hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

5486 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
204acbacc5 C++: Add a new query for detecting calls to 'c_str' on temporary objects. 2023-11-28 09:06:24 +00:00
Jeroen Ketema
c02a732632 C++: Remove DefaultTaintTracking library 2023-11-24 18:35:19 +01:00
Alex Eyers-Taylor
1c012548d4 CPP: Add tests for incorrect check scanf 2023-11-24 16:58:11 +00:00
Alex Eyers-Taylor
12e24a2b44 CPP: Exclude incorrect scanf checks from missing scanf checks 2023-11-24 16:57:59 +00:00
Jeroen Ketema
ee35bfb290 C++: Do not use isReturnValue in getenv, gets, and fgets models 2023-11-24 16:38:15 +01:00
Alex Eyers-Taylor
f48e8b6062 CPP: Add query for detecteing incorrect error checking for scanf 2023-11-24 14:53:10 +00:00
Mathias Vorreiter Pedersen
e438671846 Merge pull request #14896 from MathiasVP/no-dtt-in-user-controlled-bypass 
C++: Rewrite `cpp/user-controlled-bypass` away from `DefaultTaintTracking`
 2023-11-24 14:43:10 +00:00
Mathias Vorreiter Pedersen
6b48b3643e Merge branch 'main' into no-dtt-in-user-controlled-bypass 2023-11-24 12:50:45 +00:00
Mathias Vorreiter Pedersen
2681617f28 C++: Undo the workaround in 'cpp/tainted-permissions-check'. 2023-11-24 10:56:11 +00:00
Mathias Vorreiter Pedersen
5604fd7d80 C++: Rewrite 'cpp/user-controlled-bypass' away from 'DefaultTaintTracking'. 2023-11-23 17:35:54 +00:00
Mathias Vorreiter Pedersen
97319854e2 C++: Accept test changes. 2023-11-23 16:53:57 +00:00
Mathias Vorreiter Pedersen
98bf748e64 C++: Accept test changes. 2023-11-23 16:53:57 +00:00
Mathias Vorreiter Pedersen
257d94be20 Merge pull request #14886 from jketema/rewrite-tainted-condition 
C++: Rewrite `cpp/tainted-permissions-check` to not use `DefaultTaintTracking`
 2023-11-23 16:18:03 +00:00
Mathias Vorreiter Pedersen
149fb7bbc2 Merge pull request #14881 from MathiasVP/no-dtt-in-user-controlled-null-termination-tainted 
C++: Rewrite `cpp/user-controlled-null-termination-tainted` away from `DefaultTaintTracking`
 2023-11-23 14:41:33 +00:00
Mathias Vorreiter Pedersen
401a378598 C++: Accept test changes. 2023-11-23 14:12:16 +00:00
Jeroen Ketema
7834626e26 C++: Rewrite cpp/tainted-permissions-check to not use DefaultTaintTracking 2023-11-23 14:52:53 +01:00
Jeroen Ketema
1fbe23228e C++: Update test to reflect updated test results 2023-11-22 16:49:13 +01:00
Jeroen Ketema
bb1945f899 C++: Rewrite cpp/tainted-format-string away from DefaultTaintTracking 2023-11-22 16:49:13 +01:00
Mathias Vorreiter Pedersen
640e2f56d5 C++: Accept test changes. 2023-11-22 15:43:24 +00:00
Mathias Vorreiter Pedersen
a80dbc5200 C++: Accept test changes. 2023-11-21 17:50:11 +00:00
Mathias Vorreiter Pedersen
dcba8e5408 C++: Fix global variable flow for array types. 2023-11-20 12:15:55 +00:00
Mathias Vorreiter Pedersen
8039e117ba C++: Add more global-variable flow tests. 2023-11-20 12:15:52 +00:00
Mathias Vorreiter Pedersen
a10f94af81 Merge pull request #14810 from MathiasVP/fix-ref-deref-duplication 
C++: Fix dataflow duplication from `ReferenceDereference` expressions
 2023-11-16 16:10:07 +00:00
Mathias Vorreiter Pedersen
c5d2866948 Merge pull request #14812 from MathiasVP/no-dtt-in-Integer-overflow-tainted 
C++: Convert `cpp/integer-overflow-tainted` away from DefaultTaintTracking
 2023-11-16 15:24:13 +00:00
Mathias Vorreiter Pedersen
da2215e7e5 C++: Accept test changes. 2023-11-16 13:54:13 +00:00
Mathias Vorreiter Pedersen
30f0b8ab2b Merge pull request #14808 from jketema/jketema/del-fmt-global 
C++: Delete `cpp/tainted-format-string-through-global`
 2023-11-16 13:44:21 +00:00
Mathias Vorreiter Pedersen
5a7cb8f25a C++: Fix duplication on reference dereference expressions. 2023-11-16 10:52:35 +00:00
Mathias Vorreiter Pedersen
799873113f C++: Add a test that demonstrates reference dereference duplication. 2023-11-16 10:52:14 +00:00
Mathias Vorreiter Pedersen
f8feb84958 C++: Accept test changes from refactoring QL files. 2023-11-16 10:52:10 +00:00
Mathias Vorreiter Pedersen
6a1504b91c C++: Slightly refactor test QL files so that we can add a test which tests the nodes being selected. 2023-11-16 10:50:56 +00:00
Jeroen Ketema
afe318edbe C++: Delete cpp/tainted-format-string-through-global 2023-11-16 10:52:05 +01:00
Mathias Vorreiter Pedersen
4d4ca6b948 Merge pull request #14794 from MathiasVP/catch-more-return-stack-allocated-memory 
C++: Catch more returns of stack-allocated memory
 2023-11-15 19:23:24 +00:00
Jeroen Ketema
46e6e72593 C++: Address review comments 2023-11-15 14:57:53 +01:00
Jeroen Ketema
92c18960c5 C++: Rewrite cpp/uncontrolled-process-operation to not use DefaultTaintTracking 2023-11-15 14:57:53 +01:00
Mathias Vorreiter Pedersen
2b8b5cf1b8 C++: Accept test changes. 2023-11-15 11:52:14 +00:00
Mathias Vorreiter Pedersen
118d50236f C++: Add failing tests. 2023-11-15 11:48:37 +00:00
Mathias Vorreiter Pedersen
1623bba18a Merge branch 'main' into no-dtt-in-tainted-arithmetic 2023-11-14 13:35:15 +00:00
Mathias Vorreiter Pedersen
c950e26b3e C++: Rewrite 'cpp/cpp/tainted-arithmetic' away from DefaultTaintTracking. 2023-11-14 12:19:12 +00:00
Mathias Vorreiter Pedersen
967bbbc1a7 C++: Block flow out of sinks that are qualifiers. This removes the new result duplication and keeps the new result. 2023-11-14 09:29:47 +00:00
Mathias Vorreiter Pedersen
c73e6f1fa8 C++: Accept more test changes. 2023-11-13 16:51:07 +00:00
Mathias Vorreiter Pedersen
9aafbfce13 C++: Fix test annotation. 2023-11-13 16:17:18 +00:00
Mathias Vorreiter Pedersen
cc6268339b C++: Fix failing test and accept test cases. 2023-11-13 15:57:22 +00:00
Mathias Vorreiter Pedersen
834b07e6ad C++: Add failing tests. 2023-11-13 15:54:41 +00:00
Mathias Vorreiter Pedersen
eb263e747f C++: Make sure the test terminates. 2023-11-13 15:25:48 +00:00
Mathias Vorreiter Pedersen
bc576f658e C++: Add a test that fails because of a non-terminating test that dominates this one. 2023-11-13 15:24:56 +00:00
Anders Schack-Mulligen
bf6cfd3bef Rangeanalysis: Simplify api. 2023-11-13 10:35:44 +01:00
Mathias Vorreiter Pedersen
18c0bcec0b Merge pull request #14669 from MathiasVP/no-dtt-in-unbounded-write 
C++: Rewrite `cpp/unbounded-write` away from `DefaultTaintTracking`
 2023-11-10 15:08:42 +00:00
Mathias Vorreiter Pedersen
2ceb4cffbc Merge pull request #14736 from MathiasVP/fix-global-indirect-flow 
C++: Fix indirect global-variable flow
 2023-11-10 14:25:23 +00:00
Jeroen Ketema
ba51b65d84 C++: Fix hasRemoteFlowSource for fgets 
Also add the test that exposed this. Note that the test would only have started
failing after `cpp/uncontrolled-process-operation` with the rewrite of the
query away from default taint tracking, which has not happened yet.
 2023-11-10 11:56:23 +01:00
Mathias Vorreiter Pedersen
39b9d2ea83 C++: Accept test changes. 2023-11-09 20:28:55 +00:00