hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

4510 Commits

Author SHA1 Message Date
ihsinme
a43167faf7 Update WrongInDetectingAndHandlingMemoryAllocationErrors.qhelp 2021-02-04 15:44:28 +03:00
ihsinme
2131f35801 Update WrongInDetectingAndHandlingMemoryAllocationErrors.ql 2021-02-04 15:41:40 +03:00
Mathias Vorreiter Pedersen
b55921a391 Update cpp/ql/src/experimental/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-02-04 13:25:02 +01:00
Geoffrey White
d41ea6c799 Merge pull request #5081 from MathiasVP/indirection-in-dataflow-models 
C++: Add more indirection flow in dataflow models
 2021-02-04 11:55:34 +00:00
Mathias Vorreiter Pedersen
55615586ee C++: Address review comments. 2021-02-04 11:30:44 +01:00
Mathias Vorreiter Pedersen
47ab9ba81b C++: emplace and emplace_back takes its arguments by universal references, so they should also specify flow as indirections. 2021-02-04 11:16:27 +01:00
Geoffrey White
7087904637 C++: Solution. 2021-02-04 09:00:35 +00:00
Mathias Vorreiter Pedersen
8cf8b704c5 C++: Add more indirection flow in dataflow models. Also revert the additions to DataFlowUtil added in #5035 as they can add too much flow. 2021-02-03 16:16:48 +01:00
Jonas Jensen
e3bdebf7a0 Merge pull request #5077 from jbj/revert-nested-fields 
C++: Revert #4784
 2021-02-03 14:07:28 +01:00
Mathias Vorreiter Pedersen
691a316460 C++: Add tests to cpp/unsigned-difference-expression-compared-zero and remove a couple of classes of FPs. 2021-02-03 11:10:57 +01:00
Jonas Jensen
064568c36d Revert "Merge pull request #4784 from MathiasVP/mathiasvp/reverse-read-take-3" 
This reverts commit 1b3d69d617, reversing
changes made to 527c41520e.
 2021-02-03 08:49:37 +01:00
Robert Marsh
631ee28cae C++: update comments about SSA sharing 2021-02-02 09:11:21 -08:00
Robert Marsh
50edf44e84 C++/C#: autoformat and sync files 2021-02-02 09:06:44 -08:00
Mathias Vorreiter Pedersen
9e75a4be34 C++: Implement a model for _strnextc and its variants. 2021-02-02 16:42:39 +01:00
Mathias Vorreiter Pedersen
98d73bf474 Merge pull request #5072 from MathiasVP/strcrement-model-implementation 
C++: Implement model for _strinc and related functions
 2021-02-02 16:22:13 +01:00
Mathias Vorreiter Pedersen
07a20752bc Fix spelling in qldoc. 
Co-authored-by: Cornelius Riemenschneider <criemen@github.com>
 2021-02-02 15:51:40 +01:00
Jonas Jensen
aa9ab41e30 Merge pull request #5059 from geoffw0/mswprintf 
C++: Exclude custom vprintf implementations from primitiveVariadicFormatter.
 2021-02-02 15:13:25 +01:00
Mathias Vorreiter Pedersen
b54f74a68a C++: Implement model for _strinc and related functions. 2021-02-02 12:20:02 +01:00
Mathias Vorreiter Pedersen
5db1984315 Merge pull request #5070 from MathiasVP/strsep-model-implementation 
C++: Add strsep model implementation.
 2021-02-02 12:00:26 +01:00
Geoffrey White
9f50f67e6d Merge pull request #5065 from MathiasVP/scanf-model 
C++: Add sscanf and fscanf models
 2021-02-02 10:30:19 +00:00
Mathias Vorreiter Pedersen
0db54e08b8 C++: Address review comments. 2021-02-02 10:48:07 +01:00
Mathias Vorreiter Pedersen
6e71c68f33 C++: Add strsep model implementation. 2021-02-02 10:29:23 +01:00
Mathias Vorreiter Pedersen
be9908df87 C++: Fix copy/paste error. 2021-02-01 16:45:07 +01:00
Mathias Vorreiter Pedersen
9db19613d6 C++: Reuse logic from commons/Scanf. 2021-02-01 16:10:28 +01:00
Mathias Vorreiter Pedersen
27b41c2016 C++: Address review comments. 2021-02-01 13:32:46 +01:00
Mathias Vorreiter Pedersen
c747914ef2 C++: Add sscanf and fscanf model implementations. 2021-02-01 12:54:59 +01:00
Mathias Vorreiter Pedersen
61125b4bf2 C++: Address review comments. 2021-02-01 12:15:57 +01:00
Mathias Vorreiter Pedersen
6c3f44bba8 C++: Add more memcpy, memset, strcat and strcpy models. Also refine which strcpy functions can live in the std namespace. 2021-02-01 08:44:10 +01:00
ihsinme
2b946aee5a Update WrongInDetectingAndHandlingMemoryAllocationErrors.ql 2021-01-31 15:21:54 +03:00
ihsinme
b7df18b97e Update AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql 2021-01-31 15:16:40 +03:00
Geoffrey White
064d89735b Merge pull request #5046 from MathiasVP/model-more-pure-functions 
C++: Model more pure functions
 2021-01-29 22:05:48 +00:00
Geoffrey White
03922aa1f5 C++: Exclude custom vprintf implementations. 2021-01-29 21:20:36 +00:00
Mathias Vorreiter Pedersen
d5f1c19152 Merge branch 'main' into ihsinme-patch-221 2021-01-29 13:05:07 +01:00
ihsinme
bdbf5a4fae Apply suggestions from code review 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-01-29 13:41:45 +03:00
Geoffrey White
50f2557dd2 Merge pull request #5043 from MathiasVP/uniform-treatment-of-params-and-qualifiers-in-model-dataflow 
C++: Uniform treatment of parameters and qualifiers in model dataflow
 2021-01-29 09:48:07 +00:00
ihsinme
c8eeb5f73e Update WrongInDetectingAndHandlingMemoryAllocationErrors.ql 2021-01-29 11:51:15 +03:00
Mathias Vorreiter Pedersen
339c4c6ce0 C++: Model more pure functions. 2021-01-28 19:37:53 +01:00
Geoffrey White
7d9ebaf9d8 Merge pull request #5040 from MathiasVP/strset-and-strtok-models 
C++: Strset and strtok model implementations
 2021-01-28 18:34:06 +00:00
Geoffrey White
768be9ec2c Merge pull request #5041 from ihsinme/ihsinme-patch-198 
CPP: Improve cpp/memory-leak-on-failed-call-to-realloc
 2021-01-28 18:29:24 +00:00
Mathias Vorreiter Pedersen
23eb4d2009 C++: Fix isParameterDeref typo. 2021-01-28 18:29:30 +01:00
Mathias Vorreiter Pedersen
75aa1e8a3b C++: Respond to review comments. 2021-01-28 16:39:11 +01:00
Geoffrey White
02d60a26eb Merge pull request #5037 from github/igfoo/decltype 
C++: decltypes may have multiple expressions
 2021-01-28 14:44:53 +00:00
ihsinme
f94a7fc2f0 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 15:47:38 +03:00
Mathias Vorreiter Pedersen
5a420f2bae C++: Use the new predicates for uniform treatment of parameters and qualifiers in model dataflow. 2021-01-28 13:33:08 +01:00
ihsinme
2b4296feb1 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 13:38:26 +03:00
Mathias Vorreiter Pedersen
2c70106d2d Merge pull request #5009 from ihsinme/ihsinme-patch-219 
CPP: add query for CWE-788 Access of memory location after the end of a buffer using strncat.
 2021-01-28 11:10:30 +01:00
Mathias Vorreiter Pedersen
6255662114 C++: Add two new model implementation classes. 2021-01-28 10:57:30 +01:00
Jonas Jensen
69ce24d4b8 Merge pull request #5035 from MathiasVP/implied-deref-flow 
C++: Implied dataflow models
 2021-01-28 09:35:58 +01:00
Mathias Vorreiter Pedersen
c90dc62cc4 C++: Autoformat. 2021-01-27 18:57:09 +01:00
Mathias Vorreiter Pedersen
aec18e7123 C++: Add mempcpy to MemcpyFunction model class. 2021-01-27 18:12:32 +01:00