hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-20 06:07:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,771 Commits 1,759 Branches 167 Tags
codeql-cli-2.25.2
Commit Graph

1971 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
38bd893c81 Merge branch 'main' into no-dtt-in-unbounded-write 2023-11-08 15:06:59 +00:00
Mathias Vorreiter Pedersen
e90803a81c C++: Rewrite 'cpp/unbounded-write' away from DefaultTaintTracking. 2023-11-08 14:57:04 +00:00
Mathias Vorreiter Pedersen
ab64d9a9d6 Merge pull request #14713 from MathiasVP/no-gvn-as-ssa-in-range-analysis 
C++: Don't use GVN as SSAVariable in new range analysis
 2023-11-08 09:28:15 +00:00
Mathias Vorreiter Pedersen
a8eed6bd7e Merge pull request #14704 from MathiasVP/fix-uninitialized-local 
C++: IR'ify `cpp/uninitialized-local` and fix FPs
 2023-11-07 22:45:34 +00:00
Mathias Vorreiter Pedersen
69502d0c31 C++: Add some more tests. 2023-11-07 17:31:01 +00:00
Mathias Vorreiter Pedersen
2d43eec3c3 C++: Accept test changes. 2023-11-07 14:57:30 +00:00
Mathias Vorreiter Pedersen
022c9eb3cd C++: Add a barrier feature to 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
6bf2d47321 C++: Allow source = sink in 'MustFlow'. 2023-11-07 09:23:42 +00:00
Mathias Vorreiter Pedersen
1dc08941f8 C++: Use 'MustFlow' in 'cpp/uninitialized-local'. 2023-11-07 09:23:41 +00:00
Mathias Vorreiter Pedersen
4455ed982d C++: Accept query test changes. 2023-11-06 17:33:46 +00:00
Mathias Vorreiter Pedersen
679d64f0e8 Merge pull request #14647 from microsoft/24-odbc-model-instantiation-upstream2 
C++: Adding a model implementation for ODBC.
 2023-11-02 19:42:27 +00:00
Benjamin Rodes
947e0274c7 Adding sql injection test for ODBC. 2023-11-02 13:27:42 -04:00
Mathias Vorreiter Pedersen
b54b5ae0a9 Merge pull request #14648 from MathiasVP/simplify-invalid-ptr-deref 
C++: Remove one use of range analysis in `cpp/invalid-pointer-deref`
 2023-11-01 14:42:20 +00:00
Mathias Vorreiter Pedersen
b79a5fee14 Merge pull request #14637 from MathiasVP/dataflow-for-realloc 
C++: Add a taint model for `realloc`
 2023-10-31 18:24:04 +01:00
Mathias Vorreiter Pedersen
377da9fa66 C++: Accept test changes. 2023-10-31 11:18:35 +00:00
Mathias Vorreiter Pedersen
e8c18a3883 C++: Add FP in query test. 2023-10-31 11:17:51 +00:00
Mathias Vorreiter Pedersen
c8edf3151b C++: Remove the use of range analysis in 'invalidPointerToDerefSource'. 2023-10-30 15:47:47 +00:00
Mathias Vorreiter Pedersen
b4958e7d58 C++: Accept path changes. 2023-10-30 12:44:30 +00:00
Alex Eyers-Taylor
26b0363707 CPP: Add test demonstrating use-after-free false negatives. 2023-10-23 17:01:52 +01:00
Mathias Vorreiter Pedersen
0ab159f803 Merge pull request #14135 from github/sashabu/frontend-update 
C++: Update for changes in frontend.
 2023-10-19 11:40:24 +01:00
Jeroen Ketema
7e71d9e619 C++: Update expected test results after outputting less loads from the extractor 2023-10-19 10:45:14 +02:00
Jeroen Ketema
23c6027386 C++: Update expected test changes after frontend update 2023-10-19 10:45:13 +02:00
Mathias Vorreiter Pedersen
d8a049f5cc C++: Accept test changes. 2023-10-16 10:51:47 +01:00
Mathias Vorreiter Pedersen
6a7b2e4aa4 C++: Add failing test. 2023-10-16 10:47:45 +01:00
Jeroen Ketema
d56a9f0781 Merge pull request #14424 from jketema/rewrite-cgi-xss 
C++: Rewrite `cpp/cgi-xss` to not use default taint tracking
 2023-10-13 17:57:04 +02:00
Mathias Vorreiter Pedersen
496f190d70 C++: Accept test changes. 2023-10-10 16:45:31 +01:00
Jeroen Ketema
3b777c2764 C++: Rewrite cpp/cgi-xss to not use default taint tracking 
Also add a test that demonstrates that we need to look at inidrect expressions
and not direct ones.
 2023-10-10 11:56:39 +02:00
Jeroen Ketema
6ff8e06ace Revert "C++: Rewrite cpp/cgi-xss to not use default taint tracking" 
This reverts commit b6132d2a0f.
 2023-10-09 16:30:21 +02:00
Jeroen Ketema
b6132d2a0f C++: Rewrite cpp/cgi-xss to not use default taint tracking 2023-10-06 16:11:13 +02:00
Mathias Vorreiter Pedersen
eb3f1967a5 Merge pull request #14365 from MathiasVP/disable-flow-through-pointer-arith-for-size 
C++: Disable size-flow through pointer arithmetics in `cpp/invalid-pointer-deref`
 2023-10-06 10:14:31 +02:00
Henry Mercer
f3847b3f51 Merge branch 'main' into henrymercer/rc-3.11-mergeback 2023-10-03 16:30:23 +01:00
Mathias Vorreiter Pedersen
9a139ea903 C++: Accept test changes. 2023-10-03 15:58:35 +02:00
Alex Eyers-Taylor
2860c0c0d4 CPP: Move test into correct file. 2023-09-27 18:42:26 +01:00
Alex Eyers-Taylor
d0849311a6 CPP: Fix use after free FPs by elimnatiing freeing nodes rather than freeing expressions. 2023-09-20 18:47:57 +01:00
Alex Eyers-Taylor
9de6230bbf CPP: Add use after free false positive example. 2023-09-20 18:34:47 +01:00
Mathias Vorreiter Pedersen
7ef5971337 C++: Use 'size_t' explicitly in test. 2023-09-19 13:58:08 +01:00
Mathias Vorreiter Pedersen
9b35202d21 Merge pull request #14249 from MathiasVP/fix-malloc-decl-in-test 
C++: Fix the declaration of `malloc` in test
 2023-09-19 13:53:23 +01:00
Mathias Vorreiter Pedersen
fda52a568d C++: Accept test changes. 2023-09-18 17:55:25 +01:00
Mathias Vorreiter Pedersen
8a2d4852c6 C++: Add another testcase. 2023-09-18 16:48:03 +01:00
Mathias Vorreiter Pedersen
bc0b2e5318 C++: Fix the return type and parameter type of 'malloc' in test. 2023-09-18 16:40:46 +01:00
Mathias Vorreiter Pedersen
05080924de C++: Don't use converted expressions in 'LeapYear.qll'. 2023-09-12 19:48:52 +01:00
Mathias Vorreiter Pedersen
b03054b1ed C++: Make sure some instruction also gives back the 'ParenthesisExpr's. 2023-09-12 19:46:42 +01:00
Mathias Vorreiter Pedersen
71fe6f5d4b C++: Use fully converted expressions in 'cpp/use-after-free' and 'cpp/double-free'. 2023-09-12 19:28:57 +01:00
Henning Makholm
bac175e881 C++ tests: fix output of bug-stricken test 
The expected output was incorrect and the result of an evaluator bug.
This change should go together with the internal PR that fixes this bug.
 2023-09-12 16:28:59 +02:00
Mathias Vorreiter Pedersen
ff28f45058 C++: Accept test changes. 2023-09-12 10:28:46 +01:00
Mathias Vorreiter Pedersen
becb469477 Merge branch 'main' into deduplicate-dataflow-results-take-3 2023-09-11 09:55:11 +01:00
Mathias Vorreiter Pedersen
9f89c63771 C++: Accept test changes. 2023-09-08 17:07:26 +01:00
Alex Eyers-Taylor
404145dd1b CPP: Update tests 2023-09-07 13:42:31 +01:00
Mathias Vorreiter Pedersen
2bed77de09 Merge branch 'main' into deduplicate-dataflow-results-take-3 2023-09-06 14:12:36 +01:00
Alex Eyers-Taylor
3db384ddc3 CPP: Handle globals flowing into "UnreacheachedInstruction" 2023-09-05 11:50:32 +01:00