Andrew Eisenberg
03d6b15401
Merge branch 'main' into aeisenberg/pack/cpp
2021-08-17 15:28:47 -07:00
Andrew Eisenberg
88ceb42356
Packaging: Migrate cpp experimental/semmle folder to lib
...
Also, fix up some library path dependencies.
2021-08-17 14:41:41 -07:00
Andrew Eisenberg
2c5dd2dfa3
Packaging: Refactor the cpp libraries
...
This PR separates the core cpp packs into `codeql/cpp-queries` and
`codeql/cpp-all`.
There are very few lines of code changed. Almost all changes are moving
files around.
2021-08-17 11:22:36 -07:00
Anders Fugmann
666d5917fa
C++: Avoid inclusion of standard headers
2021-08-17 15:56:28 +02:00
Anders Fugmann
469f8a638b
C++: Add more tests for buffer overruns
2021-08-17 15:21:33 +02:00
Anders Fugmann
35b7808866
C++: Fix wrong comment on what is tested
2021-08-17 15:21:03 +02:00
Mathias Vorreiter Pedersen
8d594dbf08
Update cpp/ql/test/query-tests/Security/CWE/CWE-570/test.cpp
...
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com >
2021-08-11 16:18:18 +02:00
Mathias Vorreiter Pedersen
0d1884d7a6
C++: Fix FP and accept test changes.
2021-08-11 15:38:57 +02:00
Mathias Vorreiter Pedersen
c2b1da0010
C++: Add FP testcase with an 'new' that has a 'std::nothrow&' parameter, but not a 'noexcept' specifier. This case was previously not reported because of the 'noexcept' specifier, and apparently the 'std::nothrow' case was broken all along.
2021-08-11 15:38:03 +02:00
Geoffrey White
e679eac008
C++: Rename test directories to match the test names, where possible.
2021-08-03 18:43:02 +01:00
Mathias Vorreiter Pedersen
8ce6335383
Merge pull request #6372 from geoffw0/uncontrolledarith
2021-08-03 17:53:39 +02:00
Geoffrey White
54253bc2eb
C++: Resurrect underflow detection, but only on unsigned types.
2021-08-03 15:02:39 +01:00
Geoffrey White
7f621bc737
C++: Repair the tests that use subtraction so that the thing they're testing is preserved, and add two new explicit tests of behaviour on subtraction.
2021-07-29 15:36:43 +01:00
Geoffrey White
13823df5a1
C++: Remove underflow detection.
2021-07-29 15:22:18 +01:00
Geoffrey White
9e0411238b
C++: Add some more test cases.
2021-07-29 15:15:26 +01:00
Geoffrey White
ae35ae10e6
C++: Fix readlink FPs.
2021-07-28 17:45:18 +01:00
Geoffrey White
c2ef58d29d
C++: Support 'readlinkat'.
2021-07-28 16:15:28 +01:00
Geoffrey White
358d89f3ce
C++: Add tests.
2021-07-28 16:15:16 +01:00
Geoffrey White
00f6f668cc
C++: Don't report underflowing multiplication.
2021-07-27 14:02:40 +01:00
Geoffrey White
40f0658e8a
C++: Exclude unintended results on pointers.
2021-07-27 13:39:20 +01:00
Geoffrey White
503c5c9e33
C++: Add more test cases.
2021-07-27 13:38:00 +01:00
Robert Marsh
fbb3f2e506
Merge pull request #6273 from geoffw0/cleartext-storage-file
...
C++: Improve the CleartextFileWrite query
2021-07-26 12:46:51 -07:00
Geoffrey White
e9b96adf24
C++: Exclude results formatted with a character other than %s.
2021-07-22 17:40:32 +01:00
Geoffrey White
f8fed263e6
C++: Exclude results that are used as file names.
2021-07-22 17:40:25 +01:00
Geoffrey White
1d582182b0
C++: Exclude 'path'.
2021-07-22 15:49:30 +01:00
Geoffrey White
86ee5fea40
C++: More test cases and correct an existing one.
2021-07-22 15:47:06 +01:00
Geoffrey White
fa0f5d08a2
Merge branch 'main' into toctou2
2021-07-21 16:21:29 +01:00
Mathias Vorreiter Pedersen
6d0290809d
Merge branch 'rc/3.2' into mergeback-2021-07-21
2021-07-21 10:23:58 +02:00
Geoffrey White
473198a6ef
C++: Accept any check followed by a 'sensitive' use such as 'chmod'.
2021-07-20 18:11:05 +01:00
Geoffrey White
c6d8abc9b1
C++: Add a couple more testcases.
2021-07-20 17:52:59 +01:00
Mathias Vorreiter Pedersen
a006a7fb24
Revert "Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis"
...
This reverts commit e3e7b009868ccdd4fb9f
2021-07-20 18:06:49 +02:00
Geoffrey White
ae944b268a
C++: Restrict the 'check' to stat / access only as these are by far the more reliable results.
2021-07-20 11:18:00 +01:00
Geoffrey White
ab4b2c2342
C++: Fix 'rename'.
2021-07-19 18:58:39 +01:00
Geoffrey White
7684796d63
C++: Fix handling of the 'stat' pointer argument.
2021-07-19 15:13:19 +01:00
Mathias Vorreiter Pedersen
7bc18abbb0
Merge pull request #6150 from geoffw0/toctou
...
C++: Tests for cpp/toctou-race-condition
2021-07-19 15:51:35 +02:00
Geoffrey White
49bbfefb4d
C++: Fix uses of 'rename' in tests.
2021-07-19 13:57:16 +01:00
Geoffrey White
c5ed859cf5
C++: Update test comments to my best understanding.
2021-07-15 16:36:21 +01:00
Geoffrey White
e5e8a1b781
C++: Exclude integral types from SensitiveExprs.
2021-07-15 14:44:14 +01:00
Geoffrey White
dd95c53a3e
C++: More test cases.
2021-07-15 14:39:56 +01:00
Geoffrey White
aabb2fc3a1
C++: Tune SensitiveExprs.qll based on real TP and FP results.
2021-07-15 14:25:29 +01:00
Geoffrey White
e3e7b00986
Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis
...
C++: Add path-sensitivity to `StackVariableReachability`
2021-07-15 12:34:33 +01:00
Robert Marsh
4d8e882214
Merge pull request #6186 from geoffw0/formatarg
...
C++: Fix FPs from cpp/wrong-type-format-argument
2021-07-14 17:20:46 -07:00
Geoffrey White
652f903457
C++: Add simple dataflow to the query.
2021-07-13 17:48:48 +01:00
Geoffrey White
7500d75b5b
C++: Fix some easy FPs.
2021-07-13 17:36:41 +01:00
Geoffrey White
133953303b
C++: More test cases.
2021-07-13 17:32:08 +01:00
Mathias Vorreiter Pedersen
4fc60aedc6
C++: Relax the restrictions on when '%' is a barrier and accept test changes.
2021-07-12 17:39:12 +02:00
Mathias Vorreiter Pedersen
a6f1f8d3b6
C++: Add testcases demonstrating FPs from real code.
2021-07-12 17:39:12 +02:00
Mathias Vorreiter Pedersen
be06230b43
Merge branch 'main' into path-sensitive-stack-variable-reachability-analysis
2021-07-12 14:46:44 +02:00
Mathias Vorreiter Pedersen
d2cc0d3925
C++: Fix annotations.
2021-07-12 11:30:43 +02:00
Geoffrey White
dc2cb9bd62
C++: Fix numbering.
2021-07-02 18:33:36 +01:00
