hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

3353 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
d544f47746 C++: Simplify the definition of 'SemExpr' by instead making non-overflowing conversions copy value expressions. 2023-11-06 16:01:59 +00:00
Mathias Vorreiter Pedersen
31c2a3be98 C++: Don't redefine the meaning of the single-parameter 'isParameterDeref' and accept test changes. 2023-11-06 15:52:58 +00:00
Mathias Vorreiter Pedersen
ff30308a2b C++: Only the first indirection of the argument should be the remote flow sink. 2023-11-06 13:57:14 +00:00
Mathias Vorreiter Pedersen
cd2eec0aa0 C++: Also override the single-parameter 'isParameterDeref' in 'InParameterDeref'. 2023-11-06 13:23:31 +00:00
Mathias Vorreiter Pedersen
679d64f0e8 Merge pull request #14647 from microsoft/24-odbc-model-instantiation-upstream2 
C++: Adding a model implementation for ODBC.
 2023-11-02 19:42:27 +00:00
Benjamin Rodes
30a512c96b Formatting 2023-11-02 15:01:15 -04:00
Benjamin Rodes
f404d7a5f8 Changes to address pr comments. 2023-11-02 13:11:23 -04:00
Mathias Vorreiter Pedersen
392b2af923 C++: Only the second indirection of the argument should be the remote flow source. 2023-11-02 16:51:24 +00:00
Mathias Vorreiter Pedersen
b82dfa9a21 C++: Fix failing test by allocating 'TFunctionInput's and 'TFunctionOutput's for more indirections. Note that we now mark two output nodes coming out of 'getaddrinfo' as a remote flow source (the first indirection and the second indirection). We'll fix that in the next commit. 2023-11-02 16:45:50 +00:00
Anders Schack-Mulligen
8e9aa5b560 C++: Switch to shared modulus analysis. 2023-11-01 15:59:24 +01:00
Anders Schack-Mulligen
a7f3ef1a6c Rangeanalysis: Parameterise shared modulus analysis. 2023-11-01 15:59:24 +01:00
Anders Schack-Mulligen
8e2b17cd86 Rangeanalysis: Copy C++ ModulusAnalysis file verbatim. 2023-11-01 15:59:24 +01:00
Anders Schack-Mulligen
6d859daf3d Merge pull request #14656 from aschackmull/shared/range-utils 
Rangeanalysis: Share ssaRead predicate
 2023-11-01 15:57:52 +01:00
Mathias Vorreiter Pedersen
b54b5ae0a9 Merge pull request #14648 from MathiasVP/simplify-invalid-ptr-deref 
C++: Remove one use of range analysis in `cpp/invalid-pointer-deref`
 2023-11-01 14:42:20 +00:00
Anders Schack-Mulligen
048a7c4e42 Rangeanalysis: Rename SsaBound.getAVariable to getVariable. 2023-11-01 11:58:06 +01:00
Anders Schack-Mulligen
48291dd32d Rangeanalysis: Remove superfluous ignoreZeroLowerBound. 2023-11-01 11:51:46 +01:00
Mathias Vorreiter Pedersen
9736936e54 Merge pull request #14635 from MathiasVP/assign-pointer-add-and-sub-is-not-bitwise 2023-11-01 00:40:39 +01:00
Mathias Vorreiter Pedersen
6e385cabd8 C++: Add change note. 2023-10-31 19:16:36 +00:00
Mathias Vorreiter Pedersen
b79a5fee14 Merge pull request #14637 from MathiasVP/dataflow-for-realloc 
C++: Add a taint model for `realloc`
 2023-10-31 18:24:04 +01:00
Benjamin Rodes
18c8d90a1a Adding a model implementation for ODBC. 
(cherry picked from commit 04147f8d91cdf018ec03cbfdb953253e23687944)
 2023-10-31 08:52:05 -07:00
Anders Schack-Mulligen
34b9791e46 Rangeanalysis: Remove superfluous ignoreSsaReadCopy. 2023-10-31 15:32:25 +01:00
Anders Schack-Mulligen
322e6c91be Rangeanalysis: Remove superfluous specificSsaRead. 2023-10-31 15:30:36 +01:00
Anders Schack-Mulligen
8b6c940e76 Rangeanalysis: Remove superfluous ignoreSsaReadAssignment. 2023-10-31 15:28:37 +01:00
Anders Schack-Mulligen
6d6f89e71e Rangeanalysis: Remove superfluous ignoreSsaReadArithmeticExpr. 2023-10-31 15:25:28 +01:00
Anders Schack-Mulligen
a39a94ca8e Rangeanalysis: Switch to shared ssaRead predicate. 2023-10-31 15:23:05 +01:00
Anders Schack-Mulligen
19644a8f07 Rangeanalysis: Implement shared ssaRead predicate 2023-10-31 15:07:11 +01:00
Mathias Vorreiter Pedersen
4a1bf95a87 C++: Expose a public memset model and use it in the exposure queries. 2023-10-31 11:17:51 +00:00
Chris Smowton
79e1aa0498 Merge pull request #14634 from github/post-release-prep/codeql-cli-2.15.2 
Post-release preparation for codeql-cli-2.15.2
 2023-10-31 10:24:53 +00:00
Mathias Vorreiter Pedersen
65081a9a1f C++: Add change note. 2023-10-30 17:11:44 +00:00
Mathias Vorreiter Pedersen
08b528b5c4 C++: Add a taint-model for 'realloc' and accept test changes. 2023-10-30 17:08:01 +00:00
Mathias Vorreiter Pedersen
efe064284b C++: Add up and downgrade scripts. 2023-10-30 16:07:57 +00:00
Mathias Vorreiter Pedersen
86fe5b47db C++: Remove 'assignpaddexpr' and 'assignpsubexpr' from the 'assign_bitwise_expr' type. 2023-10-30 16:06:53 +00:00
github-actions[bot]
2b939fdf08 Post-release preparation for codeql-cli-2.15.2 2023-10-30 16:06:51 +00:00
Mathias Vorreiter Pedersen
375f0ea8b6 C++: Update documentation. 2023-10-30 15:57:30 +00:00
Mathias Vorreiter Pedersen
1e699ec0e5 C++: Simplify 'InvalidPointerToDereference.qll' now that the difference between 'derefSource' and 'pai' is always 0. 2023-10-30 15:53:48 +00:00
Mathias Vorreiter Pedersen
c8edf3151b C++: Remove the use of range analysis in 'invalidPointerToDerefSource'. 2023-10-30 15:47:47 +00:00
Mathias Vorreiter Pedersen
535d1e2565 C++: Define indirect instructions (and operands) using a 'Node0Impl' column instead of an instruction (or operand). 2023-10-30 11:54:24 +00:00
github-actions[bot]
4641990021 Release preparation for version 2.15.2 2023-10-30 11:05:53 +00:00
Mathias Vorreiter Pedersen
33494fe9e1 C++: Extend the taint model and accept test changes. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen
8bf8888c24 C++: Simplify 'parameterNeverEscapes' and add a comment. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen
43e8b900bf C++: Fix 'strtol' model. 2023-10-27 14:59:11 +01:00
Mathias Vorreiter Pedersen
30ecb4b0c8 Merge pull request #14588 from aschackmull/shared/rangeanalysis 
C++/Java: Share core range analysis
 2023-10-26 16:32:46 +01:00
Jeroen Ketema
64004926bc C++: Use a more declarative predicate name 2023-10-26 12:07:19 +02:00
Jeroen Ketema
903f376620 C++: Define an extractor version table and use in IR generation 2023-10-26 12:07:19 +02:00
Jeroen Ketema
990d7161b2 Merge pull request #14337 from aschackmull/cpp/container-not-locatable 
C++: Remove getLocation from Container.
 2023-10-25 15:37:57 +02:00
Anders Schack-Mulligen
283d6efdf8 Rangeanalysis/Java/C++: Address some ql4ql findings. 2023-10-25 14:06:35 +02:00
Jeroen Ketema
75a1173d63 C++: Add change note 2023-10-25 14:05:38 +02:00
Jeroen Ketema
dc512728fa C++: Make File extend Locatable 2023-10-25 14:05:38 +02:00
Jeroen Ketema
4ea5c13390 C++: Add back getLocation in File 2023-10-25 14:05:38 +02:00
Anders Schack-Mulligen
7124a53c9c C++: Remove getLocation from Container. 2023-10-25 14:05:38 +02:00