hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,333 Commits 1,672 Branches 157 Tags
ginsbach/NewOverlayLocalJava
Commit Graph

1315 Commits

Author SHA1 Message Date
Jonas Jensen
5f0d283212 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
The conflicts came from how `this` is now a parameter but not a
`Parameter` on `master`.

Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
	cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected
 2020-06-02 15:35:02 +02:00
Robert Marsh
5ee37bcd5a Merge branch 'master' into ir-this-parameter-2 
Bring in fix for duplicate virtual variables for parameter indirections
 2020-05-29 14:40:45 -07:00
Jonas Jensen
91da0d5567 Merge pull request #3592 from geoffw0/strlen 
CPP: Don't taint the return value of strlen
 2020-05-29 19:23:47 +02:00
Mathias Vorreiter Pedersen
3adc10fdb4 C++: Accept tests 2020-05-29 15:33:55 +02:00
Geoffrey White
19c33ab41c C++: Refine StrLenFunction, including removal of taint flow. 2020-05-29 14:04:27 +01:00
Geoffrey White
59cb5f9b1e C++: Remove a special case for strlen in DefaultTaintTracking. 2020-05-29 14:04:26 +01:00
Geoffrey White
d77092c931 C++: Add taint tests for strlen. 2020-05-29 13:39:40 +01:00
Mathias Vorreiter Pedersen
335baaef73 C++: Add testcases for partial definitions with long access paths 2020-05-29 12:15:39 +02:00
Jonas Jensen
7d4d435f25 Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected
 2020-05-29 10:04:12 +02:00
Jonas Jensen
9813258a3e Merge remote-tracking branch 'upstream/master' into Expr-location-workaround 
Conflicts and semantic conflicts in `library-tests/dataflow/fields` and
`library-tests/ir/ir`.
 2020-05-29 08:44:37 +02:00
Robert Marsh
a897caec76 C++: outbound dataflow via this indirections 2020-05-28 15:30:41 -07:00
Dave Bartolomeo
476f27e427 Merge from master 2020-05-28 17:27:08 -04:00
Dave Bartolomeo
01ef8795bf C++: Updated fixed test expectation 2020-05-28 17:24:38 -04:00
Robert Marsh
d8b5d3bce8 C++: accept test fixes 2020-05-28 08:45:01 -07:00
Robert Marsh
693789c2cc Merge branch 'master' into ir-this-parameter 
Bring in new tests so their output can be fixed
 2020-05-28 08:32:10 -07:00
Jonas Jensen
1b23f3ec90 C++: Accept two more changed tests 2020-05-28 11:18:14 +02:00
Jonas Jensen
9153f568be C++: Accept test results with location fixes 2020-05-28 09:42:49 +02:00
Robert Marsh
593d4c0f32 Merge pull request #3567 from MathiasVP/ir-partial-definition 
Implement `asPartialDefinition` for IR dataflow nodes
 2020-05-27 13:51:41 -07:00
Mathias Vorreiter Pedersen
bd97fe627c Merge branch 'master' into remove-field-conflation-from-ir-fieldflow 2020-05-27 17:08:19 +02:00
Mathias Vorreiter Pedersen
97edd97778 C++: Add getLocation to TNode IPA type in testcase 2020-05-27 08:28:18 +02:00
Robert Marsh
fb46002332 C++: Fix ThisParameterNode after IR changes 2020-05-26 13:35:08 -07:00
Geoffrey White
95537ed26f C++: Fix mysprintf in test. 2020-05-26 18:06:14 +01:00
Geoffrey White
d96bf797ef C++: Test layout. 2020-05-26 18:06:06 +01:00
Mathias Vorreiter Pedersen
251240376b C++: Fix asPartialDefinition for IR dataflow nodes and accept testcases 2020-05-26 13:14:38 +02:00
Mathias Vorreiter Pedersen
c5c3ffaef0 C++: Add asPartialDefinition testcases 2020-05-26 13:14:11 +02:00
Mathias Vorreiter Pedersen
b205d36933 C++: Remove chi -> load rule from simpleLocalFlowStep and accept tests 2020-05-26 11:40:26 +02:00
Mathias Vorreiter Pedersen
617ef32464 C++: Remove [FALSE POSITIVE] annotations 2020-05-21 02:22:57 +02:00
Mathias Vorreiter Pedersen
3c167125e5 C++: Accept test output 2020-05-20 18:18:34 +02:00
Jonas Jensen
d38700a87c Merge remote-tracking branch 'upstream/master' into mergeback-2020-05-19 
Conflicts:
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
 2020-05-19 17:44:15 +02:00
Jonas Jensen
5318d42c4f Merge remote-tracking branch 'upstream/rc/1.24' into mergeback-2020-05-19 2020-05-19 14:42:58 +02:00
Jonas Jensen
486f06ab18 C++: Simplify field conflation test 
It turned out the `memcpy` step was not even necessary.
 2020-05-19 14:12:11 +02:00
Jonas Jensen
76e194c8be C++: Fix struct field conflation in IR data flow 
The virtual-dispatch code for globals was missing any relationship
between the union field access and the global variable, which meant it
propagated function-pointer flow between any two fields of a global
struct. This resulted in false positives from
`cpp/tainted-format-string` on projects using SDL, such as
WohlSoft/PGE-Project.

In addition to fixing that bug, this commit also brings the code up to
date with the new style of modeling flow through global variables:
`DataFlow::Node.asVariable()`.
 2020-05-18 16:24:22 +02:00
Jonas Jensen
f2402c5abb C++: Test virtual dispatch field conflation 
This test demonstrates that IR data flow conflates unrelated fields of a
global struct-typed variable and that this bug is not present in the old
AST-based implementation of `semmle.code.cpp.security.TaintTracking`.
 2020-05-18 15:37:22 +02:00
Jonas Jensen
cc00f0f584 C++: Move identical declarations to shared.h file 
This cleans up the test results, which were confusing because functions
like `sink` had multiple locations.

There are some additional results now involving casts to `const char *`
because previously it varied whether `sink` used `const`, and now it
always does.
 2020-05-18 10:42:52 +02:00
Jonas Jensen
b08de6c051 Merge pull request #3482 from MathiasVP/getlim-taint-source 
C++: Add GetDelim as taint step
 2020-05-15 15:54:29 +02:00
Mathias Vorreiter Pedersen
866b1361ec C++: Accept tests 2020-05-15 11:12:47 +02:00
Mathias Vorreiter Pedersen
90d473d886 C++: Demonstrate lack of taint through getdelim 2020-05-15 11:01:27 +02:00
Mathias Vorreiter Pedersen
fe682556bf Merge pull request #3475 from jbj/field-conflation-memcpy 
C++: Test field conflation with array in struct
 2020-05-14 17:53:32 +02:00
Jonas Jensen
a380dc113f C++: Test field conflation with array in struct 2020-05-14 16:29:39 +02:00
Jonas Jensen
3cd377e299 C++: Fixup forgotten test annotation 
This should have been removed in 038bea2f52.
 2020-05-14 15:57:47 +02:00
Mathias Vorreiter Pedersen
1c2b8563ae C++: Remove 'flow' value from testcases 2020-05-14 15:33:02 +02:00
Mathias Vorreiter Pedersen
5f9b96cde9 C++: Fix off-by-one in test annotation 2020-05-14 15:12:00 +02:00
Mathias Vorreiter Pedersen
f414b277ba C++: Modify complex.cpp test to account for longer access paths in the dataflow library 2020-05-14 13:58:04 +02:00
Mathias Vorreiter Pedersen
f5f3405ec3 C++: Modify IR field flow tests to use InlineExpectationsTest.qll 2020-05-14 11:11:21 +02:00
Mathias Vorreiter Pedersen
34314d0cb6 C++: Annotation field flow tests with [IR] and [AST] 2020-05-13 15:16:02 +02:00
Jonas Jensen
1018eaff09 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
 2020-05-13 12:05:58 +02:00
Jonas Jensen
038bea2f52 C++: Add type check to prevent field conflation 2020-05-13 09:25:24 +02:00
Jonas Jensen
250e12a323 C++: Demonstrate new field conflation 2020-05-13 09:24:36 +02:00
Mathias Vorreiter Pedersen
df6abdc074 Merge pull request #3389 from jbj/dataflow-defbyref-to-field 
C++: Post-update flow through &, *, +, ...
 2020-05-12 08:30:33 +02:00
Jonas Jensen
3a89f43cd6 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
 2020-05-11 14:44:17 +02:00