hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

4510 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
f5a2603cc1 C++: Add store steps that target the new partial definitions. 2020-12-22 09:14:54 +01:00
Mathias Vorreiter Pedersen
7a2b69feed C++: Add partial definition class backed by an IPA. 2020-12-22 09:14:54 +01:00
Mathias Vorreiter Pedersen
2930128421 C++: Implement read steps using ReadNodes. 2020-12-22 09:14:54 +01:00
Mathias Vorreiter Pedersen
91debe8669 C++: Add ReadNodes and implement local flow steps into them. 2020-12-22 09:14:54 +01:00
Mathias Vorreiter Pedersen
4f07474b62 C++: Also allow custom sources in taintedWithoutGlobals 2020-12-21 19:55:47 +01:00
Mathias Vorreiter Pedersen
f4f96fe257 C++: Use isSource in queries. These were the only queries that restrict the source after dataflow terminates. 2020-12-21 16:35:35 +01:00
Mathias Vorreiter Pedersen
0e84c638b6 C++: Add isSource to AdjustedConfiguration 2020-12-21 16:34:22 +01:00
Mathias Vorreiter Pedersen
b5102043b1 Fix comments. 2020-12-18 14:19:02 +01:00
Mathias Vorreiter Pedersen
f5e4725642 C++: Propagate flow from instruction's to non-exact operands for arrays and unions, and accept test changes. 2020-12-18 13:54:34 +01:00
Mathias Vorreiter Pedersen
2bf8e47932 Merge branch 'main' into default-taint-tracking-operand-instruction-interleaving 2020-12-18 11:59:10 +01:00
Mathias Vorreiter Pedersen
7ccd48e53c Make DefaultTaintTracking do operand->instruction->operand interleaving like DataFlowUtil. 2020-12-18 11:57:16 +01:00
Geoffrey White
dc4ca9b1b9 C++: Add qhelp and example. 2020-12-18 10:10:05 +00:00
Jonas Jensen
fd7dec7f20 Merge pull request #4824 from geoffw0/modelchanges5 
C++: Add cases in the Allocation model.
 2020-12-18 09:16:01 +01:00
Geoffrey White
fda531da49 C++: Add query precision. 2020-12-17 14:31:43 +00:00
Geoffrey White
136fa01b87 C++: Query headers (apart from precison - needs more research). 2020-12-16 16:24:10 +00:00
Geoffrey White
1e3535754b C++: Violation message. 2020-12-16 16:13:02 +00:00
Geoffrey White
c89f7d824b C++: Back out support for SysAllocString. It turns out supporting all of the SysAlloc stuff is beyond our current models, supporting just SysFreeString as we do is OK. 2020-12-16 15:08:53 +00:00
Jonas Jensen
406cc64dcc Merge pull request #4831 from geoffw0/printfunknown 
C++: Fix Printf.qll specsAreKnown
 2020-12-16 10:56:56 +01:00
Robert Marsh
5d2a553059 C++/C#: autoformat 2020-12-15 17:16:31 -08:00
Robert Marsh
fd14eb4c8c C++: remove unreachable IR operands in late stages 2020-12-15 11:45:40 -08:00
Geoffrey White
93dfeac3c8 C++: Make specsAreKnown more accurate. 2020-12-15 17:43:28 +00:00
Geoffrey White
676e85a155 C++: Re-enable the check. 2020-12-15 17:42:10 +00:00
Geoffrey White
94dea9f71d C++: Add a test of unknown format specifiers (with specsAreKnown check disabled). 2020-12-15 17:40:32 +00:00
Geoffrey White
4bf2f3af50 C++: Fix comment. 2020-12-15 10:15:41 +00:00
Geoffrey White
d7a92e581f Merge branch 'main' into swap 2020-12-14 17:54:11 +00:00
Geoffrey White
9c77d3c829 C++: Add AliasFunction model. 2020-12-14 17:52:02 +00:00
Geoffrey White
f9a7322d68 C++: Remove redundant check. 2020-12-14 17:16:16 +00:00
Geoffrey White
e02ebfb9bd C++: Add extra cases to Allocation / Deallocation. 2020-12-14 14:00:36 +00:00
Robert Marsh
a404ca66d1 C++: fix typo 2020-12-11 16:16:19 -08:00
Robert Marsh
89a59d5f1a C++: comments about shared Operand IPA type 2020-12-11 15:52:07 -08:00
Robert Marsh
1e08c11d40 C++: Share Operand IPA type across IR stages 2020-12-11 14:47:25 -08:00
Robert Marsh
af180d430e Merge pull request #4805 from geoffw0/sscanf 
C++: Refine examples and tests for cpp/memory-unsafe-function-scan (experimental) query
 2020-12-11 12:42:11 -08:00
Robert Marsh
0210c1f721 Merge pull request #4783 from geoffw0/modelchanges4 
C++:  More use of set literals.
 2020-12-10 15:24:50 -08:00
Geoffrey White
b79ca4535a C++: Undo the iterator.qll change. Notice that it was 'and' not 'or'. 2020-12-10 18:29:39 +00:00
Geoffrey White
c5592a1ed7 C++: New experimental query. 2020-12-10 16:46:09 +00:00
Geoffrey White
3bef0e5c00 C++: Implement a general model. 2020-12-09 18:53:49 +00:00
Geoffrey White
80db155d54 C++: Fix example and test. 2020-12-09 16:46:48 +00:00
Geoffrey White
d08efb4e47 C++: Combine the member swap models. 2020-12-08 19:50:13 +00:00
Geoffrey White
4a81d36309 C++: Move all of the swap models into Swap.qll. 2020-12-08 18:19:43 +00:00
Geoffrey White
e18f290864 C++: Correct comment. 2020-12-08 16:55:19 +00:00
james
da16fad0f1 Merge branch 'rc/1.26' into 126-mergeback 2020-12-08 09:26:12 +00:00
Geoffrey White
ef131d3951 C++: Fix StandardDeallocationFunction. 2020-12-07 18:52:35 +00:00
Geoffrey White
281b56b2ae C++: Add comments to the Allocation and Deallocation libraries indicating where the functions come from. 2020-12-07 18:52:03 +00:00
Geoffrey White
998eaf90ee C++: Run through updated autoformat. 2020-12-04 18:53:24 +00:00
Jonas Jensen
bc340e210b Merge pull request #4745 from ihsinme/main 
CPP: Add query for CWE-191 into experimental this reveals a dangerous comparison
 2020-12-04 18:00:41 +01:00
Jonas Jensen
9cf318b72c C++: Autoformat the new query 
Tweak whitespace, also in the alert message.
 2020-12-04 13:27:07 +01:00
Jonas Jensen
bf88df8134 C++: CRLF -> LF line endings 2020-12-04 13:25:32 +01:00
Jonas Jensen
b4be72268d Merge pull request #4722 from rdmarsh2/rdmarsh2/cpp/range-analysis-overflow-perf 
C++: Filter out lower bounds on overflowing exprs
 2020-12-04 08:29:21 +01:00
ihsinme
69ed608a11 Update UnsignedDifferenceExpressionComparedZero.ql 2020-12-04 09:47:11 +03:00
Robert Marsh
b45f7846db C++: autoformat 2020-12-03 15:48:42 -08:00