Mathias Vorreiter Pedersen
|
41c93d92d7
|
C++: Remove FPs from right shifts and explicitly bounded random functions.
|
2021-05-31 15:40:02 +02:00 |
|
Mathias Vorreiter Pedersen
|
10755ece88
|
C++: Add testcase with bounded randomness source.
|
2021-05-31 15:33:39 +02:00 |
|
Mathias Vorreiter Pedersen
|
66d284ee59
|
Merge pull request #5766 from ihsinme/ihsinme-patch-267
CPP: Add query for CWE-415 Double Free
|
2021-05-31 10:51:32 +02:00 |
|
ihsinme
|
d808a5b131
|
Update cpp/ql/test/experimental/query-tests/Security/CWE/CWE-415/semmle/tests/test.c
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2021-05-31 11:16:38 +03:00 |
|
ihsinme
|
2909dde179
|
Update test.c
|
2021-05-26 09:31:15 +03:00 |
|
Geoffrey White
|
2fd461e984
|
Merge pull request #5938 from MathiasVP/promote-access-of-memory-location-after-end-of-buffer-using-strncat
C++: Promote `cpp/access-memory-location-after-end-buffer-strncat` out of experimental
|
2021-05-25 14:36:53 +01:00 |
|
Mathias Vorreiter Pedersen
|
b33adb8630
|
Merge pull request #5930 from MathiasVP/promote-incorrect-allocation-error-out
C++: Promote `cpp/incorrect-allocation-error-handling`
|
2021-05-25 10:57:31 +02:00 |
|
Mathias Vorreiter Pedersen
|
e857ac1149
|
C++: Add more tests and remove redundant conjunct.
|
2021-05-25 09:17:42 +02:00 |
|
Mathias Vorreiter Pedersen
|
12cd09d5d4
|
C++: Delete the experimental query and its tests, and accept the test changes.
|
2021-05-21 10:35:57 +02:00 |
|
Mathias Vorreiter Pedersen
|
8d0cfb4e91
|
C++: Merge tests from 'cpp/access-memory-location-after-end-buffer-strncat' into the tests from 'cpp/unsafe-strncat'.
|
2021-05-21 10:34:59 +02:00 |
|
Alex Denisov
|
694eba66f3
|
C++: Adjust tests for new specifiers
|
2021-05-20 10:49:20 +02:00 |
|
Mathias Vorreiter Pedersen
|
9504592909
|
C++: Promote cpp/incorrect-allocation-error-handling out of experimental.
|
2021-05-20 09:47:45 +02:00 |
|
Geoffrey White
|
aaae717328
|
Merge branch 'main' into weak_crypto
|
2021-05-19 11:19:08 +01:00 |
|
Mathias Vorreiter Pedersen
|
26c4a66dc4
|
C++: Add range analysis to fix FPs.
|
2021-05-18 17:54:30 +02:00 |
|
Mathias Vorreiter Pedersen
|
df9981de4f
|
C++: Add testcases with false positives.
|
2021-05-18 17:53:20 +02:00 |
|
Geoffrey White
|
cdf261b54b
|
C++: In fact it's just not good enough to get additional evidence from the declaring type.
|
2021-05-18 14:31:19 +01:00 |
|
Geoffrey White
|
c7382ee06d
|
C++: Repair for function call macros.
|
2021-05-18 14:27:08 +01:00 |
|
Geoffrey White
|
012840e602
|
C++: Add more test cases.
|
2021-05-18 14:26:12 +01:00 |
|
Geoffrey White
|
09d00b133e
|
C++: Acknowledge another not detected result in tests.
|
2021-05-17 15:53:03 +01:00 |
|
Geoffrey White
|
930b9fe3e5
|
C++: Add triple-DES to the bad algorithms list.
|
2021-05-17 15:51:17 +01:00 |
|
Mathias Vorreiter Pedersen
|
d46452e8de
|
Merge pull request #5903 from MathiasVP/tainted-allocation-size-barrier
C++: Add barriers to `cpp/uncontrolled-allocation-size`
|
2021-05-17 15:24:45 +02:00 |
|
Mathias Vorreiter Pedersen
|
31091c66c1
|
C++: Add a test containing a guarded long.
|
2021-05-17 08:06:06 +02:00 |
|
Robert Marsh
|
d706d7b7a4
|
Merge pull request #5887 from MathiasVP/fewer-rand-sources-in-uncontrolled-arithmetic
C++: Add more sanitizers to `cpp/uncontrolled-arithmetic`
|
2021-05-14 15:35:56 -07:00 |
|
Mathias Vorreiter Pedersen
|
2d0a56128d
|
C++: Prevent flow out of pointer-difference expressions.
|
2021-05-14 13:49:48 +02:00 |
|
Mathias Vorreiter Pedersen
|
c1d41b3169
|
C++: Add false positive result from pointer-difference expressions.
|
2021-05-14 13:47:23 +02:00 |
|
Mathias Vorreiter Pedersen
|
5031b73f35
|
C++: Add barrier to cpp/uncontrolled-allocation-size that blocks flow when overflow isn't possible.
|
2021-05-14 13:43:20 +02:00 |
|
Geoffrey White
|
3a83ff54e6
|
C++: Add support for class methods.
|
2021-05-13 16:02:00 +01:00 |
|
Geoffrey White
|
2576075b98
|
C++: Repair result message.
|
2021-05-13 15:52:28 +01:00 |
|
Geoffrey White
|
5d1ef49f8f
|
C++: Add support for enum constants.
|
2021-05-13 15:42:42 +01:00 |
|
Geoffrey White
|
e4d2c7cfc4
|
C++: Rewrite so that we look for additional evidence.
|
2021-05-13 13:19:39 +01:00 |
|
Geoffrey White
|
123889a671
|
C++: Fix 'triple DES' false positives.
|
2021-05-13 10:21:06 +01:00 |
|
Geoffrey White
|
0450caa73d
|
C++: Exclude array initializers.
|
2021-05-12 19:39:30 +01:00 |
|
Geoffrey White
|
52a88af6c1
|
C++: Exclude macro invocations in switch case expressions.
|
2021-05-12 19:33:18 +01:00 |
|
Geoffrey White
|
9404d0676d
|
C++: Exclude macros that don't generate anything.
|
2021-05-12 19:28:08 +01:00 |
|
Geoffrey White
|
b6d5f7c315
|
C++: Fix FPs caused by substring regexp.
|
2021-05-12 19:23:49 +01:00 |
|
Geoffrey White
|
109fa4d38e
|
C++: Add test cases for BrokenCryptoAlgorithm.ql.
|
2021-05-12 19:16:00 +01:00 |
|
Mathias Vorreiter Pedersen
|
e94dab70b5
|
C++: Add sanitizers to cpp/uncontrolled-arithmetic.
|
2021-05-12 15:44:09 +02:00 |
|
Geoffrey White
|
8f152b7380
|
Merge pull request #5877 from MathiasVP/detect-more-abs-in-overflow-library
C++: Detect more uses of `abs`
|
2021-05-12 10:02:12 +01:00 |
|
Mathias Vorreiter Pedersen
|
948f1d8e34
|
C++: Add testcase with INTMAX_MIN.
|
2021-05-11 19:43:21 +02:00 |
|
Geoffrey White
|
d7e560c611
|
Merge pull request #5767 from ihsinme/ihsinme-patch-268
CPP: Add query for CWE-1126: Declaration of Variable with Unnecessarily Wide Scope
|
2021-05-11 15:24:25 +01:00 |
|
Mathias Vorreiter Pedersen
|
48e783184c
|
C++: Fix false positive by recognizing more absolute value functions in Overflow.qll
|
2021-05-11 14:30:28 +02:00 |
|
Mathias Vorreiter Pedersen
|
24d8abd2c2
|
C++: Add false positive testcase when an absolute value is used in comparison.
|
2021-05-11 14:27:53 +02:00 |
|
AlexDenisov
|
2905bb8b9a
|
Merge pull request #5861 from AlexDenisov/alexdenisov/adjust-user-defined-literals-test
C++: Adjust user-defined literals test' expectations
|
2021-05-11 09:31:54 +02:00 |
|
Mathias Vorreiter Pedersen
|
5016c6436a
|
Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type
C++: Fix false positive in `cpp/comparison-with-wider-type`
|
2021-05-10 17:58:31 +02:00 |
|
Mathias Vorreiter Pedersen
|
51d04cb5b3
|
C++: Correct test annotation.
|
2021-05-10 15:30:35 +02:00 |
|
Mathias Vorreiter Pedersen
|
c0b65314be
|
C++: Fix false positive by restricting _both_ the old (unconverted) expression _and_ all of the conversions.
|
2021-05-10 15:18:42 +02:00 |
|
Mathias Vorreiter Pedersen
|
c7cd75437f
|
C++: Add testcase demonstrating false positive from conversions.
|
2021-05-10 14:58:33 +02:00 |
|
ihsinme
|
9e5a38debd
|
Update DeclarationOfVariableWithUnnecessarilyWideScope.expected
|
2021-05-10 14:17:40 +03:00 |
|
ihsinme
|
d3c6093f37
|
Update test.c
|
2021-05-10 14:16:38 +03:00 |
|
Alex Denisov
|
dcdd54593e
|
C++: Adjust user-defined literals test' expectations
|
2021-05-10 13:03:40 +02:00 |
|