hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

6969 Commits

Author SHA1 Message Date
Dave Bartolomeo
aa267c8302 C++: Force LF for .c,.cpp,.h,.hpp 2018-09-23 16:23:52 -07:00
Jonas Jensen
caf4a767ad Merge pull request #219 from geoffw0/resource-not-released 
C++: Exclude placement new from AV Rule 79.ql
 2018-09-22 17:41:36 +02:00
Raul Garcia
242ee10806 Major change in order to support the rule for C as well as cpp 2018-09-21 16:47:31 -07:00
Raul Garcia
925c3b51f9 Adding semmle-extractor-options: --microsoft to test 2018-09-21 15:21:07 -07:00
Raul Garcia
8519f1a9e1 Fixing tabs replaced to spaces 2018-09-21 13:07:39 -07:00
Geoffrey White
3922082e7d CPP: Tidy and simplify AV Rule 79.ql. 2018-09-21 19:35:23 +01:00
Raul Garcia
75ef377ac1 Replace Unicode apostrophe with ANSI single quote 2018-09-21 11:34:22 -07:00
Raul Garcia
94f752c59c Merge branch 'users/raulga/HESULT' of https://github.com/raulgarciamsft/ql into users/raulga/HESULT 2018-09-21 11:14:49 -07:00
Raul Garcia
783be15a45 Fixing typos & ID. 
NOTE: There is an ongoing discussion on the proper CWE we should use
 2018-09-21 11:14:14 -07:00
Geoffrey White
d5a48ad63e CPP: Additional test cases. 2018-09-21 15:55:29 +01:00
Geoffrey White
84f9900c8c CPP: Exclude placement new. 2018-09-21 10:53:42 +01:00
Geoffrey White
c7aa5c169b CPP: Add a test of placement new for AV Rule 79.ql. 2018-09-21 10:47:00 +01:00
Jonas Jensen
e2a17e9740 Merge remote-tracking branch 'upstream/rc/1.18' into mergeback-20180921_104253 2018-09-21 10:45:54 +02:00
Raul Garcia
5ccc1a32aa Merge branch 'master' into master 2018-09-20 16:30:48 -07:00
Raul Garcia
48c99fb1d1 Setting a SECURITY_DESCRIPTOR’s DACL to NULL 
Closing the gap between Semmle & PreFAST
This rule is equivalent to C6248
 2018-09-20 16:28:37 -07:00
Raul Garcia
64b8a5ba01 Merge branch 'master' into users/raulga/HESULT 2018-09-20 16:20:26 -07:00
Raul Garcia
b0ec929aad Cast between semantically different integer types: HRESULT to/from a Boolean type. 
Closing the gap between Semmle and PreFast.
Covers C6214, C6215, C6216, C6217, C6230
 2018-09-20 16:16:32 -07:00
Robert Marsh
e2d24a2743 C++: fix comment 2018-09-20 13:07:36 -07:00
Robert Marsh
9011e1381b C++: handle conversions in IR to AST translation 2018-09-20 12:56:43 -07:00
Robert Marsh
cc97cf9297 C++: add isReachableFromFunctionEntry 2018-09-20 10:06:19 -07:00
Robert Marsh
4c94144089 C++: remove abstract classes in IR 2018-09-20 10:06:18 -07:00
Robert Marsh
755e21d355 C++: improve conversion handling in IRGuards.qll 2018-09-20 10:06:18 -07:00
Robert Marsh
e40ce91e7e C++: document new IR class and predicates 2018-09-20 10:06:18 -07:00
Robert Marsh
d6cea1b203 C++: Add class and predicates to other IR stages 2018-09-20 10:06:17 -07:00
Robert Marsh
b5cd48d819 C++: comments on new classes and predicates 2018-09-20 10:06:17 -07:00
Robert Marsh
0273b20743 C++: make internal classes private 2018-09-20 10:06:17 -07:00
Robert Marsh
ad8f30d2f7 C++: accept test output and add IR guards tests 2018-09-20 10:06:17 -07:00
Robert Marsh
d7e630b3c6 C++: Add IR-based port of Guards library 
For ease of reviewing, I've checked in the .expected files from the
AST-based guards library. The next commit accepts output for these tests
and adds tests that use getAST rather than the translation layer.
 2018-09-20 10:06:16 -07:00
Robert Marsh
4e1a37cd6e C++: add isStrict to RelationalInstruction 2018-09-20 10:06:16 -07:00
Robert Marsh
27a83e65b2 C++: add RelationalOpcode and RelationalInstruction 2018-09-20 10:06:16 -07:00
Robert Marsh
69962bd06c Merge pull request #203 from dave-bartolomeo/dave/GVN 
C++: Initial attempt at IR-based value numbering
 2018-09-20 10:00:45 -07:00
Dave Bartolomeo
5a25602c28 C++: Move GVN out of "internal" directory 2018-09-20 08:21:15 -07:00
Dave Bartolomeo
27cee9bd80 C++: Handle inheritance conversions in IR GVN 2018-09-20 08:00:38 -07:00
Dave Bartolomeo
bd156757d3 C++: Remove accidental add of IR.md 2018-09-19 14:26:17 -07:00
ian-semmle
4b0ab602e7 Merge pull request #202 from jbj/resolveClass-conservative 
C++: more conservative resolveClass
 2018-09-19 11:35:45 +01:00
Nick Rolfe
017e3a390f C++: stats for is_standard_layout_class 2018-09-19 10:26:11 +01:00
Nick Rolfe
f1358b7c02 C++: test for Class::isStandardLayout() 2018-09-19 10:26:11 +01:00
Nick Rolfe
e5b9dca312 C++: add Class::isStandardLayout() 2018-09-19 10:26:11 +01:00
Dave Bartolomeo
43f0289f0f C++: Remove Phi instructions from previous IR generations 
It turns out that when building aliased SSA IR, we were still keeping around the Phi instructions from unaliased SSA IR. These leftover instructions didn't show up in dumps because they were not assigned to a block. However, when dumping additional instruction properties, they would show up as a top-level node in the dump, without a label.
 2018-09-18 11:28:09 -07:00
Jonas Jensen
86fe0ce42e Merge pull request #107 from rdmarsh2/rdmarsh/cpp/HashCons 
C++: HashCons library
 2018-09-18 11:45:26 +02:00
Dave Bartolomeo
46b2c19c66 C++: Initial attempt at IR-based value numbering 2018-09-17 17:19:05 -07:00
Jonas Jensen
a7d897108a C++: Exclude non-toplevel items from resolveClass 
Also exclude templates as their names are not canonical.

The test changes in `isfromtemplateinstantiation/` are the inverses of
what we got in 34c9892f7, which should be a good thing.
 2018-09-17 15:55:34 +02:00
Jonas Jensen
d7f442b042 C++: Force unique resolveClass results 2018-09-17 15:52:38 +02:00
Jonas Jensen
b633ee1bc4 C++: Add more tests of resolveClass 
These tests exercise the problematic cases where a variable can appear
to have multiple types because of how we fail to account for qualified
names when comparing type names.
 2018-09-17 15:48:02 +02:00
Pavel Avgustinov
2b4da8d6a7 Parameter.qll: Tweak how effective declaration entries are computed 
With the new formulation, we can join on function and index at the
same time, leading to significant performance gains on large code
bases that use templates extensively.
 2018-09-14 12:22:01 +01:00
Dave Bartolomeo
c9cb2a0d14 Merge pull request #177 from jbj/ir-array-init-perf 
C++: IR: Fix performance of value-init ranges
 2018-09-14 00:14:45 -07:00
Raul Garcia
28050e1415 Change to cpp/overflow-buffer to detect access to an array using a negative index (static, out of range access, lower bound). 2018-09-13 15:44:32 -07:00
Jonas Jensen
9886e4a056 Merge remote-tracking branch 'upstream/master' into merge-master-next-20180913 2018-09-13 20:28:17 +02:00
semmle-qlci
3d022298dc Merge pull request #186 from Semmle/rc/1.18 
Approved by esben-semmle
 2018-09-13 12:34:54 +01:00
Nick Rolfe
3d2637a249 C++: stats for builtinconvertvector 2018-09-13 10:28:42 +01:00