hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

1095 Commits

Author SHA1 Message Date
Geoffrey White
44f5e26fb0 CPP: More test cases. 2018-10-30 14:20:48 +00:00
Geoffrey White
a346f412bc CPP: Add test cases. 2018-10-30 14:11:36 +00:00
Jonas Jensen
3340e79aad Merge pull request #371 from ian-semmle/av85 
C++: Fix AV Rule 85
 2018-10-30 08:40:43 +01:00
Robert Marsh
fda75abcd7 Merge pull request #381 from geoffw0/comments 
CPP: Fix false positive in EmptyBlock.ql
 2018-10-29 15:35:08 -07:00
semmle-qlci
a4371ca824 Merge pull request #338 from geoffw0/hresult 
Approved by dave-bartolomeo
 2018-10-29 17:04:54 +00:00
Geoffrey White
3ccbeb0c65 CPP: Fix issue. 2018-10-29 16:34:57 +00:00
Geoffrey White
630233fc3e CPP: Additional test cases. 2018-10-29 16:34:43 +00:00
Ian Lynagh
94347aef9b C++: AV Rule 85: Check templates rather than instantiations 2018-10-29 15:04:30 +00:00
semmle-qlci
7d37cf4bb3 Merge pull request #374 from jbj/range-analysis-rounding 
Approved by kevinbackhouse
 2018-10-29 10:28:15 +00:00
Jonas Jensen
006594fefe C++: Round towards +/- Inf in range analysis 
Original author: Kevin Backhouse
 2018-10-26 11:53:51 +02:00
Geoffrey White
fa55e31f7a Merge pull request #362 from jbj/return-this-noreturn 
C++: Fix "Overloaded assignment does not return 'this'" for non-returning functions
 2018-10-26 09:30:36 +01:00
Aditya Sharad
56ee5ff99a Merge master into next. 
`master` up to and including cfe0b8803a.
 2018-10-25 15:32:47 +01:00
Jonas Jensen
354f8bd0ff C++: Test of range analysis 64-bit rounding issue 2018-10-25 16:18:22 +02:00
Ian Lynagh
eef8719a40 C++: Fix AV Rule 85 
We have to be careful to avoid giving alerts to functions that might be
correctly defined, but we can't see the definition as it wasn't
instantiated.
 2018-10-25 14:26:31 +01:00
Jonas Jensen
5cbfdd1029 C++: Cover more cases of returning *this 2018-10-25 10:41:56 +02:00
Jonas Jensen
d144f0d154 C++: Test for unreachable return statement 
This test shows that the previous fix did not solve the problem where a
bad return statement exists but is unreachable.
 2018-10-25 09:42:15 +02:00
semmle-qlci
cfe0b8803a Merge pull request #332 from raulgarciamsft/users/raulga/c6293a 
Approved by dave-bartolomeo
 2018-10-25 00:59:35 +01:00
Jonas Jensen
3c6bed4de6 C++: FP fix for "operator= doesn't return *this" 2018-10-24 15:44:00 +02:00
Jonas Jensen
47a548f564 C++: FP test for "operator= doesn't return *this" 
This rule should not apply to functions that never return.
 2018-10-24 15:42:39 +02:00
Jonas Jensen
7affbe4a7d Merge pull request #341 from geoffw0/av_114 
CPP: Improve AV Rule 114.ql's understanding of return types.
 2018-10-24 09:39:51 +02:00
Jonas Jensen
640de0c947 Merge pull request #304 from geoffw0/resource-released 
CPP: Fix false positive in AV Rule 79.ql
 2018-10-23 20:24:23 +02:00
semmledocs-ac
1f390f2f77 Merge pull request #326 from rdmarsh2/rdmarsh/cpp/dead-code-goto 
C++: new query for dead code after goto or break
 2018-10-23 16:55:14 +01:00
Geoffrey White
dda7069890 CPP: Look for destructors in the template. 2018-10-23 13:05:43 +01:00
Geoffrey White
76a5072c8b CPP: Change in results presumed to result from discover_walk extractor changes. 2018-10-23 13:05:43 +01:00
Geoffrey White
b861df0887 CPP: Fix issue when destructor body is missing. 2018-10-23 13:05:42 +01:00
Geoffrey White
5931a978dc CPP: Add a test of a template instantiation where the destructor is never called. 2018-10-23 13:05:42 +01:00
Geoffrey White
f20af4906b CPP: Add a test of a Shutdown / Clear method. 2018-10-23 13:05:42 +01:00
Robert Marsh
7bcc4379fc C++: accept loops with arbitrary labels or cases 2018-10-22 09:59:49 -07:00
Raul Garcia
2f4da8841f Changing the name (file & tags) to match the JS version. 2018-10-19 15:21:56 -07:00
Geoffrey White
5158984613 CPP: Fix the issue. 2018-10-19 22:51:35 +01:00
Geoffrey White
c97a5ed292 CPP: Add tests of AV Rule 114.ql with non-trivial return types. 2018-10-19 22:49:53 +01:00
Geoffrey White
e9499b59e4 CPP: Exclude switch statements. 2018-10-19 10:24:29 +01:00
Geoffrey White
298ead162d CPP: Add more test cases for HResultBooleanConversion.ql. 2018-10-19 10:24:29 +01:00
Raul Garcia
e2fcaa9e20 Fixing typos & implementing the PR feedback 2018-10-18 14:44:24 -07:00
Ian Lynagh
ef1552339e C++: Enhance MagicConstantsNumbers test 2018-10-18 12:36:42 +01:00
Ian Lynagh
894a37ccda C++: Accept test changes 2018-10-18 12:36:42 +01:00
Raul Garcia
739804acb2 CPP : Ill-defined for-loop (C6293) 
Superset of C6293, it looks for a mismatch between the initialization statement && condition and the direction of the iteration expression in a for loop.
 2018-10-17 16:24:34 -07:00
Robert Marsh
17537bb88b C++: respond to doc comments 2018-10-17 11:57:54 -07:00
Robert Marsh
73cae5390e C++: new query for dead code after goto or break 2018-10-16 15:37:06 -07:00
Raul Garcia
7ab723ae79 Fixing typos & incorporating feedback. 
(MSFT feedback) Adding a new tag in the header @msrc.severity important
 2018-10-16 10:00:51 -07:00
Raul Garcia
22d54801e5 Removed one false-positive scenario (no space on lpCommandLine) 
Improved the query to avoid multiple calls to hasGlobalName
Fixed typos
Simplified the test case file
 2018-10-15 15:53:02 -07:00
Raul Garcia
242d40369b Merge branch 'master' into users/raulga/c6277 2018-10-12 15:59:54 -07:00
Raul Garcia
85283d63ce C++ : NULL application name with an unquoted path in call to CreateProcess 
Calling a function of the CreatePorcess* family of functions, which may result in a security vulnerability if the path contains spaces.
 2018-10-12 15:57:01 -07:00
Jonas Jensen
a10c3bcffb C++: Suppress UnsignedGEZero in template inst. 
It still runs on uninstantiated templates because its underlying
libraries do. It's not clear whether that leads to other false
positives, but that's independent of the change I'm making here.
 2018-10-10 17:06:24 +02:00
Jonas Jensen
383dafac5c C++: Test for UnsignedGEZero with templates 2018-10-10 17:04:35 +02:00
Geoffrey White
99816d77e3 CPP: Additional test case fixed in combination with typedef work. 2018-10-05 17:13:50 +01:00
Geoffrey White
94ff2e5693 CPP: Lets just not report when we're not sure. 2018-10-05 16:40:54 +01:00
Geoffrey White
2841897e3a CPP: Make getAFormatterWideType more general and move it into FormattingFunction.qll. 2018-10-05 16:40:54 +01:00
Geoffrey White
89c56486b5 CPP: Test getDefaultCharType etc. 2018-10-05 16:40:54 +01:00
Geoffrey White
e2be19b555 CPP: New mechanism for string types in printf.qll. 2018-10-05 16:40:54 +01:00