPP: Make more alert-messages follow the style guide
 2022-09-24 17:26:11 +02:00
Dave Bartolomeo
3bd456e52d Merge pull request #10565 from github/post-release-prep/codeql-cli-2.11.0 
Post-release preparation for codeql-cli-2.11.0
 2022-09-23 18:13:59 -04:00
github-actions[bot]
6cef0af5df Post-release preparation for codeql-cli-2.11.0 2022-09-23 21:01:40 +00:00
Robert Marsh
b93a2b06bf C++: prototype for off-by-one in array-typed field 2022-09-23 14:38:06 -04:00
Robert Marsh
c2dfbd47a3 Merge pull request #10398 from MathiasVP/further-work-on-buffer-over-queries 
C++: Further work on buffer-overflow queries
 2022-09-23 11:06:32 -04:00
erik-krogh
96b46de7c8 update alert-messages based on review feedback 2022-09-23 14:53:54 +02:00
erik-krogh
edd03020c2 fix the casing in the alert-message of cpp/unclear-array-index-validation 2022-09-23 14:48:01 +02:00
Mathias Vorreiter Pedersen
639aaff9c7 C++: Add more metadata. 2022-09-23 13:47:02 +01:00
erik-krogh
9e4843d53e update the alert-message of cpp/file-may-not-be-closed based on feedback 2022-09-23 14:46:00 +02:00
erik-krogh
2351884352 update some alert-messages based on review feedback 2022-09-23 14:45:59 +02:00
erik-krogh
a3c051bf96 add change-note 2022-09-23 14:45:59 +02:00
erik-krogh
40bea78186 remove more instances of the alert-loc being repeated as a link 2022-09-23 14:45:59 +02:00
erik-krogh
d55993a37b autoformat 2022-09-23 14:45:59 +02:00
erik-krogh
33165f4f55 CPP: update expected output 2022-09-23 14:45:59 +02:00
erik-krogh
a30c38f38c CPP: make more alert messages follow the style-guide 2022-09-23 14:45:59 +02:00
Mathias Vorreiter Pedersen
ce3654c6ec C++: Make ql-for-ql happy. 2022-09-23 13:07:07 +01:00
Mathias Vorreiter Pedersen
162ec2884e C++: Also fix 'OverrunWriteProductFlow.ql' 2022-09-23 12:59:27 +01:00
Mathias Vorreiter Pedersen
8056131901 C++: Autoformat. 2022-09-23 12:26:37 +01:00
Geoffrey White
d60a829569 C++: Remove ErrorExpr case. 2022-09-23 12:17:09 +01:00
Nora Dimitrijević
0e9b77e7c3 C++: Initial .qhelp file 2022-09-23 11:46:31 +02:00
github-actions[bot]
f5cf8cffa3 Release preparation for version 2.11.0 2022-09-22 20:14:12 +00:00
Nora Dimitrijević
dca13f5c89 C++: Initial cpp/comma-before-misleading-indentation 
MRVA top 1000 run at: https://github.com/github/semmle-code/actions/runs/3106828111
 2022-09-22 17:44:18 +02:00
Mathias Vorreiter Pedersen
c4afb3a2b5 Merge branch 'main' into further-work-on-buffer-over-queries 2022-09-22 16:35:52 +01:00