hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,624 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.3
Commit Graph

6845 Commits

Author SHA1 Message Date
Anders Fugmann
bc22e0d9aa C++: Update comments on memberMayBeVarSize 2021-09-14 16:04:39 +02:00
Tom Hvitved
b69033f4ff C++: Upgrade script 2021-09-14 13:14:04 +02:00
Tom Hvitved
6c32b92929 C++: Drop redundant columns from files and folders relations 2021-09-14 13:14:04 +02:00
Anders Fugmann
3f5ab60fb4 C++: Add DEPRECATED to documentation block 2021-09-14 09:55:19 +02:00
ihsinme
8fa3cefb8c Update DoubleRelease.ql 2021-09-14 10:31:20 +03:00
ihsinme
d150c9a6be Update DoubleRelease.ql 2021-09-14 08:51:13 +03:00
Mathias Vorreiter Pedersen
a714966e9b Import 'cpp' and add more description. 2021-09-13 18:43:34 +01:00
Mathias Vorreiter Pedersen
034899367d C++: Exclude uninstantiated templates from AV Rule 114. 2021-09-13 18:08:51 +01:00
Anders Fugmann
f202ddc5aa C++: Add changenote 2021-09-13 16:31:06 +02:00
Geoffrey White
67c6b35845 C++: We get many more real world results using taint tracking. 2021-09-13 15:03:28 +01:00
Geoffrey White
0e8064dbf9 C++: Add a test demonstrating taint. 2021-09-13 15:00:31 +01:00
Anders Fugmann
8e9ac18026 C++: Deprecate RangeSSA::isGuardPhi/3 2021-09-13 15:35:05 +02:00
Geoffrey White
902fa7d44a C++: Subsection header. 2021-09-13 14:10:17 +01:00
Geoffrey White
acd1acd869 C++: Give it a section header. 2021-09-13 14:08:18 +01:00
Geoffrey White
befd1a7ccc C++: Rename security tests readme. 2021-09-13 14:06:22 +01:00
Geoffrey White
ee7ccd7936 C++: Upgrade to path problem. 2021-09-13 13:52:12 +01:00
Anders Fugmann
9a35a699cb C++: Update tests 2021-09-13 12:10:58 +02:00
Geoffrey White
f58177f292 C++: Full dataflow version. 2021-09-13 10:53:09 +01:00
Anders Fugmann
342b2df93f C++: zero or one byte sized arrays in unions are considered as having the length of the union its a member of 2021-09-13 11:25:04 +02:00
Anders Fugmann
3172d5727a C++: Relax constraints on Buffer::memberMayBeVarSize 2021-09-13 11:15:33 +02:00
Anders Fugmann
4ab9b81a9a C++: Add tests exposing some FP's for OverflowStatic query 2021-09-13 11:09:56 +02:00
Geoffrey White
e696eaaa2f C++: Fix false positives involving STDIN_FILENO. 2021-09-13 09:50:19 +01:00
Geoffrey White
3ba9e80635 C++: Support various functions / variants. 2021-09-13 09:50:03 +01:00
Geoffrey White
1707d67adb C++: Support 'send' as well. 2021-09-13 09:49:40 +01:00
Geoffrey White
29ad3bf7f8 C++: Test dataflow and other slightly more complex cases. 2021-09-13 09:49:25 +01:00
Tom Hvitved
649c2ce188 Merge pull request #6586 from hvitved/dataflow/stage2-precise-call-ctx-take2 
Data flow: Add precise call contexts to stage 2
 2021-09-10 11:34:35 +02:00
Anders Fugmann
2c93bce9ad C++: Refactor code to use predicate isGuardPhi/4 2021-09-10 10:53:48 +02:00
Anders Peter Fugmann
1bbadb57a2 Merge pull request #6568 from andersfugmann/andersfugmann/improve_upper_bound 
C++: Improve predicate upperBound in SimpleRangeAnalysis
 2021-09-10 09:49:48 +02:00
Tom Hvitved
296d10fe2a Data flow: Adjust callMayFlowThroughFwd pragmas 2021-09-10 09:21:24 +02:00
Anders Fugmann
270dbd2bf7 C++: Revert peer review suggestion. 
The suggested change has a severe impact on row counts, as cpp does not cache
the results for `bbDominates`. Since the `getGuardedUpperBound` predicate the
cost of runtime complexity is considered higher than the benefit of this change.
 2021-09-09 13:26:42 +02:00
Anders Fugmann
6c44b0e6e7 C++: Add test case where a guarded block has two predecessors which are both in the dominance domain of the guard 2021-09-09 13:18:49 +02:00
Mathias Vorreiter Pedersen
44f477d552 C++: Add uninterpreted query for obtaining frontend and extraction time. 2021-09-08 14:32:50 +01:00
Anders Schack-Mulligen
1af39f0776 Dataflow: Sync. 2021-09-08 13:02:07 +02:00
Anders Fugmann
f91bd91d02 C++: Apply suggested change from code review 2021-09-08 12:38:53 +02:00
Anders Fugmann
e93dc0b4c4 C++: Fix comment in getGuardedUpperBound 2021-09-08 11:06:58 +02:00
Anders Schack-Mulligen
f30dad7705 Dataflow: Update test expected outputs. 2021-09-07 13:02:20 +02:00
Anders Schack-Mulligen
7ec1fa2ebe Dataflow: Sync. 2021-09-07 12:51:42 +02:00
Anders Schack-Mulligen
3c3d71d4a0 Dataflow: Sync 2021-09-07 12:51:42 +02:00
Mathias Vorreiter Pedersen
5cecea42e4 Merge pull request #6603 from geoffw0/impropnulltests 
C++: Add test cases for cpp/improper-null-termination.
 2021-09-07 09:55:36 +01:00
Mathias Vorreiter Pedersen
b7206c1218 Merge pull request #6581 from geoffw0/uncontrolledarith2 
CPP: Improvements for cpp/uncontrolled-arithmetic
 2021-09-07 09:48:59 +01:00
Anders Fugmann
ebdda885f9 C++: Update test annotation for OverflowStatic 2021-09-07 10:38:16 +02:00
Geoffrey White
cd5a5347fc C++: Add basic test. 2021-09-06 18:11:34 +01:00
Geoffrey White
246302453f C++: Add CleartextTransmission query. 2021-09-06 18:11:19 +01:00
Anders Fugmann
9af4d560dd Merge branch 'main' into andersfugmann/improve_upper_bound 2021-09-06 14:26:58 +02:00
Anders Fugmann
ddbaf585ec Merge branch 'main' into andersfugmann/improve_upper_bound 2021-09-06 10:32:44 +02:00
Anders Fugmann
e4d22ea628 C++: Add comment on why getGuardedUpperBound must have exactly one predecessor 2021-09-06 10:31:32 +02:00
ihsinme
8b0d5a2e7b Update cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-09-05 22:46:37 +03:00
Andrew Eisenberg
6a47fcaf1f Packaging: Normalize all qlpack.yml files for all languages 
This commit ensures consistency among all of our qlpacks. Here are the
changes:

1. Ensure only modern references are used (codeql-{lang} is converted to
   codeql/{lang}-all or codeql/{lang}-queries where appropriate).
2. Use consistent version numbers. All languages are at 0.0.2 except
   javascript, which is 0.0.3.
3. Convert all `libraryPathDependencies` to `dependencies` with version
   constraints
4. Dependencies from query packs to other packs are always `"*"` since
   these dependencies are always from source and we should get the
   latest.
5. Dependencies from codeql/{lang}-lib to codeql/{lang}-upgrades must
   be strict since there is a tight connection between the libary
   and its relevant upgrades.
 2021-09-03 11:53:28 -07:00
Geoffrey White
4e60fd5fc7 C++:Add the ImproperNullTerminationTainted.ql query to the test. 2021-09-03 15:53:24 +01:00
Geoffrey White
ccf1a44a2b C++: Extend tests for cpp/improper-null-termination. 2021-09-03 15:48:36 +01:00