6796 Commits

Author	SHA1	Message	Date
Paolo Tranquilli	2ce5b85db4	Merge pull request #7112 from github/redsun82/frontend-update ... c++: update ir tests after frontend update	2021-11-16 16:30:34 +01:00
Anders Schack-Mulligen	c70d384d28	Merge pull request #7045 from aschackmull/dataflow/hidden-ret-subpaths ... Data flow: Support hidden return nodes in subpaths predicate	2021-11-16 15:04:51 +01:00
Paolo Tranquilli	8d3cf7f5aa	C++: update ir tests after frontend update ... After updating the frontend new intermediate objects appear in the AST and raw dumps.	2021-11-16 13:25:32 +00:00
Mathias Vorreiter Pedersen	71c279f537	Merge branch 'main' into use-range-analysis-in-buffer-write	2021-11-16 09:14:02 +00:00
Mathias Vorreiter Pedersen	3f0bfe1d75	C++: Remove the implicit assumption about the existence of a lower bound implying the existence of an upper bound (and vice veraa).	2021-11-15 13:39:15 +00:00
Mathias Vorreiter Pedersen	63f50a9eb7	C++: Cleanup the case for possibly-negative unsigned values.	2021-11-15 13:31:51 +00:00
Mathias Vorreiter Pedersen	9a9f7943aa	C++: Fix bug for exact powers of 10 and accept test changes.	2021-11-15 13:20:45 +00:00
Mathias Vorreiter Pedersen	53884915a5	C++: Add more tests (which demonstrate a couple of bugs in the implementation).	2021-11-15 13:18:30 +00:00
Mathias Vorreiter Pedersen	c2e057def9	Merge pull request #7094 from geoffw0/non-https-url ... C++: New query 'Failure to use HTTPS URLs'	2021-11-15 10:00:19 +00:00
Mathias Vorreiter Pedersen	982de28b89	Update cpp/ql/lib/semmle/code/cpp/commons/Printf.qll ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2021-11-11 13:19:13 +00:00
Geoffrey White	ea580cd9c0	C++: Add explanatory comments.	2021-11-11 11:49:51 +00:00
Anders Schack-Mulligen	7ffd9b4f9e	Dataflow: Include read/store steps when finding non-hidden return.	2021-11-11 11:26:21 +01:00
Geoffrey White	901919f7ff	C++: Add tests expanding on the issue with (global) variables.	2021-11-11 09:40:03 +00:00
Geoffrey White	43ff3b1c80	C++: Address review comment.	2021-11-11 09:39:59 +00:00
Mathias Vorreiter Pedersen	bf9b8cfff0	Merge pull request #6947 from ihsinme/ihsinme-patch-077 ... CPP: Add query for CWE-377 Insecure Temporary File	2021-11-11 09:02:04 +00:00
Geoffrey White	9a1b98e1d9	C++: Fix qhelp example link.	2021-11-10 17:54:05 +00:00
Geoffrey White	c29011a5cf	C++: Add more sinks.	2021-11-10 16:43:28 +00:00
Geoffrey White	ae622bd482	C++: Use hasGlobalOrStdName.	2021-11-10 14:57:07 +00:00
Anders Schack-Mulligen	6d9fb3ca43	Dataflow: Sync.	2021-11-10 15:11:13 +01:00
Mathias Vorreiter Pedersen	ccdaf49464	C++: Fix the same bug in the test for ordered maps.	2021-11-10 13:24:27 +00:00
Mathias Vorreiter Pedersen	86d78b34aa	C++: Use the correct variable in the 'test'.	2021-11-10 13:04:48 +00:00
Geoffrey White	2f39c64cc2	C++: Fix character in qhelp.	2021-11-10 11:23:57 +00:00
Mathias Vorreiter Pedersen	e2ab1c8c5e	Merge branch 'main' into use-range-analysis-in-buffer-write	2021-11-10 08:28:43 +00:00
ihsinme	a0448240aa	Update InsecureTemporaryFile.expected	2021-11-10 09:23:51 +03:00
ihsinme	7514fe2b45	Update test.cpp	2021-11-10 09:22:58 +03:00
ihsinme	289d58745a	Update InsecureTemporaryFile.ql	2021-11-10 09:22:03 +03:00
Geoffrey White	26e9adcc34	C++: Change note.	2021-11-09 19:39:21 +00:00
Geoffrey White	ef21d1b512	C++: Add a model for curl as well.	2021-11-09 19:32:43 +00:00
Geoffrey White	6388ac5f1d	C++: Add tests.	2021-11-09 18:41:57 +00:00
Geoffrey White	d2b18d952d	C++: Add qhelp.	2021-11-09 18:41:56 +00:00
Geoffrey White	bd1e708c5d	C++: First version of cpp/non-https-url.	2021-11-09 18:33:49 +00:00
ihsinme	55fe01018f	Update InsecureTemporaryFile.ql	2021-11-09 09:33:33 +03:00
Mathias Vorreiter Pedersen	8e496f7121	C++: Pull in the latest changes to 'SsaImplCommon'.	2021-11-08 10:46:54 +00:00
Mathias Vorreiter Pedersen	fff5d293ff	Merge branch 'main' into use-shared-ssa-in-ir-dataflow	2021-11-08 10:44:36 +00:00
Mathias Vorreiter Pedersen	021d9415b8	Merge branch 'main' into use-range-analysis-in-buffer-write	2021-11-08 08:22:49 +00:00
ihsinme	cedc5fd743	Update InsecureTemporaryFile.ql	2021-11-05 09:42:06 +03:00
Mathias Vorreiter Pedersen	34aa4981be	Merge pull request #7018 from geoffw0/nullterm3 ... C++: Further performance improvement for the null termination queries	2021-11-04 21:37:58 +00:00
Mathias Vorreiter Pedersen	a9b7fed537	C++: Accept test changes.	2021-11-04 21:25:37 +00:00
Mathias Vorreiter Pedersen	ac90259906	C++: Teach 'getMaxConvertedLength' to use 'SimpleRangeAnalysis'.	2021-11-04 21:25:28 +00:00
Mathias Vorreiter Pedersen	693baae1ba	C++: Add test cases with false positives due to missing range analysis in 'cpp/overrunning-write'.	2021-11-04 21:13:28 +00:00
Mathias Vorreiter Pedersen	58f6058a63	Merge pull request #7051 from MathiasVP/better-paths-in-tests ... C++: Better `InlineExpectation` tests for path-explanations	2021-11-04 11:35:10 +00:00
Mathias Vorreiter Pedersen	0d1ff4d2ee	C++: Respond to review comments and accept test changes.	2021-11-04 11:13:23 +00:00
Mathias Vorreiter Pedersen	ae4b6c54bc	C++: Change the structure of the 'annotate_path_to_sink' tests to better test path-explanations.	2021-11-03 20:32:05 +00:00
Mathias Vorreiter Pedersen	e9b114630a	Merge pull request #6948 from ihsinme/ihsinme-patch-076 ... CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory	2021-11-03 18:50:13 +00:00
ihsinme	aef0275b3c	Update IncorrectChangingWorkingDirectory.expected	2021-11-03 20:45:38 +03:00
ihsinme	a9dd868348	Update IncorrectChangingWorkingDirectory.qhelp	2021-11-03 18:38:30 +03:00
ihsinme	c94b64cbca	Update IncorrectChangingWorkingDirectory.qhelp	2021-11-03 18:28:57 +03:00
Mathias Vorreiter Pedersen	4095c2012e	C++: Add comments on why 'ReferenceToInstruction' is interpreted like a 'LoadInstruction' at certain places.	2021-11-03 13:27:26 +00:00
Mathias Vorreiter Pedersen	43a4795272	C++: Remove redundant conjunct.	2021-11-03 13:19:43 +00:00
Mathias Vorreiter Pedersen	1f89b4987b	C++: Rename 'valueFlow' to 'conversionFlow' and add a QLDoc that explains its purpose.	2021-11-03 12:22:27 +00:00