hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

1116 Commits

Author SHA1 Message Date
Ziemowit Laski
2292518933 [CPP-434] Change query so it flags overflows that were cast to unsigned. 2019-10-21 17:04:46 -07:00
Jonas Jensen
defe99503d Merge pull request #2113 from raulgarciamsft/users/raulga/boost 
Users/raulga/boost
 2019-10-20 13:14:44 +02:00
Geoffrey White
446763d331 CPP: Fix typo. 2019-10-18 14:47:21 +01:00
Geoffrey White
411f74db70 CPP: Delete comment. 2019-10-18 14:44:38 +01:00
Ziemowit Laski
70441edacf [CPP-434] Additional test case; improve QHelp by including themes from the BadAdditionOverflowCheck QHelp. 2019-10-17 16:41:17 -07:00
Ziemowit Laski
fb625c12ef [CPP-434] Move SignedOverflowCheck test to BadAdditionOverflowCheck directory; add additional tests. 2019-10-16 14:31:11 -07:00
Geoffrey White
5f1fdd08a7 CPP: Post-2115. 2019-10-16 13:51:06 +01:00
Geoffrey White
096af3c3f3 CPP: Add test cases involving __builtin_complex. 2019-10-16 13:46:11 +01:00
Geoffrey White
ff8e04aa99 CPP: Fix bug. 2019-10-14 11:00:43 +01:00
Geoffrey White
62625cc454 CPP: Extend the test. 2019-10-14 10:44:04 +01:00
Ziemowit Laski
5558922b31 [CPP-434] Drop the requirement that RHS not be cast to unsigned, since overflow occurs on LHS. Adjust test case. 2019-10-11 17:01:16 -07:00
Ziemowit Laski
33cd6de729 [CPP-434] Improved query and test suite. 2019-10-10 18:11:35 -07:00
Raul Garcia (MSFT)
7b0e83fead Porting Boost.org TLS queries 2019-10-10 16:05:14 -07:00
Geoffrey White
b10988faec CPP: Fix the query. 2019-10-10 09:15:19 +01:00
Geoffrey White
3f167a6f15 CPP: Add a test involving templates. 2019-10-10 09:15:19 +01:00
Geoffrey White
4fc73cab63 CPP: Add a test of ComparisonPrecedence.ql. 2019-10-10 09:15:19 +01:00
Ziemowit Laski
1ab965761b [CPP-434] Incorporate test from BadAdditionOverflowCheck. 2019-10-09 17:30:30 -07:00
Ziemowit Laski
7fc47d496a [CPP-434] Much improved query (producing only true positives on a run of 75 projects). 2019-10-09 16:40:19 -07:00
Ziemowit Laski
e617a05a1f [CPP-434] One bad usage is undetected; adjust test accordingly. 2019-10-08 17:20:25 -07:00
Ziemowit Laski
872054a89a [CPP-434] Narrow down query. 2019-10-08 14:12:35 -07:00
Ziemowit Laski
341dc12fc8 [CPP-434] Adjust expected output. 2019-10-08 14:12:35 -07:00
Ziemowit Laski
8c6caf2b4e [CPP-434] Rename everything to SignedOverflowCheck. Add .qlhelp. Deal with addition only, not subtraction. 2019-10-08 14:12:35 -07:00
Ziemowit Laski
c9a9aff221 [CPP-434] Expected result. 2019-10-08 14:12:35 -07:00
Ziemowit Laski
55c26a8880 [CPP-434] Initial version of query + test cases. 2019-10-08 14:12:34 -07:00
Jonas Jensen
898976121b Merge pull request #1987 from geoffw0/toomanyformat 
CPP: WrongNumberOfFormatArguments.ql Fix
 2019-09-23 16:05:11 +02:00
Geoffrey White
b3df289a80 CPP: Fix test. 2019-09-23 13:56:24 +01:00
Geoffrey White
2d8e4b3176 CPP: Additional cases resembling the ticket. 2019-09-23 13:04:14 +01:00
Geoffrey White
040bd89163 CPP: Correct expected results. 2019-09-23 11:02:36 +01:00
Geoffrey White
f7607313e7 CPP: Fix FPs. 2019-09-20 15:12:55 +01:00
Geoffrey White
9a407eb43c CPP: Test format args with mismatching declarations. 2019-09-20 14:54:44 +01:00
Robert Marsh
9c6a0ffc48 Merge pull request #1979 from nickrolfe/wrong_type_uninstantiated 
C++: ignore uninstantiated templates in WrongTypeFormatArguments.ql
 2019-09-19 14:51:45 -07:00
Nick Rolfe
56f4f86921 C++: ignore uninstantiated templates in WrongTypeFormatArguments.ql 2019-09-19 21:18:47 +01:00
Robert Marsh
fd88f7a3ce Merge pull request #1884 from jbj/dataflow-addressof 
C++: Data flow through address-of operator (&)
 2019-09-19 09:15:43 -07:00
Jonas Jensen
34a5368101 C++: Ignore templates in AmbiguouslySignedBitField 
If it's possible that the type is not fully resolved, it's better to
avoid giving an alert.

This fixes a FP in https://github.com/heremaps/flatdata.
 2019-09-19 14:21:53 +02:00
Jonas Jensen
0ed0951d43 C++: Demonstrate AmbiguouslySignedBitField FP 2019-09-19 14:19:34 +02:00
Jonas Jensen
655f940085 C++: Accept changes in CWE-{119,120} tests 
These new results seem better than the previous ones, but the previous
ones are still there. Perhaps the `Buffer.qll` library could use some
adjustment, but this seems like an improvement in isolation.
 2019-09-17 13:16:36 +02:00
Anders Schack-Mulligen
61e4e61087 C++: Adjust qltest expected output. 2019-09-12 11:00:49 +02:00
Jonas Jensen
4ef5c9af62 C++: Autoformat everything 
Some files that will change in #1736 have been spared.

    ./build -j4 target/jars/qlformat
    find ql/cpp/ql -name "*.ql"  -print0 | xargs -0 target/jars/qlformat --input
    find ql/cpp/ql -name "*.qll" -print0 | xargs -0 target/jars/qlformat --input
    (cd ql && git checkout 'cpp/ql/src/semmle/code/cpp/ir/implementation/**/*SSA*.qll')
    buildutils-internal/scripts/pr-checks/sync-identical-files.py --latest
 2019-09-09 11:25:53 +02:00
Jonas Jensen
d51e5212fb Merge remote-tracking branch 'upstream/master' into dataflow-TTwo 
Conflicts:
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/test/library-tests/dataflow/fields/flow.expected
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
 2019-09-08 21:08:43 +02:00
Geoffrey White
3a3bef3a03 CPP: Add the new Japanese era. 2019-09-03 18:28:24 +01:00
Geoffrey White
bac39e6288 CPP: Add test cases. 2019-09-03 17:46:30 +01:00
Jonas Jensen
b1be123e31 C#/C++/Java: Prettier AccessPath.toString 
The `ppReprType` predicate should now be `none()` instead of `result=""`
to signal that there is nothing to print. That seems clearer to me.
 2019-09-02 13:14:20 +02:00
Geoffrey White
2b1871fd2b CPP: Remove the old test. I don't think preserving a duplicate test of deprecated queries is helpful. 2019-08-29 18:18:23 +01:00
Geoffrey White
ed7586d829 CPP: Add a combined test for the combined query. 2019-08-29 18:18:22 +01:00
Jonas Jensen
2c253f360a C++: Support x-macros that are #undef'ed in header 
This fixes a false positive on https://github.com/zduka/tpp.
 2019-08-28 13:03:16 +02:00
Jonas Jensen
e7dfb3e61b C++: Test for x-macro FP observed in the wild 2019-08-28 13:03:09 +02:00
Jonas Jensen
b348803a66 Merge pull request #1594 from geoffw0/erafix7 
CPP: Add test coverage for LeapYearFieldAccess.isModifiedByArithmeticOperation.
 2019-08-09 15:57:35 +02:00
Geoffrey White
67eb37f460 CPP: Update test annotations. 2019-08-09 09:31:47 +01:00
Jonas Jensen
605b56f8ca Merge pull request #1563 from geoffw0/constexprif 
CPP: Test cases for EmptyBlock.ql with 'if constexpr'
 2019-08-08 20:57:28 +02:00
Geoffrey White
bbe7691a3d CPP: Fix indentation. 2019-08-06 17:56:24 +01:00