hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,347 Commits 1,672 Branches 157 Tags
hmac/command-injection-from-library-inputs
Commit Graph

5325 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
c32f72063f C++: Add path sensitivity to StackVariableReachability. 2021-06-14 21:59:13 +02:00
Geoffrey White
e71264d1d2 C++: Lines of user code query. 2021-06-14 16:03:16 +01:00
Jonas Jensen
e23b88b7f1 Merge pull request #6052 from jsinglet/jsinglet/stdtypes 
Implementation of standard C/C++ fixed width, minimum width, and maximum width types
 2021-06-11 17:03:01 +02:00
John L. Singleton
8c6c011be2 Formatting fixes, comment moving. 2021-06-11 10:17:05 -04:00
John L. Singleton
cd61fb4753 this should be abstract 2021-06-10 19:54:58 -04:00
John L. Singleton
2a01324172 more maintainable pattern for class abstractions 2021-06-10 17:09:32 -04:00
Calum Grant
a594afb828 Add security-severity metadata 2021-06-10 20:11:08 +01:00
John L. Singleton
bd7c416356 comment change 2021-06-10 11:21:11 -04:00
John L. Singleton
0d3f53b013 Changes to structure per feedback of @jbj 2021-06-10 11:16:58 -04:00
John L. Singleton
f174d7a0e0 Comment changes 2021-06-10 09:52:22 -04:00
John L. Singleton
14c419a75f autoformatting 2021-06-10 09:39:43 -04:00
John L. Singleton
28e2cdb54e adding standard C/C++ fixed width, minimum width, and maximum width types 2021-06-09 16:12:58 -04:00
Mathias Vorreiter Pedersen
879bfbbd4e C++: Match the join order from before #5522. 2021-06-09 15:02:31 +02:00
Mathias Vorreiter Pedersen
8fb15666ee Merge pull request #6041 from geoffw0/uncontrolled-allocation-size 
C++: Add CWE-789 tag to cpp/uncontrolled-allocation-size.
 2021-06-08 17:44:02 +02:00
Geoffrey White
32545a1346 C++: Add CWE-789 tag to cpp/uncontrolled-allocation-size. 2021-06-08 10:59:03 +01:00
Mathias Vorreiter Pedersen
025043afca Merge pull request #6010 from geoffw0/charloc 
C++: Test and fix maxCols / charLoc
 2021-06-08 11:15:04 +02:00
Geoffrey White
6f05fd4839 C++: Autoformat. 2021-06-07 11:01:00 +01:00
Dave Bartolomeo
e276e2684e Merge pull request #5986 from MathiasVP/side-effects-for-nonconst-smart-pointers 
C++: Fix `hasDefaultSideEffect` for non-const smart pointers
 2021-06-04 13:57:44 -04:00
Mathias Vorreiter Pedersen
27586d77f8 C++: Copy isDeeplyConst{Below} into SideEffects and modify it so that it works for smart pointers. 2021-06-04 18:46:52 +02:00
Geoffrey White
3c6a1f165b Update cpp/ql/src/semmle/code/cpp/Location.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-06-04 16:19:11 +01:00
Geoffrey White
b24dc810c9 C++: Combine results from cpp/weak-cryptographic-algorithm that are in the same file. 2021-06-04 14:04:02 +01:00
Geoffrey White
a93246d28b C++: Fix maxCols. 2021-06-04 13:05:13 +01:00
Jonas Jensen
7282ad90d0 Merge pull request #5854 from dbartol/dbartol/smart-pointers/side-effects 
C++: Generate side effect instructions for smart pointer indirections
 2021-06-01 16:57:05 +02:00
Dave Bartolomeo
da14647e5a Merge pull request #5522 from github/rdmarsh2/cpp/ssa-reuse 
C++: reuse unaliased SSA results when computing aliased SSA
 2021-06-01 10:17:54 -04:00
Anders Schack-Mulligen
ce509eb7e1 Merge pull request #5927 from aschackmull/dataflow/flowthrough-dispatch-perf 
Dataflow: Improve performance in flow-through pruning
 2021-06-01 11:46:22 +02:00
Anders Schack-Mulligen
5d21c64247 Dataflow: qldoc fix. 2021-06-01 10:49:47 +02:00
Jonas Jensen
2261085cfe Merge pull request #5973 from MathiasVP/more-uncontrolled-arith-improvements 
C++: More `cpp/uncontrolled-arithmetic` improvements
 2021-06-01 10:44:29 +02:00
Anders Schack-Mulligen
4f9a6c151b Dataflow: Code review fixes. 2021-06-01 10:29:17 +02:00
Mathias Vorreiter Pedersen
8765c33847 C++: Also check the number of parameters to keep the tests happy. 2021-06-01 10:17:57 +02:00
Mathias Vorreiter Pedersen
615c805b2c C++: Only use std::rand as a source of randomness. 2021-06-01 09:28:06 +02:00
Mathias Vorreiter Pedersen
41c93d92d7 C++: Remove FPs from right shifts and explicitly bounded random functions. 2021-05-31 15:40:02 +02:00
Anders Schack-Mulligen
683f853fa5 Dataflow: Fix another bad join order. 2021-05-31 15:14:13 +02:00
Mathias Vorreiter Pedersen
6d7b95c15d Merge pull request #5966 from erik-krogh/overrideConsistency 
CPP/C#: make some parameter names consistent with the names used in the super class
 2021-05-31 11:57:10 +02:00
Jonas Jensen
4e502d10d6 Merge pull request #5951 from MathiasVP/optimize-switcCase-getAStmt 
C++: Remove large antijoin in `SwitchCase.getAStmt`
 2021-05-31 11:50:32 +02:00
Mathias Vorreiter Pedersen
b4e4c12d0f C++: Use a rank aggregate for a much better implementation. 2021-05-31 11:17:09 +02:00
Jonas Jensen
f97b8ad1d4 Merge pull request #5961 from MathiasVP/fix-FPs-in-incorrect-allocation-error-handling 
C++: Exclude custom `operator new` from `cpp/incorrect-allocation-error-handling`
 2021-05-31 10:54:59 +02:00
Mathias Vorreiter Pedersen
66d284ee59 Merge pull request #5766 from ihsinme/ihsinme-patch-267 
CPP: Add query for CWE-415 Double Free
 2021-05-31 10:51:32 +02:00
Mathias Vorreiter Pedersen
175fdbb105 C++: Replace exists(not ...) with not exists(...). 2021-05-31 09:54:24 +02:00
Mathias Vorreiter Pedersen
64975e5c1e Merge pull request #5842 from japroc/cpp-pqxx-sqli-sink 
C++: SqlPqxxTainted query searches for sql injections via pqxx connector to postgres
 2021-05-28 17:01:27 +02:00
Erik Krogh Kristensen
b947334eea CPP: make some parameter names consistent with the names used in the super class 2021-05-28 16:48:47 +02:00
Erik Krogh Kristensen
79989cc3f4 CPP/Java: Fix getAPrimaryQlClass implementations 2021-05-27 21:36:27 +02:00
Mathias Vorreiter Pedersen
4107e350cb C++: Add qldoc to NoThrowType. 2021-05-27 11:39:03 +02:00
Mathias Vorreiter Pedersen
71a860a356 C++: Exclude custom operator new allocators from the ThrowingAllocator class. 2021-05-27 11:23:11 +02:00
Evgenii Protsenko
efa657d47c C++: SqlPqxxTainted.ql Add namespace check 2021-05-27 00:13:54 +03:00
Ian Lynagh
f9ede97fcd C++: Update the ReturnValueIgnored.qhelp docs to match the code 2021-05-26 17:38:49 +01:00
ihsinme
9088475339 Update DoubleFree.qhelp 2021-05-26 09:44:03 +03:00
ihsinme
fbf95df537 Update DoubleFree.c 2021-05-26 09:27:20 +03:00
ihsinme
7c2100efd9 Apply suggestions from code review 
thanks for your corrections.
and of course sorry for my text.

Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-05-26 09:15:46 +03:00
Evgenii Protsenko
55045626df C++: SqlPqxxTainted.ql style fixes 2021-05-25 22:38:27 +03:00
Mathias Vorreiter Pedersen
b2bdf95a9d C++: Remove large antijoin in SwitchCase.getAStmt(). 2021-05-25 17:25:42 +02:00