hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,841 Commits 1,671 Branches 157 Tags
merge-rc/1.24
Commit Graph

3597 Commits

Author SHA1 Message Date
Robert Marsh
95a762c987 Merge master for submodule update 2020-02-26 13:44:26 -08:00
Robert Marsh
4333fe7905 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-02-26 13:15:27 -08:00
Mathias Vorreiter Pedersen
1bee0ffe3b C++: Autoformat 2020-02-26 12:09:21 +01:00
Jonas Jensen
5f6d07dd57 C++: Fix performance of UnsignedGEZero.ql 
This query used two fastTC operations that were already somewhat
inefficient on their own but could send the evaluator into an OOM loop
when run in parallel without enough RAM.

The fix is to recurse manually, starting just from the expressions that
are potential candidates for alerts.
 2020-02-26 11:32:41 +01:00
Mathias Vorreiter Pedersen
d942a3b54a C++: Change definition of isChiForAllAliasedMemory to recurse through inexact PhiInstructions 2020-02-26 10:21:27 +01:00
Jonas Jensen
db33c360bc Merge pull request #2910 from aschackmull/dataflow/cleanup 
Java/C++: Minor dataflow cleanup.
 2020-02-25 12:47:10 +01:00
Mathias Vorreiter Pedersen
b9bb2ec0ac Merge pull request #2864 from jbj/DefaultTaintTracking-cached 
C++: Cache DefaultTaintTracking
 2020-02-25 10:15:43 +01:00
Anders Schack-Mulligen
fba8772411 Java/C++: Minor dataflow cleanup. 2020-02-25 09:40:25 +01:00
yo-h
43bcd5b26c Add guidelines for experimental CodeQL queries and libraries 2020-02-24 15:08:31 -05:00
Robert Marsh
ea4ca31fb3 Merge pull request #2907 from geoffw0/argvlocal 
C++: Modify the argvlocal tests
 2020-02-24 10:55:21 -08:00
Geoffrey White
4af0193c98 C++: Modify the argvlocal tests. 2020-02-24 16:51:47 +00:00
Geoffrey White
9f271949d5 C++: Adjust layout of the argvlocal test. 2020-02-24 15:52:31 +00:00
Geoffrey White
c641a31640 C++: Refine nodeIsBarrierIn using getNodeForSource. 2020-02-24 14:39:31 +00:00
Geoffrey White
843b72b11a C++: hasGlobalOrStdName(). 2020-02-24 14:12:19 +00:00
Jonas Jensen
2d9df70abc Merge pull request #2887 from MathiasVP/fix-ir-gen-switch 
C++: Fix IR generation for switch statements
 2020-02-24 13:29:27 +01:00
Jonas Jensen
ae68878476 C++: Cache DefaultTaintTracking 
This should speed up the overall suite, where `DefaultTaintTracking` is
used in several queries.
 2020-02-24 13:03:34 +01:00
Geoffrey White
a0e839d3f1 C++: Block duplicate taint results from 'gets' and other functions. 2020-02-24 11:53:22 +00:00
Geoffrey White
06e649fc30 C++: Add support for fgetws. 2020-02-24 11:47:32 +00:00
Geoffrey White
5afebc8418 C++: Autoformat. 2020-02-24 11:40:47 +00:00
Geoffrey White
c45bf90e98 Update cpp/ql/src/semmle/code/cpp/models/implementations/Gets.qll 
Co-Authored-By: Jonas Jensen <jbj@github.com>
 2020-02-24 11:36:09 +00:00
Geoffrey White
e683f6113d C++: Model 'gets'. 2020-02-24 11:27:35 +00:00
Geoffrey White
8dcd46f9e7 C++: Add a taint test for gets. 2020-02-24 11:25:28 +00:00
Mathias Vorreiter Pedersen
ed430ce855 C++/C#: Bind parameter in new case. 2020-02-24 09:12:14 +01:00
Mathias Vorreiter Pedersen
af364e66fc C++/C#: Move sanity check inside InstructionSanity module and accept tests 2020-02-23 20:53:49 +01:00
Dave Bartolomeo
170331b105 C++: Better fix for void type on buffer access 
Fixes issue https://github.com/github/codeql-c-analysis-team/issues/20

This change undoes the workaround in https://github.com/Semmle/ql/pull/2736, and replaces it with a fix for the underlying cause. The problem was that the IR construction code for side effects incorrectly assumed that `BufferAccessOpcode` included `SizedBufferAccessOpcode`. I think that was actually a perfectly reasonable assumption to make, so I changed the `Opcode` hierarchy to make it true.
 2020-02-21 18:46:32 -07:00
Mathias Vorreiter Pedersen
d9753b0ca5 C++/C#: Accept test output after adding sanity check to Instruction.qll 2020-02-21 15:09:53 +01:00
Geoffrey White
ad45a4b079 Merge pull request #2890 from nickrolfe/range_based_for 
C++: add more extensive test for desugaring of range-based-for loops
 2020-02-21 09:31:34 +00:00
Anders Schack-Mulligen
771cb754c2 Merge pull request #2822 from hvitved/dataflow/node-cand-simple-call-context 
Data flow: Track simple call contexts in `nodeCand[Fwd]1`
 2020-02-21 10:02:06 +01:00
Tom Hvitved
0cc3218115 Merge pull request #2872 from aschackmull/dataflow/pathstep-localflow-join 
Java/C++/C#: Improve join-order in pathStep predicate
 2020-02-21 09:39:17 +01:00
Mathias Vorreiter Pedersen
780010d8f9 C++/C#: Sync identical files 2020-02-20 22:15:06 +01:00
Mathias Vorreiter Pedersen
6c08783158 C++: Accept output 2020-02-20 22:13:37 +01:00
Mathias Vorreiter Pedersen
4545ad0f93 C++: Add sanity check to Instruction.qll 2020-02-20 22:09:02 +01:00
Mathias Vorreiter Pedersen
76e5bd59df C++: Change edge to DefaultEdge 2020-02-20 22:08:16 +01:00
Tom Hvitved
a772b82fea Address review comments 2020-02-20 19:48:49 +01:00
Nick Rolfe
46b226e0c5 C++: add more extensive test for desugaring of range-based-for loops 2020-02-20 16:15:22 +00:00
Mathias Vorreiter Pedersen
c5f38eecfe C++: Fix IR generation and accept output 2020-02-20 15:37:02 +01:00
Mathias Vorreiter Pedersen
051d574ffd C++: Add switch testcases demonstrating incorrect IR 2020-02-20 15:31:44 +01:00
Jonas Jensen
97035aeb63 Merge pull request #2848 from geoffw0/model-sideeffects 
C++: Disambiguate SideEffectFunction QLDoc.
 2020-02-20 10:30:53 +01:00
Robert Marsh
bed6d2b225 Merge branch 'master' into rdmarsh/cpp/malloc-alias-locations 2020-02-19 16:44:13 -08:00
Dave Bartolomeo
4f1a23e248 "Fix" spelling 2020-02-19 15:57:31 -07:00
Dave Bartolomeo
5263222dc2 "Fix" spelling 2020-02-19 15:57:19 -07:00
Robert Marsh
de66841263 Merge pull request #2873 from geoffw0/fixasttest2 
C++: Fix another test that should be working on the AST dataflow.
 2020-02-19 14:13:44 -08:00
Robert Marsh
82f2540dde Merge pull request #2871 from geoffw0/fixasttest 
C++: Fix a test that should be working on the AST dataflow.
 2020-02-19 10:55:13 -08:00
Anders Schack-Mulligen
91166431d2 Java/C++/C#: s/Callable/DataFlowCallable/ 2020-02-19 17:23:01 +01:00
Jonas Jensen
1d2d8729b8 Merge pull request #2839 from MathiasVP/sync-ir-valuenumbering-internals 
C++/C#: Fix sync config file for value numbering sharing
 2020-02-19 16:57:16 +01:00
Geoffrey White
89bbb975f9 C++: Effects on tests. 2020-02-19 14:52:49 +00:00
Geoffrey White
4e2a45cd3e C++: Correct SideEffectFunction model for PureStrFunction. 2020-02-19 14:38:43 +00:00
Geoffrey White
22cba0f26e C++: Delete TODO. 2020-02-19 14:38:43 +00:00
Geoffrey White
5f7085937e C++: Improve the SideEffect library QLDoc. 2020-02-19 14:38:43 +00:00
Geoffrey White
c014ca6ed7 C++: Rename some tests for clarity / less emphasis on the AST. 2020-02-19 14:33:57 +00:00