hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,405 Commits 1,672 Branches 157 Tags
remove-javascript
Commit Graph

135 Commits

Author SHA1 Message Date
Geoffrey White
2aa64db40e Merge remote-tracking branch 'upstream/rc/1.24' into alloc-size2 2020-04-15 10:09:54 +01:00
Geoffrey White
a7979fdc12 C++: Base results purely on allocations now, not multiplications by a sizeof. 2020-04-09 15:05:29 +01:00
Geoffrey White
febbbc4423 C++: Additional test cases. 2020-04-09 15:03:35 +01:00
Robert Marsh
c38ccaaab6 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-04-08 12:32:35 -07:00
Geoffrey White
66a0b7884e Merge branch 'master' into alloc-size 2020-04-07 17:12:35 +01:00
Jonas Jensen
58366b19e9 C++: Path explanations in the last two queries 
For some reason I thought that these two queries were special because
they manipulate `SecurityOptions` to change the taint-tracking sources.
It turns out it was just the opposite: the queries used to be special
because they invalidated the cache for the `tainted` predicate, but that
predicate is no longer used, so these queries are no longer special.
 2020-04-04 16:47:06 +02:00
Jonas Jensen
36da2d1dae C++: Manipulate the source end of paths too 
Without this, we get duplicate alerts in some cases and
unnatural-looking source nodes in other cases. The source nodes were
often `Conversion`s.
 2020-04-03 16:37:23 +02:00
Jonas Jensen
207c76b855 C++: Path explanations in DefaultTaintTracking 
The first three queries are migrated to use path explanations.
 2020-04-01 20:51:05 +02:00
Robert Marsh
59a81d8445 C++: merge from master and accept test changes 2020-03-18 13:47:01 -07:00
Geoffrey White
034f7cc948 Merge branch 'master' into model-gets 2020-03-16 15:12:36 +00:00
Geoffrey White
f4a1b41094 C++: Correct hasUpperBoundsCheck. 2020-03-12 15:45:01 +00:00
Geoffrey White
26ed560bd7 C++: Add new test cases. 2020-03-12 15:45:01 +00:00
Geoffrey White
263e51f72e C++: Clean up the test. 2020-03-12 15:45:00 +00:00
Robert Marsh
bba6b23019 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-03-10 11:12:19 -07:00
Jonas Jensen
28a9baba36 Merge pull request #3026 from MathiasVP/simplerangeanalysis-const-var-access 
C++: Handle constant variable accesses in SimpleRangeAnalysis.qll
 2020-03-10 11:22:33 +01:00
Mathias Vorreiter Pedersen
1a5282ae21 C++: Add testcase that previously resulted in a false positive 2020-03-09 22:33:59 +01:00
Mathias Vorreiter Pedersen
3973a50c9b C++: Add testcase for cpp/uncontrolled-allocation-size 2020-03-04 15:51:14 +01:00
Geoffrey White
a0e839d3f1 C++: Block duplicate taint results from 'gets' and other functions. 2020-02-24 11:53:22 +00:00
Robert Marsh
ff876aaedf C++: Accept test output with IR enabled 2020-02-18 09:48:21 -08:00
Jonas Jensen
a59c0facee C++: Accept test changes for IR libs 
This is for the tests in the ql repo. There are also changed tests in
the internal repo.
 2020-02-15 21:12:20 +01:00
Geoffrey White
a7fb2e1261 CPP: More test cases for ArithmeticWithExtremeValues. 2019-06-26 15:38:23 +01:00
Geoffrey White
3deff9c578 CPP: Fix in dataflow. 2019-06-10 12:01:14 +01:00
Geoffrey White
d51f870053 CPP: Add test cases. 2019-06-10 12:01:13 +01:00
Geoffrey White
574a1d8501 Merge pull request #1037 from kevinbackhouse/RangeAnalysisAssignAddOverflow 
Better overflow detection for AssignAdd/AssignSub
 2019-05-29 09:54:06 +01:00
Geoffrey White
6bac1e6e99 CPP: Accept CWE-190 test change. 2019-05-24 16:16:45 +01:00
Geoffrey White
faa23a53be CPP: Update expected for changes elsewhere. 2019-03-28 15:49:36 +00:00
Geoffrey White
e7c02027f5 CPP: Fix 'BAD'. 2019-03-28 15:49:36 +00:00
Geoffrey White
8c75e730e4 CPP: Widen TaintedAllocationSize.ql. 2019-03-28 15:49:36 +00:00
Geoffrey White
dab1bba25c CPP: Add a test of TaintedAllocationSize. 2019-03-28 15:49:36 +00:00
Jonas Jensen
2550788598 C++: Accept test changes to getRelativePath 
After a `queries.xml` was added to the test directory,
`Container.getRelativePath` now considers source files to be relative to
the `cpp/test` directory rather than the directory of the `*.ql*` file.
This caused some benign test output changes, and it also caused an
unwanted alert for `test3.c:14` to appear in
`cpp/ql/test/query-tests/Security/CWE/CWE-190/semmle/tainted/IntegerOverflowTainted.expected`.
This alert came about because `inSystemMacroExpansion` holds for files
that don't have a relative path, but the pretend system header in
`../system_header` now does have a relative path because it's below the
`cpp/test` directory. The fix is to add another `queries.xml` just for
the directory with the affected test.
 2019-02-18 14:41:28 +01:00
Geoffrey White
b0805f8e79 CPP: Adjust ArithmeticTainted.ql so that it can work on non-VariableAccesses. 2019-01-28 17:36:56 +00:00
Geoffrey White
f1dc538796 CPP: Add a test using strtoul in a taint query. 2019-01-28 16:59:02 +00:00
Geoffrey White
6088ca5d5b CPP: Update our uses of MacroInvocationExpr. 2019-01-09 12:17:29 +00:00
Geoffrey White
b59c2868cd CPP: Add test cases for the macro logic and other details of ArithmeticUncontrolled.ql. 2019-01-09 12:17:29 +00:00
Geoffrey White
f034abc275 CPP: Add the Semmle security tests. 2018-11-26 17:52:34 +00:00