hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

4510 Commits

Author SHA1 Message Date
Geoffrey White
597757d76f C++: Model std::stringstream put and write. 2020-09-11 11:14:57 +01:00
Geoffrey White
66a5c38eef C++: Model std::stringstream constructor. 2020-09-11 11:14:57 +01:00
Jonas Jensen
ad11f76ec6 C++: Always normalize bounds after a computation 
This stops some cases of `-0.0` from propagating through the range
analysis, fixing a false positive on arvidn/libtorrent.

There seems to be no need for a corresponding change in the caller of
`getDefLowerBoundsImpl` since that predicate only contains computations
that cannot introduce negative zero.
 2020-09-11 11:59:00 +02:00
lcartey@github.com
65d48a32b8 C++: Expose getDef(Upper|Lower)Bound as an internal predicate. 2020-09-11 09:49:18 +01:00
Mathias Vorreiter Pedersen
ff09104089 Merge branch 'main' into mathiasvp/array-field-flow 2020-09-11 09:25:50 +02:00
Mathias Vorreiter Pedersen
399da6837a Merge pull request #4227 from jbj/SimpleRangeAnalysis-NotExpr 
C++: Support `(bool)x` and `!x` in SimpleRangeAnalysis
 2020-09-11 08:59:03 +02:00
Geoffrey White
fed973f9c4 Merge pull request #4229 from MathiasVP/mathiasvp/make_shared_make_unique-models 
C++: Add taint models for std::make_unique and std::make_shared
 2020-09-10 10:46:30 +01:00
Geoffrey White
34a03ec523 Merge pull request #4213 from rdmarsh2/rdmarsh2/cpp/explicit-conversion-perf 
C++: Improve performance of getExplicitlyConverted
 2020-09-10 10:33:16 +01:00
Robert Marsh
10633019a6 C++: autoformat 2020-09-09 12:45:17 -07:00
Mathias Vorreiter Pedersen
bb9cf72a31 Merge branch 'main' into mathiasvp/make_shared_make_unique-models 2020-09-09 20:51:56 +02:00
Geoffrey White
46a07fa9b2 C++: Model std::stringstream::str. 2020-09-09 18:22:06 +01:00
Taus
17ccc137ae Merge pull request #4238 from RasmusWL/dataflow-small-fix-for-naming 
Dataflow: small fixes for naming in taint tracking
 2020-09-09 16:26:36 +02:00
Mathias Vorreiter Pedersen
ad602b892b Merge branch 'main' into mathiasvp/read-step-without-memory-operands 2020-09-09 16:17:23 +02:00
Mathias Vorreiter Pedersen
e91d321d28 Merge pull request #4234 from geoffw0/stringstream 
C++: Tests and initial models for taint through std::stringstream / std::ostream.
 2020-09-09 15:31:46 +02:00
Jonas Jensen
ceb198f65d Merge remote-tracking branch 'upstream/main' into SimpleRangeAnalysis-NotExpr 2020-09-09 14:50:00 +02:00
Rasmus Wriedt Larsen
2172fb6e65 Dataflow: s/data flow/taint propagation/ in QLDoc for sanitizers 2020-09-09 14:30:33 +02:00
Rasmus Wriedt Larsen
d90f0be2c4 Dataflow: defaultTaintBarrier => defaultTaintSanitizer 
Just keeping things a bit more consistent :)
 2020-09-09 14:11:56 +02:00
Mathias Vorreiter Pedersen
8226515138 C++: Add a taint model for std::{shared, unique}_ptr<T>::get 2020-09-09 12:22:29 +02:00
Mathias Vorreiter Pedersen
417424ab75 C++: Add QLDoc and fix comment in isArray (review comments) 2020-09-09 12:21:09 +02:00
Geoffrey White
db3f81a98f C++: Correct QLDoc. 2020-09-09 11:16:14 +01:00
Robert Marsh
30b5975274 C++: autoformat 2020-09-08 14:51:08 -07:00
Robert Marsh
eab1557e27 C++: output iterator flow via FlowVar 2020-09-08 14:09:57 -07:00
Robert Marsh
13c45b6664 C++: remove unnecessary parameter in FlowVar.qll 2020-09-08 13:51:58 -07:00
Robert Marsh
c8cdf68bf9 C++: Remove StdStringBeginEnd 2020-09-08 13:49:57 -07:00
Robert Marsh
703db0b9a6 C++: noisy output iterators in AST taint tracking 2020-09-08 13:45:23 -07:00
Robert Marsh
44bdf98217 C++: simplify and explain getExplicitlyConverted 2020-09-08 13:02:51 -07:00
Robert Marsh
65cc9888d5 Merge branch 'main' into rdmarsh2/cpp/explicit-conversion-perf 2020-09-08 12:29:34 -07:00
Robert Marsh
083a4b2abc C++: handle non-casts in hasExplicitConversion 2020-09-08 12:28:16 -07:00
Mathias Vorreiter Pedersen
978b74f235 C++: Implement taint model for make_shared and make_unique 2020-09-08 19:11:48 +02:00
Geoffrey White
90c7a79272 C++: Fix the object/refs up. 2020-09-08 16:49:11 +01:00
Geoffrey White
5a3d41879a C++: Change some of the taint flows to data flows. 2020-09-08 16:49:11 +01:00
Geoffrey White
8a143bec3a C++: Reverse taint through operator<<. 2020-09-08 16:49:10 +01:00
Geoffrey White
b73ff8da63 C++: Flow through operator<<. 2020-09-08 16:49:10 +01:00
Jonas Jensen
911dec6f86 C++: SimpleRangeAnalysis (bool)x and !x support 2020-09-08 16:59:35 +02:00
Mathias Vorreiter Pedersen
5d14688848 Merge branch 'main' into mathiasvp/array-field-flow 2020-09-08 14:38:58 +02:00
Mathias Vorreiter Pedersen
faae2e782a C++: Implement field flow for operator[] writes and pointer deref writes. 2020-09-08 14:35:09 +02:00
Jonas Jensen
f92f84e3d4 Merge remote-tracking branch 'upstream/main' into BlockStmt 2020-09-08 14:09:46 +02:00
Jonas Jensen
ab90f06ddf C++: Rename Block -> BlockStmt 2020-09-08 08:40:20 +02:00
Rajiv Shah
f168356181 C++: Allow .inc files to be included 2020-09-07 18:09:21 -04:00
Ian Lynagh
d49bc4ccda C++: Tweak qldoc for coroutines 2020-09-07 20:39:11 +01:00
Ian Lynagh
4bf545548b C++: Tweak to make qlformat happy 2020-09-07 20:37:01 +01:00
Ian Lynagh
86c58afa48 C++: Update stats for co_await/co_yield/co_return 2020-09-07 20:37:01 +01:00
Ian Lynagh
cca276be84 C++: Remove co_await range-based-for support for now 
Initial impl won't support it
 2020-09-07 20:37:01 +01:00
Ian Lynagh
78b522722c C++: Split CoReturnStmt.getExpr into CoReturnStmt.{getOperand,getExpr} 2020-09-07 20:37:01 +01:00
Matthew Gretton-Dann
8b8b9d6fe3 Actually sort add Statement support 
This commit fixes the previous one.
 2020-09-07 20:37:01 +01:00
Matthew Gretton-Dann
5df5e6dfce Add initial QL support classes for coroutines 
Add classes for expressions co_yield and co_await.
Adds classes for statements co_return and `for co_await`.
 2020-09-07 20:37:01 +01:00
Matthew Gretton-Dann
8199b3a230 C++: Add DB schema support for coroutines 2020-09-07 20:37:01 +01:00
Geoffrey White
6ef67af743 C++: Add models for stringstream methods. 2020-09-07 18:27:42 +01:00
Mathias Vorreiter Pedersen
9c1837e3b3 C++: Rename getField to getAField following review comments. 2020-09-07 16:52:04 +02:00
Jonas Jensen
3493c93d7b Merge pull request #4218 from MathiasVP/mathiasvp/fix-fp-av82 
C++: Add cases for conditional and comma operator in AV Rule 82
 2020-09-07 15:27:07 +02:00