hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,186 Commits 1,672 Branches 157 Tags
mathiasvp/read-step-without-memory-operands
Commit Graph

3528 Commits

Author SHA1 Message Date
Jonas Jensen
469bdae9b2 C++: More helpful toString for def. by ref. node 2020-04-03 16:37:23 +02:00
Jonas Jensen
36da2d1dae C++: Manipulate the source end of paths too 
Without this, we get duplicate alerts in some cases and
unnatural-looking source nodes in other cases. The source nodes were
often `Conversion`s.
 2020-04-03 16:37:23 +02:00
Jonas Jensen
e916f07a8e C++: Formatting fixups 2020-04-03 15:52:13 +02:00
Jonas Jensen
427815d3d1 C++: taintedWithPath QLDoc + simplification 2020-04-03 15:52:13 +02:00
Jonas Jensen
3653627650 C++: Let configuration class extend singleton 2020-04-03 15:52:13 +02:00
Jonas Jensen
16c7a35b1c Merge pull request #3195 from geoffw0/taintstring 
C++: Model taint flow through std::string constructor and c_str()
 2020-04-03 12:05:07 +02:00
Geoffrey White
73bfd819d9 C++: Rename classes. 2020-04-03 09:23:31 +01:00
Geoffrey White
1bcf187c3e C++: Rename Strings.qll -> StdString.qll. 2020-04-03 09:17:33 +01:00
Mathias Vorreiter Pedersen
0b12c1519b C++/C#: Sync identical files 2020-04-03 10:06:37 +02:00
Mathias Vorreiter Pedersen
0f70944a5b C++: Move ValueNumberPropertyProvider into its own file to prevent accidental imports 2020-04-03 09:55:41 +02:00
Robert Marsh
a8e191248e Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Merge IR SSA test additions
 2020-04-02 15:30:20 -07:00
Robert Marsh
fd915bb5b1 C++: fix join order in IR virtual dispatch 2020-04-02 14:56:11 -07:00
Geoffrey White
c9ec30fa2a C++: Update use of deprecated methods. 2020-04-02 19:49:42 +01:00
Geoffrey White
e9132d833c C++: Autoformat. 2020-04-02 19:49:42 +01:00
Geoffrey White
73171682b7 C++: Switch to taint flow as suggested in the old PR. 2020-04-02 19:49:41 +01:00
Geoffrey White
b14b52d0ac C++: Add models for std::string (as in old PR). 2020-04-02 19:49:41 +01:00
Mathias Vorreiter Pedersen
ce5d8d516f Merge branch 'master' into ir-flow-fields 2020-04-02 15:23:00 +02:00
Mathias Vorreiter Pedersen
e2908eaf63 C++: Add comment explaining why we can split call and allocation side effects 2020-04-02 15:11:13 +02:00
Mathias Vorreiter Pedersen
a273917e51 Merge branch 'master' into init-dynamic-alloc-newexpr 2020-04-02 14:11:03 +02:00
Jonas Jensen
4825774ce2 Merge pull request #3173 from geoffw0/opnew 
C++: Support operator new and operator delete in models library
 2020-04-02 14:01:10 +02:00
Mathias Vorreiter Pedersen
dda3aaa8aa C++: Add QLDoc to public classes and predicates 2020-04-02 14:00:33 +02:00
Geoffrey White
ead5feb921 C++: Autoformat. 2020-04-02 09:50:14 +01:00
Mathias Vorreiter Pedersen
020c273dc9 Merge branch 'master' into ir-flow-fields 2020-04-02 10:45:58 +02:00
Mathias Vorreiter Pedersen
8fdc4b037a C++: Ensure that no call side effect is an allocation side effect 2020-04-02 07:30:56 +02:00
Robert Marsh
a061811939 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Pick up new test for user-defined swap functions
 2020-04-01 17:32:55 -07:00
Jonas Jensen
207c76b855 C++: Path explanations in DefaultTaintTracking 
The first three queries are migrated to use path explanations.
 2020-04-01 20:51:05 +02:00
Jonas Jensen
b07380d2eb C++: Update ppReprType for C++ IR dataflow 
I forgot to do this in b1be123e31. Without this change, we suffix
` : void` on very step of an IR path explanation.
 2020-04-01 20:19:00 +02:00
Geoffrey White
6b5f4d9e12 Merge branch 'master' into av114 2020-04-01 18:23:21 +01:00
Geoffrey White
d71098d178 Merge branch 'master' into opnew 2020-04-01 15:00:26 +01:00
Jonas Jensen
9a55d42639 C++: QLDoc in DefaultTaintTracking 
These docs are mostly copied and adapted from
`DefaultTaintTrackingImpl.qll`.
 2020-04-01 15:30:31 +02:00
Geoffrey White
119d4a40a0 C++: Fix unintended consequence in IR. 2020-04-01 14:29:28 +01:00
Mathias Vorreiter Pedersen
fa7dc32dee C++: Remove dependency on implementation of models in TranslatedCall 2020-04-01 14:46:52 +02:00
Tom Hvitved
42e180d6c4 Merge pull request #3060 from aschackmull/dataflow/no-param-to-same-param-flow 
Dataflow: Exclude param-param flow through with identical params.
 2020-04-01 09:42:12 +02:00
Robert Marsh
25f3f67c4a Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Fixes test conflicts and reveals a bug in parameter handling
 2020-03-31 12:54:00 -07:00
Geoffrey White
f430cf9d18 C++: Use hasGlobalName. 2020-03-31 18:11:09 +01:00
Mathias Vorreiter Pedersen
291df97cd9 C++: Also add InitializeDynamicAllocation instruction for NewArrayExpr 2020-03-31 17:06:19 +02:00
Geoffrey White
aa13257c1b C++: Correct QLDoc. 2020-03-31 14:37:54 +01:00
Mathias Vorreiter Pedersen
bd89ee13d1 C++: Add InitializeDynamicAllocation instruction to NewExpr and NewArrayExpr 2020-03-31 13:56:32 +02:00
Geoffrey White
18e60fabaf C++: Model operator delete and operator delete[]. 2020-03-31 12:55:44 +01:00
Jonas Jensen
7b7ff1fb3a Merge pull request #3089 from geoffw0/sideeffect 
CPP: Add side effect models for strcpy and strcat.
 2020-03-31 12:11:04 +02:00
Geoffrey White
254c877d0a C++: Deduplicate AllocationExprs. 2020-03-31 11:05:50 +01:00
Geoffrey White
259f714d91 C++: Model operator new and operator new[]. 2020-03-31 11:02:52 +01:00
Jonas Jensen
dd322be238 C++: Remove noise from argHasPostUpdate check 
This consistency check seems to have value for AST data flow, but I've
disabled it on the IR for now.

This commit also includes two unrelated changes that seem to fix a
semantic merge conflict.
 2020-03-30 15:51:11 +02:00
Geoffrey White
6d6ad4a0ae Merge branch 'master' into sideeffect 2020-03-30 14:16:23 +01:00
Tom Hvitved
9fa9c10361 Merge pull request #2921 from aschackmull/dataflow/consistency-checks 
Java: Add data-flow consistency checks.
 2020-03-30 12:47:41 +02:00
Anders Schack-Mulligen
caf0d1528f Merge pull request #3155 from max-schaefer/add-module-comment 
Data flow: Add module doc comment for `TaintTrackingImpl.qll`
 2020-03-30 12:07:08 +02:00
Max Schaefer
e5e94e3357 Data flow: Add module doc comment for TaintTrackingImpl.qll 
Modelled after the correponding comment for `DataFlowImpl.qll`.
 2020-03-30 10:35:47 +01:00
Dave Bartolomeo
6b24e3c8be C++: Fix formatting 2020-03-29 08:18:05 -04:00
Mathias Vorreiter Pedersen
7fce4ce9d1 Include join order fix from #3142 2020-03-28 12:34:05 +01:00
Dave Bartolomeo
39dd9b7099 C++/C#: Fix formatting 2020-03-27 19:46:53 -04:00