hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,672 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

3057 Commits

Author SHA1 Message Date
Jonas Jensen
e37aab5002 C++: Suppress FieldAddressInstruction taint 
See code comment. This fixes false positives on openjdk/jdk.
 2020-04-06 16:14:26 +02:00
Jonas Jensen
3b76509159 C++: Test DefaultTaintTracking field conflation 2020-04-06 16:13:41 +02:00
Mathias Vorreiter Pedersen
c577541850 C++: Fix reverse read dataflow consistency failure and accept tests 2020-04-06 15:50:08 +02:00
Geoffrey White
8059d69bbd C++: Model calls to operator new / delete for NewFreeMismatch.ql. 2020-04-06 14:27:05 +01:00
Geoffrey White
3e9f9645ae C++: Exclude calls to operator new / delete from NewFreeMismatch.ql. 2020-04-06 14:08:00 +01:00
Geoffrey White
97cdcbee63 C++: Test for NewFreeMismatch.ql with operator new / delete. 2020-04-06 13:57:28 +01:00
Mathias Vorreiter Pedersen
317734f41e C++: Attach PostUpdateNodes to Chi nodes following aschackmull's suggestion 2020-04-05 22:35:26 +02:00
Jonas Jensen
530d4294b0 Merge remote-tracking branch 'upstream/master' into DefaultTaintTracking-Configuration 2020-04-05 07:27:07 +02:00
Jonas Jensen
58366b19e9 C++: Path explanations in the last two queries 
For some reason I thought that these two queries were special because
they manipulate `SecurityOptions` to change the taint-tracking sources.
It turns out it was just the opposite: the queries used to be special
because they invalidated the cache for the `tainted` predicate, but that
predicate is no longer used, so these queries are no longer special.
 2020-04-04 16:47:06 +02:00
Jonas Jensen
54a23a486a C++: Accept test changes for 108d5177b8 2020-04-04 16:46:59 +02:00
Robert Marsh
316d932829 Merge pull request #3198 from MathiasVP/valuenumbering-provider-new-file 
C++/C#: Prevent accidental import of ValueNumberPropertyProvider
 2020-04-03 13:31:11 -07:00
Jonas Jensen
5822cd7b84 C++: Put paths in the remaining LGTM-suite queries 2020-04-03 17:10:47 +02:00
Jonas Jensen
3ec1f691c2 C++: First query with flow-paths through globals 2020-04-03 16:45:00 +02:00
Jonas Jensen
469bdae9b2 C++: More helpful toString for def. by ref. node 2020-04-03 16:37:23 +02:00
Jonas Jensen
36da2d1dae C++: Manipulate the source end of paths too 
Without this, we get duplicate alerts in some cases and
unnatural-looking source nodes in other cases. The source nodes were
often `Conversion`s.
 2020-04-03 16:37:23 +02:00
Mathias Vorreiter Pedersen
c54cddead1 C++: Include PrintValueNumbering in testcase 2020-04-03 12:42:06 +02:00
Jonas Jensen
16c7a35b1c Merge pull request #3195 from geoffw0/taintstring 
C++: Model taint flow through std::string constructor and c_str()
 2020-04-03 12:05:07 +02:00
Robert Marsh
a8e191248e Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Merge IR SSA test additions
 2020-04-02 15:30:20 -07:00
Geoffrey White
73171682b7 C++: Switch to taint flow as suggested in the old PR. 2020-04-02 19:49:41 +01:00
Geoffrey White
b14b52d0ac C++: Add models for std::string (as in old PR). 2020-04-02 19:49:41 +01:00
Geoffrey White
69f6790c83 C++: Add a test of taint through std::strings, based on the one in the old PR. 2020-04-02 19:49:31 +01:00
Mathias Vorreiter Pedersen
ce5d8d516f Merge branch 'master' into ir-flow-fields 2020-04-02 15:23:00 +02:00
Mathias Vorreiter Pedersen
a273917e51 Merge branch 'master' into init-dynamic-alloc-newexpr 2020-04-02 14:11:03 +02:00
Jonas Jensen
4825774ce2 Merge pull request #3173 from geoffw0/opnew 
C++: Support operator new and operator delete in models library
 2020-04-02 14:01:10 +02:00
Mathias Vorreiter Pedersen
af9e05b9cd C++: Accept test 2020-04-02 10:57:11 +02:00
Mathias Vorreiter Pedersen
020c273dc9 Merge branch 'master' into ir-flow-fields 2020-04-02 10:45:58 +02:00
Robert Marsh
a061811939 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Pick up new test for user-defined swap functions
 2020-04-01 17:32:55 -07:00
Robert Marsh
bbb69d524e Merge pull request #3188 from geoffw0/swap4 
C++: Add a user defined swap function to taint tests.
 2020-04-01 17:28:46 -07:00
Jonas Jensen
207c76b855 C++: Path explanations in DefaultTaintTracking 
The first three queries are migrated to use path explanations.
 2020-04-01 20:51:05 +02:00
Geoffrey White
6b5f4d9e12 Merge branch 'master' into av114 2020-04-01 18:23:21 +01:00
Geoffrey White
7a98919879 C++: Add a non-standard swap to taint tests. 2020-04-01 17:14:38 +01:00
Geoffrey White
d71098d178 Merge branch 'master' into opnew 2020-04-01 15:00:26 +01:00
Robert Marsh
b579e6aabe C++: accept consistency test output 2020-03-31 12:56:52 -07:00
Robert Marsh
25f3f67c4a Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Fixes test conflicts and reveals a bug in parameter handling
 2020-03-31 12:54:00 -07:00
Mathias Vorreiter Pedersen
f06ae6e9de C++: Accept more test output 2020-03-31 19:49:04 +02:00
Mathias Vorreiter Pedersen
97061716f9 C++: Accept test output 2020-03-31 17:10:33 +02:00
Mathias Vorreiter Pedersen
b6f93746bf C++: Accept test output 2020-03-31 16:00:56 +02:00
Mathias Vorreiter Pedersen
94f5468504 C++: Accept tests 2020-03-31 13:56:47 +02:00
Geoffrey White
a75e249112 C++: Autoformat test. 2020-03-31 12:55:45 +01:00
Geoffrey White
18e60fabaf C++: Model operator delete and operator delete[]. 2020-03-31 12:55:44 +01:00
Mathias Vorreiter Pedersen
688464a00f C++: Add testcases with new and accept output 2020-03-31 12:22:07 +02:00
Jonas Jensen
7b7ff1fb3a Merge pull request #3089 from geoffw0/sideeffect 
CPP: Add side effect models for strcpy and strcat.
 2020-03-31 12:11:04 +02:00
Geoffrey White
3b12d1adfd C++: Test getPlacementArgument(). 2020-03-31 11:06:21 +01:00
Geoffrey White
254c877d0a C++: Deduplicate AllocationExprs. 2020-03-31 11:05:50 +01:00
Geoffrey White
259f714d91 C++: Model operator new and operator new[]. 2020-03-31 11:02:52 +01:00
Geoffrey White
ef68bd6bf4 C++: Add a test of direct calls to operator new / operator dedelete. 2020-03-31 11:01:29 +01:00
Geoffrey White
aa49b35d2c C++: Add an explicit test of DeallocationFunction and DeallocationExpr as well. 2020-03-31 10:37:20 +01:00
Geoffrey White
0cb7d4c82d C++: Add an explicit test of AllocationFunction and AllocationExpr. 2020-03-30 20:28:21 +01:00
Geoffrey White
b634b59b9c C++: Merge the two allocators tests. 2020-03-30 18:52:12 +01:00
Jonas Jensen
531ef64c5d C++: Fix other copies of the argHasPostUpdate test 2020-03-30 17:45:53 +02:00