hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

3057 Commits

Author SHA1 Message Date
Jonas Jensen
b316644ac2 C++: SimpleRangeAnalysis for *= by constant 2020-08-18 15:07:20 +02:00
Jonas Jensen
b6b72729f6 C++: SimpleRangeAnalysis for MulExpr by constant 2020-08-18 11:37:59 +02:00
Jonas Jensen
2e2f99cabf C++: Correctly classify the MulExpr rounding bugs 2020-08-18 10:39:57 +02:00
Jonas Jensen
27345c64f3 C++: Also accept PointlessComparison test changes 2020-08-18 09:32:05 +02:00
Geoffrey White
0234bca6ca C++: Fix a hole in StdStringAppend and clarify comments. 2020-08-17 17:55:44 +01:00
Robert Marsh
9decb47bf0 Merge pull request #4076 from jbj/SimpleRangeAnalysis-AssignOperation 
C++: Fix SimpleRangeAnalysis for AssignOperation
 2020-08-17 12:55:26 -04:00
Geoffrey White
a11ca06189 C++: Implement more std::string models. 2020-08-17 17:33:09 +01:00
Geoffrey White
9204940830 C++: Add test cases for std::string methods. 2020-08-17 17:31:26 +01:00
Geoffrey White
789e781eb7 C++: Add prototypes for std::string methods to test. 2020-08-17 16:01:25 +01:00
Geoffrey White
4b4b8a9faa Merge pull request #4074 from jbj/SimpleRangeAnalysis-extensible 
C++: extensible range analysis
 2020-08-17 14:46:57 +01:00
Jonas Jensen
e03fe81ce7 C++: Accept float.toString changes in tests 2020-08-17 15:07:00 +02:00
Geoffrey White
89c2b6dc4b Merge remote-tracking branch 'upstream/master' into split 2020-08-14 14:03:34 +01:00
Jonas Jensen
fe72b559d3 C++: Range analysis for unsigned AssignMulExpr 
This is essentially a copy-paste job of `AssignAddExpr`, together with
the math from the `UnsignedMulExpr` support.
 2020-08-14 14:19:54 +02:00
Jonas Jensen
f90d779122 C++: Fix SimpleRangeAnalysis for AssignOperation 
The range analysis wasn't producing useful bounds for `AssignOperation`s
(`+=`, `-=`) unless their RHS involved a variable. This is because a
shortcut was made in the `analyzableDef` predicate, which used to
specify that an analyzable definition was one for which we'd specified
the dependencies. But we can't distinguish between having _no
dependencies_ and having _no specification of the dependencies_.

The fix is to be more explicit about which definitions are analyzable.
To avoid too much repetition I'm still calling out to `analyzableExpr`
in the new code.
 2020-08-14 14:15:58 +02:00
Jonas Jensen
f7273b8665 C++: Add custom modeling to extensibility.ql 2020-08-14 12:27:30 +02:00
Jonas Jensen
ee3312503e C++: Add test for extensible range analysis 
This commit demonstrates that the range is too wide before custom
modeling has been added to the test.
 2020-08-14 12:27:30 +02:00
Geoffrey White
498b350add Merge remote-tracking branch 'upstream/master' into plus 2020-08-13 18:21:28 +01:00
Geoffrey White
a839f1fae5 C++: Split off stringstream.cpp. 2020-08-13 18:17:24 +01:00
Geoffrey White
49d2f66ddb C++: Tidy up sources and sinks. 2020-08-13 18:08:58 +01:00
Geoffrey White
f343eb9143 C++: Split stl.cpp into string.cpp and vector.cpp. 2020-08-13 18:04:46 +01:00
Geoffrey White
5d7f771933 C++: Split off stl.h from stl.cpp. 2020-08-13 18:04:45 +01:00
Geoffrey White
93f95b1c22 Merge pull request #4053 from jbj/SimpleRangeAnalysis-mul 
C++: SimpleRangeAnalysis: unsigned multiplication
 2020-08-13 16:59:31 +01:00
Geoffrey White
7349333006 C++: Taint through char append. 2020-08-13 15:13:47 +01:00
Geoffrey White
3c0e7a709f C++: Add a test of append with CharT. 2020-08-13 14:52:34 +01:00
Geoffrey White
732a8fa4c9 C++: Add another member function. 2020-08-13 14:52:34 +01:00
Jonas Jensen
93d8d8eb1d C++: Demonstrate range analysis MulExpr bugs 
Unless these issues can be reproduced in far less contrived code, I
don't think they will cause problems in practice.
 2020-08-12 12:10:23 +02:00
Jonas Jensen
1ee96a4b4f C++: SimpleRangeAnalysis: unsigned multiplication 2020-08-12 10:03:04 +02:00
Robert Marsh
e80cc63219 Merge pull request #3861 from dilanbhalla/privatedata 
C++: Private Data File/Buffer Writes
 2020-08-11 15:49:31 -04:00
Geoffrey White
f62ad75048 C++: Taint through std::string operator+=. 2020-08-11 17:03:02 +01:00
Geoffrey White
cf6f530823 C++: Taint through std::string operator+. 2020-08-11 16:58:55 +01:00
Geoffrey White
a57dfd6b67 C++: Taint through std::string append. 2020-08-11 16:54:39 +01:00
Geoffrey White
f824a893ca C++: Add test cases for appending strings. 2020-08-11 16:50:52 +01:00
Geoffrey White
030ab4f626 C++: Add string append operators to the test (changes layout). 2020-08-11 16:47:56 +01:00
Jonas Jensen
2ea25b9d90 C++: Precise printing of integer bounds 
The pretty-printing of a QL `float` didn't include enough digits to tell
whether a large number had accurate bounds. The `toString` value of a
float appears to be more precise.
 2020-08-11 16:48:01 +02:00
Jonas Jensen
0476b97f63 Merge pull request #3789 from dilanbhalla/cpp 
C++ Memory Unsafe Functions
 2020-08-11 10:09:37 +02:00
dilanbhalla
dcfbb86674 pr fixes 2020-08-10 15:14:12 -07:00
Jonas Jensen
1f432dc45f Merge pull request #4023 from geoffw0/loopdir 
C++: Exclude decrementing unsigned counters from inconsistentLoopDirection.ql
 2020-08-10 12:10:29 +02:00
Geoffrey White
3cf11eca2a C++: And more test cases. 2020-08-07 17:30:07 +01:00
Geoffrey White
7d491afaeb C++: More test cases. 2020-08-07 17:05:13 +01:00
Geoffrey White
b7d2e0ca63 C++: Make all the tests meaningful. 2020-08-07 14:18:28 +01:00
Jonas Jensen
c8911ab973 C++: Test range-based-for with std::vector too 2020-08-07 12:40:00 +02:00
Geoffrey White
0b5b7fa095 C++: Fix another edge case. 2020-08-06 19:06:42 +01:00
Geoffrey White
b3f3f6d95a C++: Fix edge case. 2020-08-06 19:03:43 +01:00
Geoffrey White
cbf30e37ed C++: Fix the issue. 2020-08-06 18:50:18 +01:00
Geoffrey White
a7564c9e0e C++: Add a test of unsigned count-down loops. 2020-08-06 18:44:22 +01:00
Jonas Jensen
7cc877cbbb C++: Taint through RangeBasedForStmt (AST only) 2020-08-06 15:37:41 +02:00
Jonas Jensen
5f635aca36 Merge pull request #3768 from geoffw0/copymove 
C++: Clean up ConversionConstructor.
 2020-08-05 14:35:05 +02:00
Jonas Jensen
ea0896c78b Merge pull request #3999 from MathiasVP/mathiasvp/range-based-for-loop-taint-tests 
C++: Add tests for taint through range-based for loops
 2020-08-05 09:11:53 +02:00
Geoffrey White
9f5c37ccaa Merge branch 'master' into copymove 2020-08-04 15:41:27 +01:00
Mathias Vorreiter Pedersen
4990d00498 C++: Add taint tests demonstrating lack of taint through range based for loops 2020-07-31 09:57:35 +02:00