hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,380 Commits 1,671 Branches 157 Tags
rc/3.2
Commit Graph

945 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
a006a7fb24 Revert "Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis" 
This reverts commit e3e7b00986, reversing
changes made to 8ccdd4fb9f.
 2021-07-20 18:06:49 +02:00
Geoffrey White
e3e7b00986 Merge pull request #6004 from MathiasVP/path-sensitive-stack-variable-reachability-analysis 
C++: Add path-sensitivity to `StackVariableReachability`
 2021-07-15 12:34:33 +01:00
Robert Marsh
4d8e882214 Merge pull request #6186 from geoffw0/formatarg 
C++: Fix FPs from cpp/wrong-type-format-argument
 2021-07-14 17:20:46 -07:00
Mathias Vorreiter Pedersen
4fc60aedc6 C++: Relax the restrictions on when '%' is a barrier and accept test changes. 2021-07-12 17:39:12 +02:00
Mathias Vorreiter Pedersen
a6f1f8d3b6 C++: Add testcases demonstrating FPs from real code. 2021-07-12 17:39:12 +02:00
Mathias Vorreiter Pedersen
be06230b43 Merge branch 'main' into path-sensitive-stack-variable-reachability-analysis 2021-07-12 14:46:44 +02:00
Mathias Vorreiter Pedersen
d2cc0d3925 C++: Fix annotations. 2021-07-12 11:30:43 +02:00
Geoffrey White
6e49891ed9 C++: Accept Microsoft/non-Microsoft format specifiers on the opposite platform. 2021-06-29 16:45:46 +01:00
Mathias Vorreiter Pedersen
38c487abf9 Merge branch 'main' into more-random-sources-in-uncontrolled-arithmetic 2021-06-24 15:56:15 +02:00
Mathias Vorreiter Pedersen
5bfb78b583 C++: Block flow through all bitwise 'and' and 'or' operations. This seems to be a common source of false positives on LGTM. 2021-06-24 15:53:59 +02:00
Mathias Vorreiter Pedersen
e8bba78825 C++: Convert 'cpp/uncontrolled-arithmetic' to use a 'TaintTracking::Configuration'. 2021-06-24 15:51:44 +02:00
Anders Schack-Mulligen
95ad8b55fe Merge pull request #6107 from aschackmull/dataflow/implicit-reads 
Dataflow: Add support for implicit reads
 2021-06-24 15:38:35 +02:00
Mathias Vorreiter Pedersen
2938ad5f8f C++: Add testcase demonstrating the fix from a8c57ec4aa. 2021-06-23 23:01:49 +02:00
Mathias Vorreiter Pedersen
6379463bcf Merge branch 'main' into improve-tainted-arithmetic 2021-06-23 11:42:45 +02:00
Geoffrey White
298f70f082 Merge pull request #6120 from MathiasVP/not-overflow-is-barrier-in-cwe-190 
C++: Recognize any non-overflowing arithmetic expression as a barrier for `cpp/uncontrolled-arithmetic`
 2021-06-23 10:35:33 +01:00
Mathias Vorreiter Pedersen
9b94f3a650 Merge branch 'main' into improve-tainted-arithmetic 2021-06-23 11:04:08 +02:00
Anders Schack-Mulligen
810de73246 C/C++: Update qltest expected output. 2021-06-21 14:47:31 +02:00
Mathias Vorreiter Pedersen
238c483e5b C++: Make any non-overflowing arithmetic operation a barrier. 2021-06-21 14:05:34 +02:00
Mathias Vorreiter Pedersen
18e5d3cce8 C++: Add false positive with multiplication. 2021-06-21 14:04:27 +02:00
Mathias Vorreiter Pedersen
17df8e44d0 C++: Convert 'cpp/tainted-arithmetic' to a 'path-problem' query. 2021-06-18 14:56:17 +02:00
Geoffrey White
b5c71fd1d7 C++: Repair funcion call in a function call. 2021-06-17 14:33:16 +01:00
Geoffrey White
e5147c2a1f C++: Exclude functions that don't involve buffers. 2021-06-17 14:33:16 +01:00
Geoffrey White
a481e5c292 C++: Exclude template code. 2021-06-17 12:36:14 +01:00
Geoffrey White
8efdf359dc C++: Fix some incorrect uses of 'const' in the tests. 2021-06-17 12:36:13 +01:00
Geoffrey White
3641cdcc1f C++: Add a test case involving an array. 2021-06-17 12:36:09 +01:00
Geoffrey White
23db21cd90 C++: Test spacing. 2021-06-17 12:33:31 +01:00
Geoffrey White
d590952aaa C++: Add a test case involving nested function calls. 2021-06-17 12:23:18 +01:00
Geoffrey White
7632c9edb5 C++: Add test cases involving strings and comparisons. 2021-06-17 12:23:17 +01:00
Geoffrey White
2e236dd2a9 C++: Add a test case involving a harmless assert. 2021-06-17 12:23:17 +01:00
Geoffrey White
dca397dfb1 C++: Add a test case with a template class. 2021-06-17 12:23:16 +01:00
Cornelius Riemenschneider
0ebf53b9df Merge pull request #6073 from geoffw0/loc 
C++: Add lines of user code query
 2021-06-15 09:18:46 +02:00
Mathias Vorreiter Pedersen
cc6ae7f8b8 Merge branch 'main' into path-sensitive-stack-variable-reachability-analysis 2021-06-14 22:02:46 +02:00
Mathias Vorreiter Pedersen
714ad105fe C++: Accept test changes. 2021-06-14 22:02:38 +02:00
Geoffrey White
d7db18213d C++: Add a generated file to the test. 2021-06-14 16:21:30 +01:00
Geoffrey White
1e1ae27974 C++: Test the new query. 2021-06-14 16:06:20 +01:00
Mathias Vorreiter Pedersen
025043afca Merge pull request #6010 from geoffw0/charloc 
C++: Test and fix maxCols / charLoc
 2021-06-08 11:15:04 +02:00
Geoffrey White
6f05fd4839 C++: Autoformat. 2021-06-07 11:01:00 +01:00
Mathias Vorreiter Pedersen
3923acb5e0 Merge pull request #6017 from github/dbartol/pack/extra-queries-xml 
C++: Replace an odd `queries.xml` with `qlpack.yml`
 2021-06-07 10:58:19 +02:00
Dave Bartolomeo
ac3ded7d5a Replace an odd queries.xml with qlpack.yml 
This one C++ test has its own `queries.xml` to make "outside-of-source" path filtering work, as detailed in commit 2550788598. I've replaced the `queries.xml` with `qlpack.yml`, added a comment, and added that pack to the `.codeqlmanifest.json` at the root of the repo. This will allow the library dependencies of this pack to be resolved without the need for a `--search-path` option with the upcoming packaging changes.
 2021-06-06 09:04:18 -04:00
Geoffrey White
799e19bdc2 C++: Update the other version as well. 2021-06-04 16:21:04 +01:00
Geoffrey White
b24dc810c9 C++: Combine results from cpp/weak-cryptographic-algorithm that are in the same file. 2021-06-04 14:04:02 +01:00
Geoffrey White
a93246d28b C++: Fix maxCols. 2021-06-04 13:05:13 +01:00
Mathias Vorreiter Pedersen
d450aa2ce4 C++: Add some testcases that require path sensitivity. 2021-06-03 18:02:29 +02:00
Dave Bartolomeo
da14647e5a Merge pull request #5522 from github/rdmarsh2/cpp/ssa-reuse 
C++: reuse unaliased SSA results when computing aliased SSA
 2021-06-01 10:17:54 -04:00
Mathias Vorreiter Pedersen
41c93d92d7 C++: Remove FPs from right shifts and explicitly bounded random functions. 2021-05-31 15:40:02 +02:00
Mathias Vorreiter Pedersen
10755ece88 C++: Add testcase with bounded randomness source. 2021-05-31 15:33:39 +02:00
Geoffrey White
2fd461e984 Merge pull request #5938 from MathiasVP/promote-access-of-memory-location-after-end-of-buffer-using-strncat 
C++: Promote `cpp/access-memory-location-after-end-buffer-strncat` out of experimental
 2021-05-25 14:36:53 +01:00
Mathias Vorreiter Pedersen
e857ac1149 C++: Add more tests and remove redundant conjunct. 2021-05-25 09:17:42 +02:00
Mathias Vorreiter Pedersen
8d0cfb4e91 C++: Merge tests from 'cpp/access-memory-location-after-end-buffer-strncat' into the tests from 'cpp/unsafe-strncat'. 2021-05-21 10:34:59 +02:00
Mathias Vorreiter Pedersen
9504592909 C++: Promote cpp/incorrect-allocation-error-handling out of experimental. 2021-05-20 09:47:45 +02:00