hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

1095 Commits

Author SHA1 Message Date
Geoffrey White
aaae717328 Merge branch 'main' into weak_crypto 2021-05-19 11:19:08 +01:00
Mathias Vorreiter Pedersen
26c4a66dc4 C++: Add range analysis to fix FPs. 2021-05-18 17:54:30 +02:00
Mathias Vorreiter Pedersen
df9981de4f C++: Add testcases with false positives. 2021-05-18 17:53:20 +02:00
Geoffrey White
cdf261b54b C++: In fact it's just not good enough to get additional evidence from the declaring type. 2021-05-18 14:31:19 +01:00
Geoffrey White
c7382ee06d C++: Repair for function call macros. 2021-05-18 14:27:08 +01:00
Geoffrey White
012840e602 C++: Add more test cases. 2021-05-18 14:26:12 +01:00
Geoffrey White
09d00b133e C++: Acknowledge another not detected result in tests. 2021-05-17 15:53:03 +01:00
Geoffrey White
930b9fe3e5 C++: Add triple-DES to the bad algorithms list. 2021-05-17 15:51:17 +01:00
Mathias Vorreiter Pedersen
d46452e8de Merge pull request #5903 from MathiasVP/tainted-allocation-size-barrier 
C++: Add barriers to `cpp/uncontrolled-allocation-size`
 2021-05-17 15:24:45 +02:00
Mathias Vorreiter Pedersen
31091c66c1 C++: Add a test containing a guarded long. 2021-05-17 08:06:06 +02:00
Robert Marsh
d706d7b7a4 Merge pull request #5887 from MathiasVP/fewer-rand-sources-in-uncontrolled-arithmetic 
C++: Add more sanitizers to `cpp/uncontrolled-arithmetic`
 2021-05-14 15:35:56 -07:00
Mathias Vorreiter Pedersen
2d0a56128d C++: Prevent flow out of pointer-difference expressions. 2021-05-14 13:49:48 +02:00
Mathias Vorreiter Pedersen
c1d41b3169 C++: Add false positive result from pointer-difference expressions. 2021-05-14 13:47:23 +02:00
Mathias Vorreiter Pedersen
5031b73f35 C++: Add barrier to cpp/uncontrolled-allocation-size that blocks flow when overflow isn't possible. 2021-05-14 13:43:20 +02:00
Geoffrey White
3a83ff54e6 C++: Add support for class methods. 2021-05-13 16:02:00 +01:00
Geoffrey White
2576075b98 C++: Repair result message. 2021-05-13 15:52:28 +01:00
Geoffrey White
5d1ef49f8f C++: Add support for enum constants. 2021-05-13 15:42:42 +01:00
Geoffrey White
e4d2c7cfc4 C++: Rewrite so that we look for additional evidence. 2021-05-13 13:19:39 +01:00
Geoffrey White
123889a671 C++: Fix 'triple DES' false positives. 2021-05-13 10:21:06 +01:00
Geoffrey White
0450caa73d C++: Exclude array initializers. 2021-05-12 19:39:30 +01:00
Geoffrey White
52a88af6c1 C++: Exclude macro invocations in switch case expressions. 2021-05-12 19:33:18 +01:00
Geoffrey White
9404d0676d C++: Exclude macros that don't generate anything. 2021-05-12 19:28:08 +01:00
Geoffrey White
b6d5f7c315 C++: Fix FPs caused by substring regexp. 2021-05-12 19:23:49 +01:00
Geoffrey White
109fa4d38e C++: Add test cases for BrokenCryptoAlgorithm.ql. 2021-05-12 19:16:00 +01:00
Mathias Vorreiter Pedersen
e94dab70b5 C++: Add sanitizers to cpp/uncontrolled-arithmetic. 2021-05-12 15:44:09 +02:00
Mathias Vorreiter Pedersen
948f1d8e34 C++: Add testcase with INTMAX_MIN. 2021-05-11 19:43:21 +02:00
Mathias Vorreiter Pedersen
48e783184c C++: Fix false positive by recognizing more absolute value functions in Overflow.qll 2021-05-11 14:30:28 +02:00
Mathias Vorreiter Pedersen
24d8abd2c2 C++: Add false positive testcase when an absolute value is used in comparison. 2021-05-11 14:27:53 +02:00
Mathias Vorreiter Pedersen
5016c6436a Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type 
C++: Fix false positive in `cpp/comparison-with-wider-type`
 2021-05-10 17:58:31 +02:00
Mathias Vorreiter Pedersen
51d04cb5b3 C++: Correct test annotation. 2021-05-10 15:30:35 +02:00
Mathias Vorreiter Pedersen
c0b65314be C++: Fix false positive by restricting _both_ the old (unconverted) expression _and_ all of the conversions. 2021-05-10 15:18:42 +02:00
Mathias Vorreiter Pedersen
c7cd75437f C++: Add testcase demonstrating false positive from conversions. 2021-05-10 14:58:33 +02:00
Mathias Vorreiter Pedersen
c91ed80e6c C++: Fix false positive by computing range of the converted expression. 2021-05-10 10:12:43 +02:00
Mathias Vorreiter Pedersen
7ac7830973 C++: Add testcase with false positive involving a conversion on the large-expression side of the comparison. 2021-05-10 10:11:31 +02:00
Geoffrey White
75edcf0b4f Merge branch 'main' into unsigneddiff2 2021-05-07 16:35:16 +01:00
Robert Marsh
230f4bcae8 C++: accept test changes from IR sharing 2021-05-06 08:14:45 -07:00
Robert Marsh
86b1d032ae C++: accept test regressions 2021-05-06 08:14:38 -07:00
Mathias Vorreiter Pedersen
04a785b9fb C++: Accept test changes. 2021-04-27 09:43:27 +02:00
Mathias Vorreiter Pedersen
93e55e2631 C++: Fix FP in cpp/return-stack-allocated-memory. 2021-04-20 13:58:12 +02:00
Mathias Vorreiter Pedersen
1797b6c7f9 C++: Add FP test from the work on smart pointers in dataflow. 2021-04-20 13:54:57 +02:00
Mathias Vorreiter Pedersen
7fbc62358e C++: Accept test changes after making the exprMightOverFlow predicates more sound. 2021-04-15 13:57:44 +02:00
Mathias Vorreiter Pedersen
d1457995dd C++: Use range analysis in Overflow.qll 2021-04-13 16:39:28 +02:00
Geoffrey White
4879104568 C++: Add more dataflow cases to replace the loss. 2021-04-13 15:09:12 +01:00
Geoffrey White
b0ad927fdd C++: Remove useUsePair. 2021-04-13 15:03:06 +01:00
Geoffrey White
3b437fe6cf C++: Replace GVN with some other libraries. 2021-04-09 15:21:42 +01:00
Geoffrey White
517fd23ca5 C++: Correct and add to test cases. 2021-04-08 09:48:38 +01:00
Geoffrey White
a8193dac08 C++: Reintroduce the exprMightOverflowNegatively bit. 2021-04-06 22:36:59 +01:00
Geoffrey White
60e4faba4c C++: Add linear expression logic. 2021-04-06 22:28:36 +01:00
Geoffrey White
48ff8e237c C++: Rewrite the range analysis exclusion to be recursive and more robust. 2021-04-06 22:26:55 +01:00
Geoffrey White
3ecd13531f C++: Improve isGuarded. 2021-04-06 22:21:59 +01:00