hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

4510 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
61bbceb201 C++/C#: Sync identical files 2020-11-21 00:55:07 +01:00
Mathias Vorreiter Pedersen
f173dc71c0 C++: Use shorter names for new IR predicates. This should hopefully guide users to use these predicates by default. 2020-11-21 00:54:50 +01:00
Geoffrey White
cc8d4b4c75 Merge branch 'main' into modelchanges2 2020-11-20 20:33:52 +00:00
Geoffrey White
fddd353155 C++: Updated autoformat. 2020-11-20 20:15:45 +00:00
Mathias Vorreiter Pedersen
6ead6c6d38 Merge branch 'main' into qualifier-as-parameter-for-callee 2020-11-20 16:17:10 +01:00
Mathias Vorreiter Pedersen
fd4f8c557c Merge branch 'main' into unsafe-use-of-this-query 2020-11-20 14:54:51 +01:00
Jonas Jensen
14aa6427ca Merge pull request #4696 from MathiasVP/get-result-memory-location-join-order-fix 
C++: Fix bad join order in AliasedSSA::getResultMemoryLocation
 2020-11-20 14:50:35 +01:00
Mathias Vorreiter Pedersen
c7efc91676 C++: Use the new predicates in IR dataflow. 2020-11-20 12:24:39 +01:00
Mathias Vorreiter Pedersen
f3b5d7b830 C++/C#: Sync identical files 2020-11-20 12:23:34 +01:00
Mathias Vorreiter Pedersen
416431a7c1 C++: Add convenience predicates for working with qualifiers as parameters. 2020-11-20 12:22:37 +01:00
Jonas Jensen
3342fac83e Merge pull request #4688 from criemen/printast-performance 
C++: Speed up PrintAST.
 2020-11-20 11:45:42 +01:00
Cornelius Riemenschneider
1afd32c033 C++: Add comment, rename class. 2020-11-20 10:49:12 +01:00
Cornelius Riemenschneider
eeece5937d C++: One more speedup, address review. 2020-11-20 09:56:08 +01:00
Mathias Vorreiter Pedersen
490bba5c9f C++: Fix bad join order in AliasedSSA::getResultMemoryLocation. 2020-11-19 17:40:41 +01:00
Mathias Vorreiter Pedersen
2e6a3cd33b Merge branch 'main' into unsafe-use-of-this-query 2020-11-19 13:03:29 +01:00
Jonas Jensen
cd20163f6e Merge pull request #4676 from MathiasVP/untrusted-dataflow-to-external-api-query 
C++: Untrusted data used in external APIs
 2020-11-19 12:56:08 +01:00
Mathias Vorreiter Pedersen
072adaa279 C++: Require that no override of the called pure virtual function exists in any base class. This removes the false positive in the testcase. Based on the results on LGTM we have agreed to set the @precision to very-high. 2020-11-19 12:10:57 +01:00
Dave Bartolomeo
08efd7fbd9 Merge pull request #4558 from rdmarsh2/rdmarsh2/cpp/remove-initialize-nonlocal 
Remove InitializeNonlocalInstruction
 2020-11-18 20:23:08 -05:00
Robert Marsh
77729918c1 Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 
Update for submodule pointer
 2020-11-18 13:09:02 -08:00
Robert Marsh
5753a2d401 C++: autoformat 2020-11-18 11:02:58 -08:00
Cornelius Riemenschneider
4405547b04 C++: Fix tests. 2020-11-18 17:41:08 +01:00
Cornelius Riemenschneider
cfe86bf53b C++: Remove default getAPrimaryQlClass(). 2020-11-18 17:34:56 +01:00
Cornelius Riemenschneider
f70f32e3ed C++: Fix tests for PrintAST. 2020-11-18 17:22:13 +01:00
Cornelius Riemenschneider
429aa15b1b C++: Speed up PrintAST. 2020-11-18 16:08:51 +01:00
Mathias Vorreiter Pedersen
715f233360 C++: Add a new model class describing pure memory functions, and use this new model in DefaultSafeExternalAPIFunction. 2020-11-18 12:47:33 +01:00
Cornelius Riemenschneider
959b8f39d2 C++: Autoformat. 2020-11-18 12:13:46 +01:00
Cornelius Riemenschneider
b670522a9f Clean up Type.qll, getSpecifierString() API. 2020-11-18 10:21:03 +01:00
Mathias Vorreiter Pedersen
09c5caa3bd C++: Move ExternalAPI files into query directory to prevent out-of-tree use. 2020-11-18 10:18:03 +01:00
Mathias Vorreiter Pedersen
f16591dffc C++: Respond to qhelp review comments. 2020-11-18 09:18:14 +01:00
Robert Marsh
5aed82a210 C++: Autoformat more 2020-11-17 13:44:20 -08:00
Robert Marsh
04641a3f2d Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2020-11-17 12:55:12 -08:00
Cornelius Riemenschneider
a92f7a4563 C++: Include trailing whitespace in Type.getSpecifierString(). 2020-11-17 18:50:34 +01:00
Cornelius Riemenschneider
5c3de06b6d C++: Improve PrintAST performance. 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-11-17 17:47:16 +01:00
Mathias Vorreiter Pedersen
52bbb326ca QLDoc: Wrap lines and disambiguate explanation. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
d93d3c8699 C++: Use the getSourceType predicate on RemoteFlowSources for better alert messages. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
d1272d3a79 C++: Use strictcount instead of count. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
4cb25d8e18 C++: Add isParameterDerefOrQualifierObject helper predicate to FunctionInput and FunctionOutput. 2020-11-17 16:23:27 +01:00
Mathias Vorreiter Pedersen
dea16d4d62 QLDoc/C++: Rename {IR}ExternalAPIsUsedWithUntrustedData to {IR}CountUntrustedDataToExternalAPI 2020-11-17 16:23:13 +01:00
Mathias Vorreiter Pedersen
eabc69b98e C++: Autoformat 2020-11-17 16:09:25 +01:00
Anders Schack-Mulligen
f74fc0ff26 Dataflow: Fix bad join-orders. 2020-11-17 14:28:25 +01:00
Mathias Vorreiter Pedersen
5d2b85fcf5 Update cpp/ql/src/semmle/code/cpp/models/implementations/Getenv.qll 
Co-authored-by: hubwriter <hubwriter@github.com>
 2020-11-17 13:02:28 +01:00
Mathias Vorreiter Pedersen
c37093f4bc C++: Add copies of qhelp files for IR. 2020-11-17 12:28:31 +01:00
Mathias Vorreiter Pedersen
3b8580efaf C++: Add qhelp and example files (modeled after the Java examples). 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
c3c29b8dd0 C++: Add qldoc to new library files. 2020-11-17 12:27:53 +01:00
Mathias Vorreiter Pedersen
5ad18eb748 C++: Add ExternalAPI query files (for AST and IR). 2020-11-17 12:27:40 +01:00
Jonas Jensen
10de931b92 C++: Decrease largeVariable cut-off to 100k 
This 10x lower cut-off has on at least one snapshot made it possible to
compute AST data flow where it was infeasible before.

Also fix an integer overflow that happened in practice on at least one
snapshot and prevented the cut-off from being applied.
 2020-11-17 09:48:32 +01:00
Jonas Jensen
55a38803cb Merge pull request #4673 from MathiasVP/ir-post-dominance 
C++: IR post dominance
 2020-11-17 09:35:51 +01:00
Mathias Vorreiter Pedersen
057bb14eee C++: Add ExternalAPI library files (for AST and IR). 2020-11-16 22:59:54 +01:00
Robert Marsh
a94826dc81 C++: common superclass for Remote/LocalFlowSource 2020-11-16 18:05:17 +01:00
Robert Marsh
31d3e94cec C++: Grammar/style fixes from code review 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-11-16 18:03:44 +01:00