hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,671 Branches 157 Tags
remove-javascript
Commit Graph

25 Commits

Author SHA1 Message Date
Geoffrey White
8198b96eb2 C++: Add test cases. 2020-10-20 15:33:57 +01:00
Geoffrey White
540af7866c C++: Test spacing. 2020-10-20 15:23:15 +01:00
Geoffrey White
b4fb98dc7c CPP: Fix comments. 2019-11-08 15:10:13 +00:00
Geoffrey White
cd3bccf73a CPP: Fix FPs. 2019-11-08 15:09:46 +00:00
Geoffrey White
1cf4449314 CPP: Test for NonConstantFormat with multiple definitons. 2019-11-08 15:09:45 +00:00
Jonas Jensen
cace411974 C++: NonConstantFormat taint only for string types 
To speed up the taint analysis in `NonConstantFormat.ql` and to remove
FPs that were due to taint spreading from `i` to `a[i]`, this commit
stops the taint tracking in `NonConstantFormat.ql` at every node that
could not possibly contain a string.

I tested performance on Wireshark, and it's fine. Pulling out the
`isSanitizerNode` prevented `isSanitizer` from turning into four
half-slow RA predicates due to both CPE and `#antijoin_rhs`
transformations happening.
 2019-06-20 15:39:47 +02:00
Jonas Jensen
e99c68885c C++: Demonstrate ArrayExpr FP 2019-06-20 14:00:42 +02:00
Ziemowit Laski
88a39d9454 [CPP-370] Fix up // GOOD and // BAD test annotations so that they're consistent. 2019-06-12 12:56:11 -07:00
Ziemowit Laski
0f5a4a7089 [CPP-370] Improve handling of _ macros by using taint sanitizers. 2019-06-10 15:50:53 -07:00
Ziemowit Laski
8f79cdb1fb [CPP-370] Add an additional test case. 2019-06-04 16:19:01 -07:00
Ziemowit Laski
46b6eac955 [CPP-370] An .expected file is mismatched again. Not sure why 
this is happening.
 2019-05-22 09:08:44 -07:00
Ziemowit Laski
ae55b7b643 [CPP-370] Add new test file for testing procedurally nested format 
argument violations.
 2019-05-21 07:08:13 -07:00
Ziemowit Laski
92054e2481 [CPP-370] Reformat test cases so that the .expect files line up with what was 
checked in initially.  Check for DataFlow::DefinitionByReferenceNode
          when computing isSource() for our taint analysis.
 2019-05-21 06:54:41 -07:00
Ziemowit Laski
098b6543f5 [CPP-370] Rewrite of NonConstantFormat.ql using the taint tracking library. 2019-05-21 06:51:47 -07:00
Ziemowit Laski
d8b8dda439 [CPP-370] First attempt at isAdditionalFlowStep(). 2019-05-21 06:45:52 -07:00
Ziemowit Laski
dbec17f85b [CPP-370] Tentative implementation of NonConstantFormat.ql using the global 
DataFlow library.  This is intended solely for further discussion.
 2019-05-21 06:23:51 -07:00
Ziemowit Laski
6025c03857 [CPP-370] Add nested.cpp test case, for nested calls to ...printf functions. 2019-05-21 06:21:12 -07:00
Ziemowit Laski
b205951e6d [CPP-370] Reformat test cases so that the .expect files line up with what was 
checked in initially.  Check for DataFlow::DefinitionByReferenceNode
          when computing isSource() for our taint analysis.
 2019-05-21 06:18:31 -07:00
Ziemowit Laski
ed67c9fd5a [CPP-370] Rewrite of NonConstantFormat.ql using the taint tracking library. 2019-05-21 06:18:31 -07:00
Ziemowit Laski
fae55d5493 [CPP-370] First attempt at isAdditionalFlowStep(). 2019-05-21 06:18:30 -07:00
Ziemowit Laski
775861c386 [CPP-370] Minor textual tweaks. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
de10598dd6 [CPP-370] NonConstantFormat.expected changed for some reason. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
ffddc5bff6 [CPP-370] Update the NonConstantFormat.expected result template. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
0c86d4c112 [CPP-370] Tentative implementation of NonConstantFormat.ql using the global 
DataFlow library.  This is intended solely for further discussion.
 2019-05-21 06:18:30 -07:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00