3040 Commits

Author	SHA1	Message	Date
Mathias Vorreiter Pedersen	5bfb78b583	C++: Block flow through all bitwise 'and' and 'or' operations. This seems to be a common source of false positives on LGTM.	2021-06-24 15:53:59 +02:00
Mathias Vorreiter Pedersen	e8bba78825	C++: Convert 'cpp/uncontrolled-arithmetic' to use a 'TaintTracking::Configuration'.	2021-06-24 15:51:44 +02:00
Anders Schack-Mulligen	95ad8b55fe	Merge pull request #6107 from aschackmull/dataflow/implicit-reads ... Dataflow: Add support for implicit reads	2021-06-24 15:38:35 +02:00
Mathias Vorreiter Pedersen	2938ad5f8f	C++: Add testcase demonstrating the fix from a8c57ec4aa.	2021-06-23 23:01:49 +02:00
Geoffrey White	eeb84d4209	C++: Add more test cases for the toctou query.	2021-06-23 17:12:53 +01:00
Mathias Vorreiter Pedersen	295e022df3	Merge branch 'main' into improve-tainted-arithmetic	2021-06-23 15:45:18 +02:00
Ian Lynagh	089e4e2e1e	Merge pull request #6147 from AlexDenisov/adjust_test_expectation ... C++: Adjust test expectations after frontend upgrade	2021-06-23 14:43:47 +01:00
Alex Denisov	653afc8448	C++: Adjust test expectations after frontend upgrade	2021-06-23 14:39:16 +02:00
Mathias Vorreiter Pedersen	90633b9ce1	C++: Make the new SQL abstract classes extend 'Function' instead. This is more in line with how we model RemoteFlowFunction.	2021-06-23 11:49:51 +02:00
Mathias Vorreiter Pedersen	6379463bcf	Merge branch 'main' into improve-tainted-arithmetic	2021-06-23 11:42:45 +02:00
Geoffrey White	298f70f082	Merge pull request #6120 from MathiasVP/not-overflow-is-barrier-in-cwe-190 ... C++: Recognize any non-overflowing arithmetic expression as a barrier for `cpp/uncontrolled-arithmetic`	2021-06-23 10:35:33 +01:00
Mathias Vorreiter Pedersen	9b94f3a650	Merge branch 'main' into improve-tainted-arithmetic	2021-06-23 11:04:08 +02:00
ihsinme	d61fcfc84b	Add files via upload	2021-06-23 10:46:03 +03:00
Mathias Vorreiter Pedersen	440793b5ff	C++: Move the example from the experimental CWE-089 query into a test.	2021-06-22 17:13:06 +02:00
Anders Schack-Mulligen	810de73246	C/C++: Update qltest expected output.	2021-06-21 14:47:31 +02:00
Mathias Vorreiter Pedersen	238c483e5b	C++: Make any non-overflowing arithmetic operation a barrier.	2021-06-21 14:05:34 +02:00
Mathias Vorreiter Pedersen	18e5d3cce8	C++: Add false positive with multiplication.	2021-06-21 14:04:27 +02:00
Geoffrey White	79198974dc	Merge branch 'main' into weak-crypto3	2021-06-21 11:55:29 +01:00
Mathias Vorreiter Pedersen	17df8e44d0	C++: Convert 'cpp/tainted-arithmetic' to a 'path-problem' query.	2021-06-18 14:56:17 +02:00
Geoffrey White	b5c71fd1d7	C++: Repair funcion call in a function call.	2021-06-17 14:33:16 +01:00
Geoffrey White	e5147c2a1f	C++: Exclude functions that don't involve buffers.	2021-06-17 14:33:16 +01:00
Geoffrey White	a481e5c292	C++: Exclude template code.	2021-06-17 12:36:14 +01:00
Geoffrey White	8efdf359dc	C++: Fix some incorrect uses of 'const' in the tests.	2021-06-17 12:36:13 +01:00
Geoffrey White	3641cdcc1f	C++: Add a test case involving an array.	2021-06-17 12:36:09 +01:00
Geoffrey White	23db21cd90	C++: Test spacing.	2021-06-17 12:33:31 +01:00
Geoffrey White	d590952aaa	C++: Add a test case involving nested function calls.	2021-06-17 12:23:18 +01:00
Geoffrey White	7632c9edb5	C++: Add test cases involving strings and comparisons.	2021-06-17 12:23:17 +01:00
Geoffrey White	2e236dd2a9	C++: Add a test case involving a harmless assert.	2021-06-17 12:23:17 +01:00
Geoffrey White	dca397dfb1	C++: Add a test case with a template class.	2021-06-17 12:23:16 +01:00
Chris Smowton	558813acf7	Inline expectation tests: accept // $MISSING: and // $SPURIOUS: ... Previously there had to be a space after the $ token, unlike ordinary expectations (i.e., // $xss was already accepted)	2021-06-17 09:44:39 +01:00
ihsinme	bf65044a0d	Update test.c	2021-06-17 10:42:25 +03:00
ihsinme	b118817fb8	Add files via upload	2021-06-15 16:52:39 +03:00
ihsinme	4f2703e0aa	Add files via upload	2021-06-15 16:43:57 +03:00
Cornelius Riemenschneider	0ebf53b9df	Merge pull request #6073 from geoffw0/loc ... C++: Add lines of user code query	2021-06-15 09:18:46 +02:00
Mathias Vorreiter Pedersen	14a04ee453	C++: Accept more test changes. These all arise because we now transitively pull in 'semmle.code.cpp.Print' when including 'cpp'.	2021-06-14 22:02:46 +02:00
Mathias Vorreiter Pedersen	cc6ae7f8b8	Merge branch 'main' into path-sensitive-stack-variable-reachability-analysis	2021-06-14 22:02:46 +02:00
Mathias Vorreiter Pedersen	714ad105fe	C++: Accept test changes.	2021-06-14 22:02:38 +02:00
Geoffrey White	d7db18213d	C++: Add a generated file to the test.	2021-06-14 16:21:30 +01:00
Geoffrey White	1e1ae27974	C++: Test the new query.	2021-06-14 16:06:20 +01:00
John L. Singleton	0d3f53b013	Changes to structure per feedback of @jbj	2021-06-10 11:16:58 -04:00
John L. Singleton	01cac13a48	format ql test files.	2021-06-09 17:16:26 -04:00
John L. Singleton	b91a0dbe16	removed accidental modification.	2021-06-09 17:12:59 -04:00
John L. Singleton	1fe3c9d093	removed accidental modification.	2021-06-09 17:11:39 -04:00
John L. Singleton	28e2cdb54e	adding standard C/C++ fixed width, minimum width, and maximum width types	2021-06-09 16:12:58 -04:00
Mathias Vorreiter Pedersen	025043afca	Merge pull request #6010 from geoffw0/charloc ... C++: Test and fix maxCols / charLoc	2021-06-08 11:15:04 +02:00
Alex Denisov	a12954a403	C++: Remove outdated comment	2021-06-07 17:15:21 +02:00
AlexDenisov	d254524f3f	Merge pull request #6027 from AlexDenisov/alexdenisov/fix-string-literal-expectation ... C++: Fix string literal expectation	2021-06-07 17:13:12 +02:00
Geoffrey White	6f05fd4839	C++: Autoformat.	2021-06-07 11:01:00 +01:00
Mathias Vorreiter Pedersen	3923acb5e0	Merge pull request #6017 from github/dbartol/pack/extra-queries-xml ... C++: Replace an odd `queries.xml` with `qlpack.yml`	2021-06-07 10:58:19 +02:00
Alex Denisov	17be6e1271	C++: Fix string literal expectation	2021-06-07 09:47:26 +02:00