1095 Commits

Author	SHA1	Message	Date
Geoffrey White	1af6c10888	CPP: Add a test where different word sizes are present.	2018-10-05 16:40:54 +01:00
Geoffrey White	800555865a	CPP: More test cases.	2018-10-05 16:40:54 +01:00
Geoffrey White	2af56b89b1	CPP: Add a test where different wide types are present.	2018-10-05 15:32:36 +01:00
Geoffrey White	39f030b8f7	CPP: Annotate test.	2018-10-05 15:32:36 +01:00
Geoffrey White	e74721e3a4	CPP: Test fixes as a result of changes.	2018-10-05 15:32:36 +01:00
Robert Marsh	a3459ddf08	C++: add support for custom wide character sizes ... Certain Microsoft projects, such as CoreCLR and ChakraCore, use a library called the PAL, which enables two-byte strings in the printf family of functions, even when built on a platform with four-byte strings. This adds support for determining the size of a wide character from the definitions of such functions, rather than assuming that they match the compiler's wchar_t.	2018-10-05 15:32:35 +01:00
Jonas Jensen	4720c5ab60	Merge pull request #264 from raulgarciamsft/users/raulga/c6276 ... C++: incorrect string type conversion	2018-10-04 21:06:07 +02:00
Jonas Jensen	364c9a6961	C++: Suppress pointless compare in template inst. ... It still runs on uninstantiated templates because its underlying libraries do. It's not clear whether that leads to other false positives, but that's independent of the change I'm making here.	2018-10-03 14:48:11 +02:00
Jonas Jensen	2eea359f79	C++: Test for PointlessComparison with templates	2018-10-03 14:47:00 +02:00
Jonas Jensen	4ad4b19911	Merge pull request #189 from geoffw0/wrongtypedef ... CPP: Permit more typedefs in WrongTypeFormatArguments.ql	2018-10-03 09:40:06 +02:00
Raul Garcia	230724c085	Updates based on feedback	2018-10-02 11:17:23 -07:00
Tobias Smolka	51dcdeff59	C++: support Decltype in suspicious-call-to-memset	2018-10-02 16:47:04 +02:00
Raul Garcia	253b8d1287	C++ : cpp/incorrect-string-type-conversion ... Cast between semantically different string types: char* from/to wchar_t* NOTE: Please let me know if you want to use a different CWE than CWE-704	2018-10-01 10:25:49 -07:00
Raul Garcia	54493eb990	Merge branch 'master' into master	2018-09-25 10:58:51 -07:00
Raul Garcia	d6d27df27b	Removing all usage of single quotes	2018-09-25 10:50:34 -07:00
Jonas Jensen	8f19efe2e8	Merge pull request #211 from raulgarciamsft/users/raulga/HESULT ... Cast between semantically different integer types: HRESULT to/from bool	2018-09-25 09:01:35 +02:00
Raul Garcia	a566ffae4a	Fixed the test .expected file	2018-09-24 10:18:39 -07:00
Geoffrey White	4edc54df0c	CPP: Use unspecified types everywhere (for simplicity and robustness).	2018-09-24 17:17:41 +01:00
Geoffrey White	b15db5d1e5	CPP: Add a test case that we handle poorly.	2018-09-24 17:17:41 +01:00
Jonas Jensen	4d2e4c53f1	C++: Suppress IntMultToLong alert on char	2018-09-24 14:37:09 +02:00
Jonas Jensen	2b5d150829	C++: Test for IntMultToLong on char-typed numbers	2018-09-24 14:36:36 +02:00
Dave Bartolomeo	1f36f5552f	Normalize all text files to LF ... Use `* text=auto eol=lf`	2018-09-23 16:24:31 -07:00
Dave Bartolomeo	aa267c8302	C++: Force LF for .c,.cpp,.h,.hpp	2018-09-23 16:23:52 -07:00
Raul Garcia	242ee10806	Major change in order to support the rule for C as well as cpp	2018-09-21 16:47:31 -07:00
Raul Garcia	925c3b51f9	Adding semmle-extractor-options: --microsoft to test	2018-09-21 15:21:07 -07:00
Raul Garcia	8519f1a9e1	Fixing tabs replaced to spaces	2018-09-21 13:07:39 -07:00
Geoffrey White	3922082e7d	CPP: Tidy and simplify AV Rule 79.ql.	2018-09-21 19:35:23 +01:00
Raul Garcia	75ef377ac1	Replace Unicode apostrophe with ANSI single quote	2018-09-21 11:34:22 -07:00
Raul Garcia	783be15a45	Fixing typos & ID. ... NOTE: There is an ongoing discussion on the proper CWE we should use	2018-09-21 11:14:14 -07:00
Geoffrey White	d5a48ad63e	CPP: Additional test cases.	2018-09-21 15:55:29 +01:00
Geoffrey White	84f9900c8c	CPP: Exclude placement new.	2018-09-21 10:53:42 +01:00
Geoffrey White	c7aa5c169b	CPP: Add a test of placement new for AV Rule 79.ql.	2018-09-21 10:47:00 +01:00
Raul Garcia	48c99fb1d1	Setting a SECURITY_DESCRIPTOR’s DACL to NULL ... Closing the gap between Semmle & PreFAST This rule is equivalent to C6248	2018-09-20 16:28:37 -07:00
Raul Garcia	b0ec929aad	Cast between semantically different integer types: HRESULT to/from a Boolean type. ... Closing the gap between Semmle and PreFast. Covers C6214, C6215, C6216, C6217, C6230	2018-09-20 16:16:32 -07:00
Nick Rolfe	f2d030a7e6	C++: shorten message in integer-multiplication-cast-to-long	2018-09-04 14:45:12 +01:00
Nick Rolfe	04e919df9d	C++: clearer alert wording in integer-multiplication-cast-to-long	2018-09-03 16:56:56 +01:00
semmle-qlci	d957c151a6	Merge pull request #110 from jbj/fewer-dbtypes ... Approved by ian-semmle	2018-08-29 17:26:06 +01:00
Jonas Jensen	854d0db552	C++: Don't use dbtypes in ClassesWithManyFields.ql ... This changes the test output because `VariableDeclarationGroup.toString` changes to be the one inherited from VariableDeclarationEntry. This should not affect the output as shown by any front end because the string to be displayed to the user for a `$@` interpolation comes from the following column instead.	2018-08-28 14:58:39 +02:00
Jonas Jensen	f005d45c63	C++: Change SuppressionScope.toString ... This should have no effect in itself but changes the test output to correspond with the change coming next.	2018-08-28 14:58:39 +02:00
Dave Bartolomeo	d920fc7d94	Force LF line endings for .ql, .qll, and .qlref files	2018-08-24 11:58:58 -07:00
Ian Lynagh	d2b4265b73	C++: Improve the JSF 3.02 rule 1 message, and add a test	2018-08-15 15:26:18 +01:00
Jonas Jensen	a201fe688f	Merge pull request #22 from rdmarsh2/rdmarsh/cpp/use-in-own-initializer-macro ... C++: handle more macros in UseInOwnInitializer	2018-08-07 20:03:01 +02:00
Nick Rolfe	3444fb7b88	C++: remove all uses of deprecated 'extractor_flags'	2018-08-07 09:48:27 +01:00
Robert Marsh	6546b37d5d	C++: handle more macros in UseInOwnInitializer	2018-08-06 11:40:35 -07:00
Pavel Avgustinov	b55526aa58	QL code and tests for C#/C++/JavaScript.	2018-08-02 17:53:23 +01:00