hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

34 Commits

Author SHA1 Message Date
Paolo Tranquilli
30805d964c add ThisArgumentOperand special case 2021-11-23 15:28:15 +00:00
Paolo Tranquilli
28806fe5f4 update test results after operand location changes 2021-11-23 15:28:15 +00:00
Mathias Vorreiter Pedersen
3a488574e5 C++: Rewrite the PartialDefinitionNode classes to match the new StoreNodes. 2021-10-28 12:35:00 +01:00
Mathias Vorreiter Pedersen
908f24d23f C++: Fix missing AST flow. 2021-02-17 14:33:58 +01:00
Jonas Jensen
064568c36d Revert "Merge pull request #4784 from MathiasVP/mathiasvp/reverse-read-take-3" 
This reverts commit 1b3d69d617, reversing
changes made to 527c41520e.
 2021-02-03 08:49:37 +01:00
Mathias Vorreiter Pedersen
b4f9b1590d C++: Restore lost result on git/git. We lost the result in a00bd7ae02 because the added check for type T to type T* conversion didn't handle const qualifiers. 2021-01-22 14:20:18 +01:00
Mathias Vorreiter Pedersen
7b003678a9 Merge branch 'main' into mathiasvp/reverse-read-take-3 2021-01-07 11:56:18 +01:00
Mathias Vorreiter Pedersen
bb158f1857 C++: Add dataflow testcases that need flow through conflated memory. 2021-01-04 11:43:23 +01:00
Mathias Vorreiter Pedersen
72a80e3722 C++: Accept test changes. 2020-12-22 09:14:54 +01:00
Mathias Vorreiter Pedersen
ba4da72b9e C++: Add examples that require longer access paths 2020-12-22 09:14:53 +01:00
Mathias Vorreiter Pedersen
177f94368e C++: Respond to review comments and accept test changes. 2020-10-30 15:59:39 +01:00
Tom Hvitved
570b624eb7 C++: Update expected test output 2020-10-16 09:05:01 +02:00
Mathias Vorreiter Pedersen
873e871620 C++: Handle more cases in arrayReadStep. 2020-09-21 14:35:37 +02:00
Mathias Vorreiter Pedersen
49dd576352 C++: Add more tests 2020-09-21 10:59:16 +02:00
Mathias Vorreiter Pedersen
53da751b15 C++: Accept tests 2020-09-18 17:12:27 +02:00
Mathias Vorreiter Pedersen
b40941b89c C++: Add test demonstrating field conflation after merging #4230 2020-09-18 13:23:23 +02:00
Jonas Jensen
c67605f15c Merge pull request #4230 from MathiasVP/mathiasvp/array-field-flow 
C++: Replace `field -> object` taint rule with `ArrayContent` dataflow
 2020-09-18 10:56:51 +02:00
Geoffrey White
86404af501 Merge pull request #4270 from MathiasVP/mathiasvp/single-field-flow-fix-cwe190test 
C++: Use underlying type when checking whether a type is a single-field struct.
 2020-09-16 17:21:07 +01:00
Mathias Vorreiter Pedersen
7b456d6162 Merge branch 'main' into mathiasvp/array-field-flow 2020-09-16 10:45:31 +02:00
Jonas Jensen
78560833a1 C++: Add a test distilled from real code 
Author: @rvermeulen.

The consistency warnings go away because `sink` is defined with a body
in this file.
 2020-09-15 16:24:37 +02:00
Jonas Jensen
bdce24735c C++: Add flow through arrays 
This works by adding data-flow edges to skip over array expressions when
reading from arrays. On the post-update side, there was already code to
skip over array expressions when storing to arrays. That happens in
`valueToUpdate` in `AddressFlow.qll`, which needed just a small tweak to
support assignments with non-field expressions at the top-level LHS,
like `*a = ...` or `a[0] = ...`.

The new code in `AddressFlow.qll` is copy-pasted from `EscapesTree.qll`,
and there is already a note in these files saying that they share a lot
of code and must be maintained in sync.
 2020-09-15 14:46:11 +02:00
Jonas Jensen
27b8dc2b13 C++: Add tests for flow through arrays 2020-09-15 14:19:34 +02:00
Mathias Vorreiter Pedersen
d18dd5ab09 C++: Add testcase demonstrating the underlying problem in 6ca9c449af. 2020-09-15 12:32:15 +02:00
Mathias Vorreiter Pedersen
2a8ee90828 C++: Demonstrate lack of flow when taking the address of a field and loading it afterwards 2020-08-26 15:50:57 +02:00
Jonas Jensen
5a5df4de26 Revert "Merge pull request #3419 from MathiasVP/flat-structs" 
There was unfortunately a semantic merge conflict between #3419 and
 #3587 that caused a performance regression on (at least) OpenJDK.

This reverts commit 982fb38807, reversing
changes made to b841cacb83.
 2020-06-22 14:09:06 +02:00
Mathias Vorreiter Pedersen
b48168fc03 C++: Accept tests 2020-06-08 12:26:25 +02:00
Mathias Vorreiter Pedersen
3adc10fdb4 C++: Accept tests 2020-05-29 15:33:55 +02:00
Mathias Vorreiter Pedersen
335baaef73 C++: Add testcases for partial definitions with long access paths 2020-05-29 12:15:39 +02:00
Jonas Jensen
9813258a3e Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 
Conflicts and semantic conflicts in `library-tests/dataflow/fields` and
`library-tests/ir/ir`.
 2020-05-29 08:44:37 +02:00
Robert Marsh
d8b5d3bce8 C++: accept test fixes 2020-05-28 08:45:01 -07:00
Jonas Jensen
1b23f3ec90 C++: Accept two more changed tests 2020-05-28 11:18:14 +02:00
Mathias Vorreiter Pedersen
97edd97778 C++: Add getLocation to TNode IPA type in testcase 2020-05-27 08:28:18 +02:00
Mathias Vorreiter Pedersen
251240376b C++: Fix asPartialDefinition for IR dataflow nodes and accept testcases 2020-05-26 13:14:38 +02:00
Mathias Vorreiter Pedersen
c5c3ffaef0 C++: Add asPartialDefinition testcases 2020-05-26 13:14:11 +02:00