hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

3057 Commits

Author SHA1 Message Date
Jonas Jensen
f2402c5abb C++: Test virtual dispatch field conflation 
This test demonstrates that IR data flow conflates unrelated fields of a
global struct-typed variable and that this bug is not present in the old
AST-based implementation of `semmle.code.cpp.security.TaintTracking`.
 2020-05-18 15:37:22 +02:00
Jonas Jensen
cc00f0f584 C++: Move identical declarations to shared.h file 
This cleans up the test results, which were confusing because functions
like `sink` had multiple locations.

There are some additional results now involving casts to `const char *`
because previously it varied whether `sink` used `const`, and now it
always does.
 2020-05-18 10:42:52 +02:00
Mathias Vorreiter Pedersen
a42d80aa14 Merge pull request #3481 from dbartol/github/codeql-c-analysis-team/69 
C++/C#: Allow memory operands to lack a definition
 2020-05-16 11:53:00 +02:00
Geoffrey White
edd09f09cd C++: Add test cases where several specific values are permitted. 2020-05-15 17:01:23 +01:00
Jonas Jensen
b08de6c051 Merge pull request #3482 from MathiasVP/getlim-taint-source 
C++: Add GetDelim as taint step
 2020-05-15 15:54:29 +02:00
Mathias Vorreiter Pedersen
866b1361ec C++: Accept tests 2020-05-15 11:12:47 +02:00
Mathias Vorreiter Pedersen
90d473d886 C++: Demonstrate lack of taint through getdelim 2020-05-15 11:01:27 +02:00
Geoffrey White
48f3db3fbe Merge branch 'master' into fp2762 2020-05-15 09:55:30 +01:00
Dave Bartolomeo
6c12b59f0f C++/C#: Allow non-Phi memory operands to have no definition 2020-05-14 17:22:23 -04:00
Geoffrey White
4a6021fb61 C++: Allow equality checking to block taint flow. 2020-05-14 18:32:38 +01:00
Mathias Vorreiter Pedersen
fe682556bf Merge pull request #3475 from jbj/field-conflation-memcpy 
C++: Test field conflation with array in struct
 2020-05-14 17:53:32 +02:00
Dave Bartolomeo
efa133f0db Merge pull request #3463 from MathiasVP/fix-field-flow-annotation 
C++: Annotate field flow tests
 2020-05-14 10:49:27 -04:00
Jonas Jensen
49ebb3197a Merge pull request #3472 from geoffw0/paramstring 
C++: Improve getParameterString().
 2020-05-14 16:48:07 +02:00
Jonas Jensen
a380dc113f C++: Test field conflation with array in struct 2020-05-14 16:29:39 +02:00
Geoffrey White
754d7f0be8 C++: More test cases for TaintedAllocationSize. 2020-05-14 15:23:31 +01:00
Jonas Jensen
3cd377e299 C++: Fixup forgotten test annotation 
This should have been removed in 038bea2f52.
 2020-05-14 15:57:47 +02:00
Mathias Vorreiter Pedersen
1c2b8563ae C++: Remove 'flow' value from testcases 2020-05-14 15:33:02 +02:00
Geoffrey White
da83f826b9 C++: Solve duplication in getParameterString(). 2020-05-14 14:21:06 +01:00
Geoffrey White
ca0d23fd72 C++: Add a test case. 2020-05-14 14:20:02 +01:00
Mathias Vorreiter Pedersen
5f9b96cde9 C++: Fix off-by-one in test annotation 2020-05-14 15:12:00 +02:00
Geoffrey White
78f098f37a C++: Test Function.getParameterString(). 2020-05-14 13:05:39 +01:00
Mathias Vorreiter Pedersen
f414b277ba C++: Modify complex.cpp test to account for longer access paths in the dataflow library 2020-05-14 13:58:04 +02:00
Geoffrey White
53a53fb633 C++: Modernize the Functions test. 2020-05-14 12:50:57 +01:00
Mathias Vorreiter Pedersen
f5f3405ec3 C++: Modify IR field flow tests to use InlineExpectationsTest.qll 2020-05-14 11:11:21 +02:00
Robert Marsh
396ccda81f Merge pull request #3422 from Cornelius-Riemenschneider/inbounds-ptr 
C++: Add InBoundsPointerDeref.qll to experimental
 2020-05-13 16:55:42 -07:00
Mathias Vorreiter Pedersen
34314d0cb6 C++: Annotation field flow tests with [IR] and [AST] 2020-05-13 15:16:02 +02:00
Dave Bartolomeo
b0f7e9c6a7 C++: Accept test output 2020-05-13 08:02:17 -04:00
Jonas Jensen
1018eaff09 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
 2020-05-13 12:05:58 +02:00
Jonas Jensen
038bea2f52 C++: Add type check to prevent field conflation 2020-05-13 09:25:24 +02:00
Jonas Jensen
250e12a323 C++: Demonstrate new field conflation 2020-05-13 09:24:36 +02:00
Dave Bartolomeo
5d3f25211d C++/C#: Remove UnmodeledUse instruction 2020-05-13 01:06:40 -04:00
Jonas Jensen
451ae7b762 Merge pull request #3444 from dbartol/codeql-c-analysis-team/68 
Rename `sanity` -> `consistency`
 2020-05-12 12:33:08 +02:00
Mathias Vorreiter Pedersen
73882c9f90 Merge pull request #3439 from jbj/passesByReference-qualifier 
C++: Call qualifiers are passed by reference
 2020-05-12 08:31:57 +02:00
Mathias Vorreiter Pedersen
df6abdc074 Merge pull request #3389 from jbj/dataflow-defbyref-to-field 
C++: Post-update flow through &, *, +, ...
 2020-05-12 08:30:33 +02:00
Robert Marsh
090977447b Merge pull request #3445 from geoffw0/rangerounding 
C++: Round result of >> in SimpleRangeAnalysis
 2020-05-11 13:07:18 -07:00
Geoffrey White
a4fa4c859a C++: Fix rounding for >>. 2020-05-11 18:55:01 +01:00
Geoffrey White
b1c32deabc C++: Add some tests with 64-bit values. 2020-05-11 18:54:50 +01:00
Dave Bartolomeo
09d1da2f7a C++/C#: Rename sanity -> consistency 
I did both of these languages together because they share some of the changed code via `identical-files.json`.
 2020-05-11 13:29:52 -04:00
Jonas Jensen
3a89f43cd6 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
 2020-05-11 14:44:17 +02:00
Jonas Jensen
bebd5ae36b C++: Call qualifiers are passed by reference 
After #3382 changed the escape analysis to model qualifiers as escaping,
there was an imbalance in the SSA library, where `addressTakenVariable`
excludes variables from SSA analysis if they have their address taken
but are _not_ passed by reference. This showed up as a missing result in
`TOCTOUFilesystemRace.ql`, demonstrated with a test case in #3432.

This commit changes the definition of "pass by reference" to include
call qualifiers, which allows SSA modeling of variables that have member
function calls on them.
 2020-05-11 09:39:48 +02:00
Jonas Jensen
8ff045b6a2 Merge pull request #3432 from geoffw0/toctou 
C++: Add a test of TOCTOUFilesystemRace.ql
 2020-05-11 09:18:51 +02:00
Jonas Jensen
71c21e6eca C++: Accept test changes forgotten in 32e04b403 
Adding a new test case leads to changes in all `.expected` files in its
directory.

The new results show that the `DefinitionsAndUses` library does not
model `std::addressof` correctly, but that library is not intended to be
used for new code.
 2020-05-11 08:17:13 +02:00
Cornelius Riemenschneider
3596ff7c51 Address review. 2020-05-10 19:34:16 +02:00
Geoffrey White
bff97d9fe5 C++: Effect of #3382. 2020-05-07 19:06:05 +01:00
Geoffrey White
6499197087 C++: Add a test of TOCTOUFilesystemRace.ql. 2020-05-07 19:03:32 +01:00
Jonas Jensen
4b9a3f1482 Merge remote-tracking branch 'upstream/master' into dataflow-defbyref-to-field 2020-05-07 16:48:41 +02:00
Jonas Jensen
88eeca39fb Merge commit '52d8acc1a198c5ea29c1dddceda1d6c0fb75de14' into dataflow-defbyref-to-field 
This is a partial merge from master. In particular, it takes in #3382
and #3385.
 2020-05-07 16:46:11 +02:00
Jonas Jensen
32e04b4033 C++: Support std::addressof 
I didn't add this support in `AddressConstantExpression.qll` since I
think it would require extra work and testing to get the constexprness
right. My long-term plan for `AddressConstantExpression.qll` is to move
its functionality to the extractor.
 2020-05-07 16:30:44 +02:00
Mathias Vorreiter Pedersen
594f3b1807 C++: Add testcase for #3110 2020-05-07 14:39:53 +02:00
Geoffrey White
c8524522c8 C++: Add test cases. 2020-05-06 18:51:50 +01:00