hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,929 Commits 1,672 Branches 157 Tags
rc/1.20
Commit Graph

257 Commits

Author SHA1 Message Date
Jonas Jensen
842aafc888 C++: Fix new UnsafeDaclSecurityDescriptor FP 
This query uses data flow for nullness analysis, which is always going
to be a large overapproximation. The overapproximation became too big
for one of the test cases after the recent change to make data flow go
across assignment by reference.

To make this query more conservative, it will now only report that the
`pDacl` argument can be null if there isn't also evidence that it can be
non-null.
 2019-04-02 11:31:12 +02:00
Jonas Jensen
111a462d16 C++: Recover some of the good results we lost 
My recent changes to suppress FPs in `ReturnStackAllocatedMemory.ql`
caused us to lose all results where there was a `Conversion` at the
initial address escape. We cannot handle conversions in general, but
this commit restores the good results for the trivial types of
conversion that we can handle.
 2019-03-19 11:09:58 +01:00
Jonas Jensen
d864df5b7f C++: Tests for new false negatives 2019-03-19 10:30:14 +01:00
Jonas Jensen
6b1cd17009 C++: Fix FPs due to data flow Conversion handling 
Since we cannot track data flow from a fully-converted expression but
only the unconverted expression, we should check whether the address
initially escapes into the unconverted expression, not the
fully-converted one.

This fixes most of the false positives observed on lgtm.com.
 2019-03-16 20:50:27 +01:00
Jonas Jensen
1a7351ef6e C++: Add tests for three FPs observed on lgtm.com 2019-03-16 20:50:27 +01:00
Jonas Jensen
9d595aa5ea Merge pull request #1033 from geoffw0/newdelete-perf 
CPP: NewDelete.qll performance
 2019-03-05 12:52:59 +00:00
Max Schaefer
7f5e2630a1 Merge pull request #1032 from xiemaisi/master-for-merge 
Merge master into rc/1.20
 2019-03-04 21:23:51 +00:00
Geoffrey White
df73bb3468 CPP: Fix performance issue. Also has a small positive effect on correctness. 2019-03-04 12:47:55 +00:00
Geoffrey White
f0085ed25a CPP: Additional test cases. 2019-03-04 12:45:05 +00:00
Geoffrey White
66013272da Merge pull request #894 from jbj/ir-RedundantNullCheckSimple 
C++: IR query for redundant null check
 2019-03-01 15:34:18 +00:00
Geoffrey White
8a5bc24b36 CPP: Replace PotentialBufferOverflow with OverrunWrite in the test. 2019-02-27 13:09:09 +00:00
Geoffrey White
7194121eae CPP: Expand the test cases covering PotentialBufferOverflow.ql. 2019-02-27 13:09:09 +00:00
Jonas Jensen
7649e8758b Merge pull request #846 from geoffw0/returnstack 
CPP: Improve  ReturnStackAllocatedMemory.ql
 2019-02-21 22:04:53 +01:00
Geoffrey White
0ca67880b2 Merge pull request #902 from jbj/test-queries.xml 
C++: Add a queries.xml to the test dir
 2019-02-21 16:43:01 +00:00
Jonas Jensen
b9236d216f C++: Improve ReturnStackAllocatedMemory alert msg 2019-02-21 11:20:25 +01:00
Jonas Jensen
dcf910f20c C++: Use EscapesTree to find pointers to stack 
This simplifies the query and is a strict improvement on the tests. I
also found it to be an overall improvement on real projects.
 2019-02-21 11:20:25 +01:00
Jonas Jensen
9f2fdbbc1d C++: More tests for RedundantNullCheckSimple 2019-02-21 10:13:25 +01:00
Jonas Jensen
9ac8d60636 C++: IR query for redundant null check 
This new query is not written because it's the most interesting query we
could write but because it's an IR-based query whose results are easy to
verify.
 2019-02-21 10:13:25 +01:00
Geoffrey White
d30bcb6fcf CPP: Widen allocReachedVariable slightly. 2019-02-20 10:19:57 +00:00
Geoffrey White
23ae12a763 CPP: Add test cases. 2019-02-20 10:19:57 +00:00
Geoffrey White
6a17ebbd1b CPP: Add test cases and renumber. 2019-02-20 10:09:57 +00:00
Geoffrey White
4e77f586da CPP: Fix file names. 2019-02-20 10:08:27 +00:00
Jonas Jensen
2550788598 C++: Accept test changes to getRelativePath 
After a `queries.xml` was added to the test directory,
`Container.getRelativePath` now considers source files to be relative to
the `cpp/test` directory rather than the directory of the `*.ql*` file.
This caused some benign test output changes, and it also caused an
unwanted alert for `test3.c:14` to appear in
`cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/IntegerOverflowTainted.expected`.
This alert came about because `inSystemMacroExpansion` holds for files
that don't have a relative path, but the pretend system header in
`../system_header` now does have a relative path because it's below the
`cpp/test` directory. The fix is to add another `queries.xml` just for
the directory with the affected test.
 2019-02-18 14:41:28 +01:00
Geoffrey White
2321ae911e CPP: Fix the test by adding PotentiallyDangerousFunction. 2019-02-05 17:58:30 +00:00
Geoffrey White
429f53ed74 CPP: Move the 'gets' case. 2019-02-05 17:58:30 +00:00
Geoffrey White
a82832e779 CPP: Add a test that uses 'gets'. 2019-02-05 17:58:30 +00:00
Jonas Jensen
45a995ba52 C++: Accept test changes from last commit 2019-02-04 13:00:28 +01:00
Jonas Jensen
be2a480394 Merge pull request #843 from geoffw0/strtoul 
CPP: Improve ArithmeticTainted.ql
 2019-01-31 07:04:17 -08:00
Geoffrey White
07adf6f201 CPP: Handle array accesses. 2019-01-30 18:36:32 +00:00
Geoffrey White
4685f193f5 CPP: Widen varMaybeStackAllocated. 2019-01-30 18:36:32 +00:00
Geoffrey White
25e11512db CPP: Add a test of ReturnStackAllocatedMemory. 2019-01-30 18:36:31 +00:00
Jonas Jensen
d776d9f903 Merge pull request #821 from geoffw0/query-tags-case 
CPP: Improve ArrayArgSizeMismatch.ql
 2019-01-29 03:52:52 -08:00
semmle-qlci
bf64fee4bd Merge pull request #790 from rdmarsh2/rdmarsh/cpp/futile-params 
Approved by semmledocs-ac
 2019-01-28 22:11:44 +00:00
Geoffrey White
b0805f8e79 CPP: Adjust ArithmeticTainted.ql so that it can work on non-VariableAccesses. 2019-01-28 17:36:56 +00:00
Geoffrey White
f1dc538796 CPP: Add a test using strtoul in a taint query. 2019-01-28 16:59:02 +00:00
Geoffrey White
1a044a0a22 CPP: Add 'fread' to BufferAccess.qll. 2019-01-25 12:58:25 +00:00
Geoffrey White
fd6365838b CPP: Add test cases involving fread. 2019-01-25 12:58:25 +00:00
Jonas Jensen
2aca40a021 Merge pull request #736 from geoffw0/macroinv2 
CPP: Deprecate MacroInvocationExpr and MacroInvocationStmt
 2019-01-25 09:02:02 +01:00
Robert Marsh
44d8e6b6e2 C++: respond to PR comments 2019-01-24 10:50:56 -08:00
Geoffrey White
02c69a744f CPP: Fix false positive. 2019-01-24 15:15:02 +00:00
Geoffrey White
e1d31bf117 CPP: Add a test of ArrayArgSizeMismatch.ql. 2019-01-24 11:20:58 +00:00
Jonas Jensen
61e23bed88 Merge branch 'master' into strcpy-fixups 2019-01-24 10:51:51 +01:00
Robert Marsh
fa02042fda C++: add more tests and rename test functions 2019-01-23 11:42:44 -08:00
Dave Bartolomeo
bfb8125474 Merge pull request #754 from jbj/copy-assignment-no-effect 
C++: Exclude assignment operator in ExprHasNoEffect
 2019-01-23 00:46:17 -08:00
Jonas Jensen
7bb9deeb34 C++: Recognize more function decls as code 2019-01-21 11:47:35 +01:00
Geoffrey White
821a7bfadd Merge pull request #779 from jbj/commented-out-code-braces 
C++: Relax commented-out code heuristic for `}`
 2019-01-21 09:37:30 +00:00
Jonas Jensen
9561fdaabf Merge pull request #672 from geoffw0/lgtm1605 
CPP: Fix function pointer/lambda related false positives in 'Resource not released in destructor'
 2019-01-21 09:35:30 +01:00
Jonas Jensen
169bbcdfa0 Merge pull request #682 from geoffw0/suspiciousaddsizeof 
CPP: Fix false positive in SuspiciousAddWithSizeof.ql
 2019-01-21 09:06:18 +01:00
Geoffrey White
bff23f546d CPP: Clearer naming. 2019-01-18 16:21:28 +00:00
Jonas Jensen
189d82b79a C++: Change exclusion to not be only operator= 2019-01-18 11:19:38 +01:00