hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,333 Commits 1,672 Branches 157 Tags
ginsbach/NewOverlayLocalJava
Commit Graph

1315 Commits

Author SHA1 Message Date
Jonas Jensen
64c79bf9e1 C++: Deprecate UninitializedNode in IR data flow 
It's not used outside of tests, and it's not useful. It will break the
tests when we start allowing flow through chi nodes.
 2019-12-27 11:21:33 +01:00
Dave Bartolomeo
5b5d2f2b67 Merge pull request #2154 from rdmarsh2/rdmarsh/cpp/ir-callee-side-effects 
C++: add InitializeIndirection for pointer params
 2019-12-20 13:13:54 -07:00
Robert Marsh
e209ed961a Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-12-17 15:11:02 -08:00
Mathias Vorreiter Pedersen
1d3ee71f73 C++: Added test for 333d0a69 2019-12-17 13:54:41 +01:00
Jonas Jensen
763b18cd11 Merge remote-tracking branch 'upstream/master' into StackVariable 
Conflicts:
      change-notes/1.24/analysis-cpp.md
      cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql
 2019-11-28 17:51:20 +01:00
Robert Marsh
05aebeff79 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-11-21 13:45:31 -08:00
Robert Marsh
34593701b2 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-11-20 10:03:32 -08:00
Jonas Jensen
c41114334f Merge remote-tracking branch 'upstream/master' into ir-dataflow-toString 
Solved conflicts in `*.expected` by re-running the tests.
 2019-11-19 14:27:27 +01:00
Jonas Jensen
1498499994 C++: Relax type in two tests 2019-11-19 11:31:34 +01:00
Ian Lynagh
2cf714a923 C++: Follow changes in lambda locations 2019-11-15 14:42:36 +00:00
Robert Marsh
facbd32062 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-11-14 11:09:13 -08:00
Robert Marsh
2fb1d4d1b1 C++: fix IR return block successors 2019-11-14 10:29:48 -08:00
Jonas Jensen
ec9ef33486 C++: IR data flow through inheritance conversions 
This makes IR data flow behave more like AST data flow, and it makes IR
virtual dispatch work without further changes.
 2019-11-06 14:04:07 +01:00
Jonas Jensen
49008c9ff5 C++: IR data flow local virtual dispatch 
This is just good enough to cause no performance regressions and pass
the virtual-dispatch tests we have for `security.TaintTracking`. In
particular, it fixes the tests for `UncontrolledProcessOperation.ql`
when enabling `DefaultTaintTracking.qll`.
 2019-11-06 14:04:02 +01:00
Robert Marsh
8076156cb1 Merge branch 'master' into rdmarsh/cpp/ir-callee-side-effects 2019-10-28 16:50:34 -07:00
Jonas Jensen
b13535ac7d C++: Implement DataFlow::BarrierGuard for AST+IR 
The change note is copied from the Java change note.
 2019-10-28 16:22:23 +01:00
Robert Marsh
e8dd0227ae C++: accept test changes 2019-10-22 14:27:43 -07:00
Jonas Jensen
5d7a0b8dd5 Merge remote-tracking branch 'upstream/master' into dataflow-ref-parameter 
I've accepted the new test output, which shows that this branch fixes
two false negatives in the test cases from #2088.
 2019-10-08 13:09:20 +02:00
Jonas Jensen
19f642fc8d Merge commit '7434702' into dataflow-ref-parameter 
This merges #1735 into this branch to resolve the semantic merge
conflicts between them.
 2019-10-08 12:55:47 +02:00
Geoffrey White
050d99fa87 CPP: Add test cases. 2019-10-04 17:44:27 +01:00
Jonas Jensen
7c319efb8b C++: Data flow through reference parameters 2019-10-01 10:43:49 +02:00
Jonas Jensen
b2df18ab78 C++: Document tests better 
This addresses PR comments by @rdmarsh2.
 2019-09-17 13:17:25 +02:00
Jonas Jensen
ef601cf78e C++: Annotate changes in struct_init.c test 2019-09-17 13:16:36 +02:00
Jonas Jensen
fd6d06fe6f C++: Data flow through address-of operator (&) 
The data flow library conflates pointers and their objects in some
places but not others. For example, a member function call `x.f()` will
cause flow from `x` of type `T` to `this` of type `T*` inside `f`. It
might be ideal to avoid that conflation, but that's not realistic
without using the IR.

We've had good experience in the taint tracking library with conflating
pointers and objects, and it improves results for field flow, so perhaps
it's time to try it out for all data flow.
 2019-09-17 13:16:34 +02:00
Jonas Jensen
7cfbe88e7b C++: IR DataFlow::Node.toString consistency 
The `toString` for IR data-flow nodes are now similar to AST data-flow
nodes. This should make it easier to use the IR as a drop-in replacement
in the future. There are still differences because the IR data flow
library takes conversions into account.

I did not attempt to align the new nodes we use for field flow. That can
come later, when we add field flow to IR data flow.
 2019-09-13 14:33:31 +02:00
Jonas Jensen
562bffe710 C++: Simplify toString of ImplicitParameterNode 
This string looked out of place compared to `ExplicitParameterNode`,
whose string is simply the name of the parameter and therefore
indistinguishable from an access to the parameter without looking at the
location also. This has not been a problem so far, and if we want to
distinguish more clearly between initial values and accesses at some
point, we should do it for `ExplicitParameterNode` and
`UninitializedNode` too.
 2019-09-13 14:33:26 +02:00
Anders Schack-Mulligen
61e4e61087 C++: Adjust qltest expected output. 2019-09-12 11:00:49 +02:00
Jonas Jensen
d6fba0ef46 C++: Don't create partial defs for calls to const 
These partial defs don't do any harm, but they could hurt performance.
In typical C++ snapshots, between 5% and 20% of all calls are to `const`
functions.
 2019-09-10 09:49:16 +02:00
Jonas Jensen
fd3615d120 C++: Show that there are too many partial defs 2019-09-10 09:44:07 +02:00
Geoffrey White
4283a1508d Merge pull request #1870 from jbj/autoformat-all 
C++: Autoformat everything
 2019-09-09 16:05:32 +01:00
Geoffrey White
22e1715368 Merge pull request #1900 from jbj/dataflow-this-by-ref 
C++: Fix flow out of `this` by reference
 2019-09-09 11:15:32 +01:00
Jonas Jensen
4ef5c9af62 C++: Autoformat everything 
Some files that will change in #1736 have been spared.

    ./build -j4 target/jars/qlformat
    find ql/cpp/ql -name "*.ql"  -print0 | xargs -0 target/jars/qlformat --input
    find ql/cpp/ql -name "*.qll" -print0 | xargs -0 target/jars/qlformat --input
    (cd ql && git checkout 'cpp/ql/src/semmle/code/cpp/ir/implementation/**/*SSA*.qll')
    buildutils-internal/scripts/pr-checks/sync-identical-files.py --latest
 2019-09-09 11:25:53 +02:00
Jonas Jensen
ea3d066661 C++: Add D.cpp, ported from D.java 
The original port of the Java field-flow tests did not include this
file. It's added here for completeness, and the results are the same as
for Java.
 2019-09-09 10:45:06 +02:00
Jonas Jensen
10b69358ae C++: Fix flow from this by ref. 2019-09-09 10:36:58 +02:00
Jonas Jensen
08b63d4342 C++: Test to show lack of flow from this by ref. 
The `test_nonMemberSetA` also shows how the lack of flow through `&` is
a problem for non-member getters, but that's addressed on a separate
branch.
 2019-09-09 10:36:11 +02:00
Jonas Jensen
d51e5212fb Merge remote-tracking branch 'upstream/master' into dataflow-TTwo 
Conflicts:
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/test/library-tests/dataflow/fields/flow.expected
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
 2019-09-08 21:08:43 +02:00
Robert Marsh
94c625f03f Merge pull request #1777 from jbj/ast-field-flow-defbyref 
C++: Don't use definitionByReference for data flow
 2019-09-05 10:23:28 -07:00
Ian Lynagh
1d56407c72 C++: Pull some of library-tests/dataflow/dataflow-tests into clang.cpp 
g++ doesn't support this code:

    sorry, unimplemented: non-trivial designated initializers not supported
       twoIntFields sSwapped = { .m2 = source(), .m1 = 0 };

so we need to build it in clang mode.
 2019-09-05 15:12:17 +01:00
Jonas Jensen
114c2fe0d4 Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref 2019-09-05 09:33:45 +02:00
Jonas Jensen
8579d7d1cf C++: Tests for aliasing of nested structs 
This test shows that local pointers into structs do propagate data flow
like pass-by-reference does in calls.
 2019-09-04 10:26:49 +02:00
Jonas Jensen
0e54709d47 Merge pull request #1859 from geoffw0/qldocpartialdef 
CPP: Document PartialDefinitions
 2019-09-04 09:54:55 +02:00
Jonas Jensen
067c55adb9 C++: Fix ConditionDeclExpr data flow 
Data flow probably never worked when a variable declared in a
`ConditionDeclExpr` was modeled with `BlockVar`. That combination did
not come up in testing before the last commit.
 2019-09-04 09:33:00 +02:00
Nick Rolfe
641232a9d7 Merge pull request #1855 from mgrettondann/cpp-343-lambda-names-simplification 
C++: Update tests for lambda description changes
 2019-09-03 11:45:50 +01:00
Jonas Jensen
d7681bf122 C++: Don't use definitionByReference for data flow 
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
 2019-09-03 11:49:01 +02:00
Geoffrey White
84da3e3431 CPP: Effect of 'Support nested field flow'. 2019-09-03 09:27:50 +01:00
Geoffrey White
8105d153b1 CPP: Add a test of PartialDefinitions. 2019-09-03 09:27:50 +01:00
Jonas Jensen
d3a6ae5657 C++: Support nested field flow 
This is the C/C++ side of PR #1766.
 2019-09-03 08:50:15 +02:00
Matthew Gretton-Dann
03eb1ff785 C++: Update taint-tests for changed lambda support 2019-09-02 15:18:27 +01:00
Jonas Jensen
b1be123e31 C#/C++/Java: Prettier AccessPath.toString 
The `ppReprType` predicate should now be `none()` instead of `result=""`
to signal that there is nothing to print. That seems clearer to me.
 2019-09-02 13:14:20 +02:00
Jonas Jensen
9f0f2f7c04 C++: Accept test changes 2019-09-02 13:14:17 +02:00