hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,841 Commits 1,671 Branches 157 Tags
merge-rc/1.24
Commit Graph

675 Commits

Author SHA1 Message Date
Geoffrey White
2aa64db40e Merge remote-tracking branch 'upstream/rc/1.24' into alloc-size2 2020-04-15 10:09:54 +01:00
Geoffrey White
a7979fdc12 C++: Base results purely on allocations now, not multiplications by a sizeof. 2020-04-09 15:05:29 +01:00
Geoffrey White
febbbc4423 C++: Additional test cases. 2020-04-09 15:03:35 +01:00
Robert Marsh
c38ccaaab6 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-04-08 12:32:35 -07:00
Jonas Jensen
42e9d1416b Merge pull request #3206 from geoffw0/newfreefix 
C++: Fix `cpp/new-free-mismatch` false positives
 2020-04-08 08:39:43 +02:00
Geoffrey White
66a0b7884e Merge branch 'master' into alloc-size 2020-04-07 17:12:35 +01:00
Geoffrey White
8059d69bbd C++: Model calls to operator new / delete for NewFreeMismatch.ql. 2020-04-06 14:27:05 +01:00
Geoffrey White
3e9f9645ae C++: Exclude calls to operator new / delete from NewFreeMismatch.ql. 2020-04-06 14:08:00 +01:00
Geoffrey White
97cdcbee63 C++: Test for NewFreeMismatch.ql with operator new / delete. 2020-04-06 13:57:28 +01:00
Jonas Jensen
530d4294b0 Merge remote-tracking branch 'upstream/master' into DefaultTaintTracking-Configuration 2020-04-05 07:27:07 +02:00
Jonas Jensen
58366b19e9 C++: Path explanations in the last two queries 
For some reason I thought that these two queries were special because
they manipulate `SecurityOptions` to change the taint-tracking sources.
It turns out it was just the opposite: the queries used to be special
because they invalidated the cache for the `tainted` predicate, but that
predicate is no longer used, so these queries are no longer special.
 2020-04-04 16:47:06 +02:00
Jonas Jensen
54a23a486a C++: Accept test changes for 108d5177b8 2020-04-04 16:46:59 +02:00
Jonas Jensen
5822cd7b84 C++: Put paths in the remaining LGTM-suite queries 2020-04-03 17:10:47 +02:00
Jonas Jensen
3ec1f691c2 C++: First query with flow-paths through globals 2020-04-03 16:45:00 +02:00
Jonas Jensen
469bdae9b2 C++: More helpful toString for def. by ref. node 2020-04-03 16:37:23 +02:00
Jonas Jensen
36da2d1dae C++: Manipulate the source end of paths too 
Without this, we get duplicate alerts in some cases and
unnatural-looking source nodes in other cases. The source nodes were
often `Conversion`s.
 2020-04-03 16:37:23 +02:00
Robert Marsh
a061811939 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Pick up new test for user-defined swap functions
 2020-04-01 17:32:55 -07:00
Jonas Jensen
207c76b855 C++: Path explanations in DefaultTaintTracking 
The first three queries are migrated to use path explanations.
 2020-04-01 20:51:05 +02:00
Geoffrey White
6b5f4d9e12 Merge branch 'master' into av114 2020-04-01 18:23:21 +01:00
Robert Marsh
25f3f67c4a Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Fixes test conflicts and reveals a bug in parameter handling
 2020-03-31 12:54:00 -07:00
Dave Bartolomeo
bebf89fed5 C++: Accept test diffs 
All changes look like real improvements.
 2020-03-23 17:20:19 -04:00
Robert Marsh
59a81d8445 C++: merge from master and accept test changes 2020-03-18 13:47:01 -07:00
Jonas Jensen
f1ad0dafdc Merge pull request #2849 from geoffw0/model-gets 
C++: Model for gets
 2020-03-18 11:06:23 +01:00
Geoffrey White
034f7cc948 Merge branch 'master' into model-gets 2020-03-16 15:12:36 +00:00
Geoffrey White
2cee756587 C++: Support the mirror case with <=. 2020-03-16 13:22:00 +00:00
Geoffrey White
dcf2f7f19c C++: Add some test cases for the mirror case, with <=. 2020-03-16 13:22:00 +00:00
Geoffrey White
3d8633f701 C++: Additional test cases for the recursive bit of UnsignedGEZero. 2020-03-16 13:22:00 +00:00
Mathias Vorreiter Pedersen
e1942bbee1 C++: Fix false positives 2020-03-13 17:09:57 +01:00
Mathias Vorreiter Pedersen
cc25298f67 C++: Demonstrate false positives when a const variable is initialized in a parameter list 2020-03-13 17:00:54 +01:00
Robert Marsh
9f1833af76 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-03-12 15:09:58 -07:00
Geoffrey White
f4a1b41094 C++: Correct hasUpperBoundsCheck. 2020-03-12 15:45:01 +00:00
Geoffrey White
26ed560bd7 C++: Add new test cases. 2020-03-12 15:45:01 +00:00
Geoffrey White
263e51f72e C++: Clean up the test. 2020-03-12 15:45:00 +00:00
Jonas Jensen
917b984909 Merge pull request #3050 from geoffw0/mismatching_placement_new 
C++: Fix mismatching new/free FP in template code.
 2020-03-12 12:42:29 +01:00
Geoffrey White
b2c5ce8dbd C++: Exclude code in templates. 2020-03-11 18:11:45 +00:00
Geoffrey White
d454c8457d C++: Test case. 2020-03-11 18:09:09 +00:00
Robert Marsh
bba6b23019 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-03-10 11:12:19 -07:00
Jonas Jensen
28a9baba36 Merge pull request #3026 from MathiasVP/simplerangeanalysis-const-var-access 
C++: Handle constant variable accesses in SimpleRangeAnalysis.qll
 2020-03-10 11:22:33 +01:00
Mathias Vorreiter Pedersen
1a5282ae21 C++: Add testcase that previously resulted in a false positive 2020-03-09 22:33:59 +01:00
Mathias Vorreiter Pedersen
3973a50c9b C++: Add testcase for cpp/uncontrolled-allocation-size 2020-03-04 15:51:14 +01:00
Robert Marsh
4333fe7905 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-02-26 13:15:27 -08:00
Geoffrey White
4af0193c98 C++: Modify the argvlocal tests. 2020-02-24 16:51:47 +00:00
Geoffrey White
9f271949d5 C++: Adjust layout of the argvlocal test. 2020-02-24 15:52:31 +00:00
Geoffrey White
a0e839d3f1 C++: Block duplicate taint results from 'gets' and other functions. 2020-02-24 11:53:22 +00:00
Geoffrey White
e683f6113d C++: Model 'gets'. 2020-02-24 11:27:35 +00:00
Robert Marsh
ff876aaedf C++: Accept test output with IR enabled 2020-02-18 09:48:21 -08:00
Jonas Jensen
a59c0facee C++: Accept test changes for IR libs 
This is for the tests in the ql repo. There are also changed tests in
the internal repo.
 2020-02-15 21:12:20 +01:00
Geoffrey White
75a50a1714 C++: Understand formatting function varargs as needing null termination. 2020-02-11 15:25:59 +00:00
Geoffrey White
2f290bd528 C++: Additional test cases. 2020-02-11 15:25:59 +00:00
Jonas Jensen
4997aa7428 Merge pull request #2772 from MathiasVP/more-gvn-loads 
C++: Better value numbering support for loading fields in IR
 2020-02-06 14:15:27 +01:00