hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,240 Commits 1,671 Branches 157 Tags
codeql-cli-2.7.6
Commit Graph

6969 Commits

Author SHA1 Message Date
Anders Schack-Mulligen
446c738f20 Merge pull request #6790 from aschackmull/dataflow/force-precision 
Dataflow: Force high precision of certain Contents.
 2021-10-08 11:44:26 +02:00
ihsinme
d79596354e Update cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-10-08 11:50:45 +03:00
Anders Schack-Mulligen
1bec58dee5 Dataflow: Fix more qldoc: s/accesspath/access path/. 2021-10-08 09:41:26 +02:00
Robert Marsh
2539e3247a Merge pull request #6814 from MathiasVP/fix-qldoc-in-copy-instruction 
C++/C#: Fix QLDoc of `CopyInstruction`
 2021-10-07 11:18:38 -07:00
Anders Schack-Mulligen
2b88a2aa0c Dataflow: Fix qldoc: s/accesspath/access path/. 2021-10-07 14:46:24 +02:00
Andrew Eisenberg
e2b1f6ac50 Packaging: Add library flag to upgrades packs 
This flag was missing. It should be there. Otherwise, this
pack cannot be built.
 2021-10-06 14:29:55 -07:00
Mathias Vorreiter Pedersen
b089e6d84e C++/C#: Fix QLDoc of 'CopyInstruction'. 2021-10-05 09:14:20 +01:00
Geoffrey White
11b8d4191f C++: Repair .expected following merge. 2021-10-04 16:53:33 +01:00
Geoffrey White
2c64fa50d2 Merge branch 'main' into impropnullfp 2021-10-04 16:51:21 +01:00
Mathias Vorreiter Pedersen
eac0222f2c C++: Add more CWEs to 'cpp/incorrect-allocation-error-handling'. 2021-10-04 15:15:40 +01:00
Nick Rolfe
5aec84b672 C++: add upgrade script for dbscheme comment changes 2021-10-04 12:30:42 +01:00
Owen Mansel-Chan
938d003e5e Fix example to use space after $ for consistency 2021-10-02 08:11:49 +01:00
Owen Mansel-Chan
25792b2a45 Change class name to avoid clash with Go and Javascript libraries 2021-10-02 08:04:17 +01:00
Mathias Vorreiter Pedersen
cc8b581c06 C++: Accept test changes. 2021-10-01 22:23:17 +02:00
Mathias Vorreiter Pedersen
cca77ed65c Merge branch 'main' into add-return-value-deref-to-model-util 2021-10-01 22:02:06 +02:00
Geoffrey White
b9a1a451a9 C++: Autoformat. 2021-10-01 19:21:30 +01:00
Mathias Vorreiter Pedersen
0679142607 C++: Accept test changes. 2021-10-01 18:27:55 +02:00
Mathias Vorreiter Pedersen
3463c28e24 C++: Add return value dereference to 'callOutput'. This will need to be modified once we get return value side effects in the IR. 2021-10-01 18:27:46 +02:00
Geoffrey White
51188aa93f C++: Give the two queries medium precision (for now). 2021-10-01 17:04:22 +01:00
Geoffrey White
a62772c274 C++: Add change note. 2021-10-01 16:35:12 +01:00
Geoffrey White
ada30800c9 C++: Exclude results where identity-like functions obscure operations on a variable. 2021-10-01 16:16:06 +01:00
Geoffrey White
11d7a0b712 C++: Exclude results where the address of the variable is taken. 2021-10-01 14:39:02 +01:00
Geoffrey White
d41e517757 C++: Simplify mayAddNullTerminator. 2021-10-01 14:15:05 +01:00
Geoffrey White
ec2e4f432a C++: Add more test cases, inspired by FPs on LGTM with the query. 2021-10-01 14:03:41 +01:00
Geoffrey White
74957dcb2e C++: Test spacing. 2021-10-01 13:59:34 +01:00
Anders Schack-Mulligen
98f68cb053 Dataflow: Sync. 2021-10-01 13:11:43 +02:00
Anders Schack-Mulligen
490df2027b Dataflow: Add language-specific predicate forceHighPrecision(). 2021-10-01 13:11:14 +02:00
Mathias Vorreiter Pedersen
a3cf721b9e Merge pull request #6713 from geoffw0/cwe139 
C++: New query for 'Cleartext transmission of sensitive information'
 2021-10-01 11:10:36 +02:00
Geoffrey White
679b0f9b73 C++: Autoformat. 2021-10-01 09:40:16 +01:00
Jonas Jensen
45cf6344cd Merge pull request #6184 from github/rdmarsh2/improve-exec-tainted 
C++: Refactor ExecTainted.ql to only report results after string concatenation
 2021-09-29 19:21:13 +02:00
Rasmus Wriedt Larsen
987b573709 Fix hasLocationInfo URL reference 
Follow up to https://github.com/github/codeql/pull/5830
 2021-09-29 13:47:58 +02:00
Mathias Vorreiter Pedersen
8dcf7926de Merge pull request #6760 from andersfugmann/relax_memberMayBeVarSize 
Increase precision to high for cpp/static-buffer-overflow
 2021-09-29 10:09:11 +02:00
Geoffrey White
89098f54be C++: Correct comment. 2021-09-28 20:03:42 +01:00
Geoffrey White
10323ac819 Update cpp/ql/src/Security/CWE/CWE-311/CleartextStorage.inc.qhelp 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-09-28 15:13:29 +01:00
Anders Fugmann
ba98c0c1cb Merge remote-tracking branch 'upstream/main' into relax_memberMayBeVarSize 2021-09-28 11:15:11 +02:00
Anders Peter Fugmann
a358ea8667 C++: Apply documentation change suggestion 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-09-28 10:38:02 +02:00
Anders Peter Fugmann
c7ea7ca5cd C++: Apply documentation change suggestion 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-09-28 09:40:25 +02:00
Anders Peter Fugmann
49c656d904 C++: Apply documentation change suggestion 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-09-28 09:40:07 +02:00
Anders Fugmann
79549c2285 Merge remote-tracking branch 'upstream/main' into refactor_use_of_isGuardPhi 2021-09-28 09:38:16 +02:00
Robert Marsh
d47c4732e2 C++: Update change note date 2021-09-27 17:36:14 -07:00
Robert Marsh
dfb27d170c C++ fix test compilation errors 2021-09-27 13:58:54 -07:00
Anders Fugmann
03bd7d7f96 C++: Update test results from OverflowStatic 2021-09-27 11:23:08 +02:00
Jonas Jensen
b0836a620c Merge pull request #6757 from geoffw0/impropnulltest2 
C++: Small improvement to cpp/improper-null-termination
 2021-09-27 10:52:49 +02:00
Jonas Jensen
06b36f742e Merge pull request #6745 from andersfugmann/handle_overflow_for_upperbound 
C++: Handle overflow for upperbound
 2021-09-27 10:32:49 +02:00
Anders Fugmann
e0921ac983 C++: Increase precision of cpp/static-buffer-overflow to high 2021-09-27 09:06:36 +02:00
Geoffrey White
7e7dfe2cc4 C++: Understand format arguments. 2021-09-24 19:25:43 +01:00
Geoffrey White
91a8b9fdd9 C++: Add suggested test (and a good variant). 2021-09-24 18:34:28 +01:00
Geoffrey White
6901d9d9c2 C++: Add and use getRemoteSocket predicates. 2021-09-24 15:16:48 +01:00
Geoffrey White
9f59bc8f7b C++: Naive translation to use RemoteFlow*Function. 2021-09-24 15:12:14 +01:00
Geoffrey White
3e1bc66984 Merge pull request #6733 from MathiasVP/fix-qldoc-in-initialize-dynamic-allocation-instruction 
C++/C#: Fix QLDoc on `InitializeDynamicAllocationInstruction`.{`getAllocationAddressOperand` and `getAllocationAddress`}
 2021-09-24 14:30:03 +01:00