hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,334 Commits 1,671 Branches 157 Tags
ginsbach/OverlayLocalJava
Commit Graph

5486 Commits

Author SHA1 Message Date
Geoffrey White
69533a7fd3 CPP: Clean up duplication in Adding365DaysPerYear.ql. 2019-06-24 15:18:29 +01:00
Geoffrey White
7fca220eda CPP: Fix UncheckedLeapYearAfterYearModification FPs. 2019-06-24 11:21:48 +01:00
Geoffrey White
cff3f9bdaf CPP: Add another test case based on a real world case. 2019-06-21 17:43:17 +01:00
Geoffrey White
b1f6294083 CPP: Add a test case where a date is created. 2019-06-21 14:32:44 +01:00
Geoffrey White
09b33bc1a7 CPP: Adjust file name case for consistency. 2019-06-21 12:53:04 +01:00
Geoffrey White
1a7269b206 CPP: Rename the test subdirectories. 2019-06-21 12:51:25 +01:00
Jonas Jensen
cace411974 C++: NonConstantFormat taint only for string types 
To speed up the taint analysis in `NonConstantFormat.ql` and to remove
FPs that were due to taint spreading from `i` to `a[i]`, this commit
stops the taint tracking in `NonConstantFormat.ql` at every node that
could not possibly contain a string.

I tested performance on Wireshark, and it's fine. Pulling out the
`isSanitizerNode` prevented `isSanitizer` from turning into four
half-slow RA predicates due to both CPE and `#antijoin_rhs`
transformations happening.
 2019-06-20 15:39:47 +02:00
Jonas Jensen
e99c68885c C++: Demonstrate ArrayExpr FP 2019-06-20 14:00:42 +02:00
Jonas Jensen
ad337de6ce Merge branch 'master' into taintedallocfp 2019-06-19 15:35:09 +02:00
Jonas Jensen
53d4b2dfc9 Merge pull request #1365 from geoffw0/uninit 
CPP: Fix for the 'LoopConditionAlwaysTrueUponEntry' logic
 2019-06-19 11:01:57 +02:00
Geoffrey White
ef3ceb5910 CPP: Don't use getFollowingStmt. 2019-06-18 15:56:22 +01:00
Geoffrey White
536adaae7f CPP: Additional test cases. 2019-06-18 15:56:22 +01:00
Geoffrey White
52b68a77bd CPP: Remove commented out code. 2019-06-18 15:56:22 +01:00
Geoffrey White
56adcff2c9 CPP: Fix for LocalScopeReachability. 2019-06-18 15:56:22 +01:00
Geoffrey White
f4b4ddbdaf CPP: Add a test examining the LoopEntryConditionEvaluator on this code. 2019-06-18 15:56:22 +01:00
Geoffrey White
12bbb0755f CPP: Additional test cases. 2019-06-18 15:56:22 +01:00
Geoffrey White
83ec5f1ae9 Merge pull request #1354 from denislevin/denisl/cpp/MishandlingJapaneseDatesAndLeapYear 
C++: Mishandling Japanese Era and Leap Year in calculations
 2019-06-18 09:26:35 +01:00
Denis Levin
7ff8fcd50e Some more typo fixes and a fix to test files 2019-06-13 17:16:30 -07:00
Ziemowit Laski
88a39d9454 [CPP-370] Fix up // GOOD and // BAD test annotations so that they're consistent. 2019-06-12 12:56:11 -07:00
Ziemowit Laski
0f5a4a7089 [CPP-370] Improve handling of _ macros by using taint sanitizers. 2019-06-10 15:50:53 -07:00
Geoffrey White
a842ed56cf CPP: Integrate and produce full results. 2019-06-10 15:33:12 +01:00
Geoffrey White
e143870b65 CPP: Pavel's sketch implementation. 2019-06-10 15:33:12 +01:00
Geoffrey White
2f36d81137 CPP: Add cases for fields. 2019-06-10 15:07:52 +01:00
Geoffrey White
d3f98a5a74 CPP: Create a direct test of Variable.getAnAssignedValue(). 2019-06-10 14:33:14 +01:00
Geoffrey White
3deff9c578 CPP: Fix in dataflow. 2019-06-10 12:01:14 +01:00
Geoffrey White
d51f870053 CPP: Add test cases. 2019-06-10 12:01:13 +01:00
Ian Lynagh
03f555dda5 C++: Update test output following QLCFG changes 2019-06-07 14:00:52 +01:00
Ziemowit Laski
8f79cdb1fb [CPP-370] Add an additional test case. 2019-06-04 16:19:01 -07:00
Ziemowit Laski
d86557cfcb Adjust .expected output. 2019-06-04 12:57:43 -07:00
zlaski-semmle
51e543a41d Merge branch 'master' into zlaski/cpp370 2019-06-04 09:47:30 -07:00
semmle-qlci
79406f8387 Merge pull request #987 from rdmarsh2/rdmarsh/cpp/ir-asm-stmt 
Approved by dave-bartolomeo
 2019-06-03 07:03:28 +01:00
Robert Marsh
4371d02a1f C++: accept SignAnalysis.expected 2019-05-31 13:35:05 -07:00
Robert Marsh
5dd8c9cd4e C++: revert InlineAsm subclassing SideEffectOpcode 2019-05-31 13:28:26 -07:00
Robert Marsh
2770b2a9b9 C++: respond to PR comments 2019-05-31 13:19:40 -07:00
Robert Marsh
98d6f5919f C++: Treat asmStmt operands as input/output in IR 2019-05-31 12:51:44 -07:00
Robert Marsh
66d1efdb97 C++: respond to PR comments 2019-05-31 12:42:04 -07:00
Robert Marsh
23560436a7 C++: add minimal AsmStmt support to IR 2019-05-31 12:29:19 -07:00
semmle-qlci
3851261230 Merge pull request #1378 from jbj/hasQualifiedName-inline-namespace 
Approved by dave-bartolomeo
 2019-05-31 19:39:42 +01:00
semmle-qlci
d741e0b20c Merge pull request #1382 from jbj/redundant-null-check-gvn 
Approved by dave-bartolomeo
 2019-05-31 16:28:01 +01:00
Jonas Jensen
a61aec9e63 C++: Fix ValueNumbering for CopyInstruction 
Querying for overlap type wasn't possible when this library was first
written. This change fixes FPs in `RedundantNullCheckSimple.ql` on
Wireshark and other real-world projects.
 2019-05-30 09:42:46 +02:00
Jonas Jensen
120df6054b C++: Demonstrate a FP due to GVN 2019-05-30 09:41:42 +02:00
Jonas Jensen
2e7daf2308 C++: Use GVN in RedundantNullCheckSimple 2019-05-30 09:41:42 +02:00
Dave Bartolomeo
aff85c5b24 C++: IR support for range-based for loops 
IR construction was missing support for C++ 11 range-based `for` loops. The extractor generates ASTs for the compiler-generated implementation already, so I had enough information to generate IR. I've expanded on some of the predicates in `RangeBasedForStmt` to access the desugared information.

One complication was that the `DeclStmt`s for the compiler-generated variables seem to have results for `getDeclaration()` but not for `getDeclarationEntry()`. This required handling these slightly differently than we do for other `DeclStmt`s.

The flow for range-based `for` is actually easier than for a regular `for`, because all three components (init, condition, and update) are always present.
 2019-05-29 14:40:29 -07:00
Jonas Jensen
df4c57648c C++: Support inline namespaces in hasQualifiedName 2019-05-29 15:22:42 +02:00
Jonas Jensen
4bb65fddf7 C++: Test that hasQualifiedName/3 ignores inline 2019-05-29 15:22:42 +02:00
Geoffrey White
34444ace8b CPP: Update the query name and description. 2019-05-29 10:35:49 +01:00
Geoffrey White
9da2ead1f7 CPP: Remove redundant tests. 2019-05-29 10:35:49 +01:00
Geoffrey White
fc5e7e5e91 CPP: Test the new query. 2019-05-29 10:35:48 +01:00
Geoffrey White
88f363d564 CPP: Update the ql, qhelp and example. 2019-05-29 10:35:48 +01:00
Geoffrey White
574a1d8501 Merge pull request #1037 from kevinbackhouse/RangeAnalysisAssignAddOverflow 
Better overflow detection for AssignAdd/AssignSub
 2019-05-29 09:54:06 +01:00