hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

1602 Commits

Author SHA1 Message Date
Matthew Gretton-Dann
9ff38ebeee C++: Update tests for new CTypedefType. 2019-09-23 13:57:50 +01:00
Robert Marsh
fd88f7a3ce Merge pull request #1884 from jbj/dataflow-addressof 
C++: Data flow through address-of operator (&)
 2019-09-19 09:15:43 -07:00
Jonas Jensen
307b92feed C++: Unknown template literals are constant 2019-09-19 10:23:26 +02:00
Jonas Jensen
e0d1da3b67 C++: Test for template enum constant CFG 2019-09-18 15:17:24 +02:00
Jonas Jensen
7d8396fa65 C++: Constant template pointer-to-member literals 2019-09-18 14:44:25 +02:00
Jonas Jensen
d644150ead C++: Test for template pointer-to-member CFG 2019-09-18 14:30:18 +02:00
Jonas Jensen
0f2731064d C++: Annotate tellDifferent with template status 
This is helpful for turning real-world cases into test cases.
 2019-09-18 14:23:52 +02:00
Jonas Jensen
c90fd32a78 C++: Pointer-to-member-function is constant 2019-09-18 13:55:56 +02:00
Jonas Jensen
55edfe4224 C++: Test for pointer-to-member-function CFG 2019-09-18 13:37:52 +02:00
Jonas Jensen
e7d8fa4251 Merge pull request #1945 from geoffw0/more-tests 
CPP: Add a test of ConditionalDeclExpr.
 2019-09-18 11:11:16 +02:00
Geoffrey White
07e29bb627 CPP: Add a test of ConditionalDeclExpr. 2019-09-17 17:38:54 +01:00
Jonas Jensen
b2df18ab78 C++: Document tests better 
This addresses PR comments by @rdmarsh2.
 2019-09-17 13:17:25 +02:00
Jonas Jensen
ef601cf78e C++: Annotate changes in struct_init.c test 2019-09-17 13:16:36 +02:00
Jonas Jensen
fd6d06fe6f C++: Data flow through address-of operator (&) 
The data flow library conflates pointers and their objects in some
places but not others. For example, a member function call `x.f()` will
cause flow from `x` of type `T` to `this` of type `T*` inside `f`. It
might be ideal to avoid that conflation, but that's not realistic
without using the IR.

We've had good experience in the taint tracking library with conflating
pointers and objects, and it improves results for field flow, so perhaps
it's time to try it out for all data flow.
 2019-09-17 13:16:34 +02:00
Dave Bartolomeo
553238a9e8 Merge pull request #1922 from jbj/qlcfg-const-pointer-to-member 
C++: Add PointerToFieldLiteral class
 2019-09-13 10:44:52 -07:00
Jonas Jensen
7cfbe88e7b C++: IR DataFlow::Node.toString consistency 
The `toString` for IR data-flow nodes are now similar to AST data-flow
nodes. This should make it easier to use the IR as a drop-in replacement
in the future. There are still differences because the IR data flow
library takes conversions into account.

I did not attempt to align the new nodes we use for field flow. That can
come later, when we add field flow to IR data flow.
 2019-09-13 14:33:31 +02:00
Jonas Jensen
562bffe710 C++: Simplify toString of ImplicitParameterNode 
This string looked out of place compared to `ExplicitParameterNode`,
whose string is simply the name of the parameter and therefore
indistinguishable from an access to the parameter without looking at the
location also. This has not been a problem so far, and if we want to
distinguish more clearly between initial values and accesses at some
point, we should do it for `ExplicitParameterNode` and
`UninitializedNode` too.
 2019-09-13 14:33:26 +02:00
Tom Hvitved
f5cae9b6ea Merge pull request #1881 from aschackmull/java/pathgraph-nodes 
Java/C++/C#: Add nodes predicate to PathGraph.
 2019-09-13 10:32:47 +02:00
Anders Schack-Mulligen
61e4e61087 C++: Adjust qltest expected output. 2019-09-12 11:00:49 +02:00
Geoffrey White
120b0c0c2c CPP: Modernize the TemplateVariables test and have the TemplateVariables actually included in the scope of the test. 2019-09-11 17:14:05 +01:00
Jonas Jensen
ee16b239de C++: Add PointerToFieldLiteral class 
Marking these expressions as constants fixes the CFG discrepancies that
can be observed on the affected test and on snapshots of MySQL.
 2019-09-11 13:40:24 +02:00
Jonas Jensen
bd59029e2b C++: Add pointer-to-member test to syntax-zoo 
This test was inspired by problems observed in a MySQL snapshot. The
results show there are problems with both the QL CFG and the IR.
 2019-09-10 16:23:23 +02:00
Jonas Jensen
d6fba0ef46 C++: Don't create partial defs for calls to const 
These partial defs don't do any harm, but they could hurt performance.
In typical C++ snapshots, between 5% and 20% of all calls are to `const`
functions.
 2019-09-10 09:49:16 +02:00
Jonas Jensen
fd3615d120 C++: Show that there are too many partial defs 2019-09-10 09:44:07 +02:00
Geoffrey White
4283a1508d Merge pull request #1870 from jbj/autoformat-all 
C++: Autoformat everything
 2019-09-09 16:05:32 +01:00
Jonas Jensen
79f456e8bd Merge pull request #1905 from ian-semmle/mangling_more 
C++: Resolve all classes
 2019-09-09 16:48:30 +02:00
Geoffrey White
22e1715368 Merge pull request #1900 from jbj/dataflow-this-by-ref 
C++: Fix flow out of `this` by reference
 2019-09-09 11:15:32 +01:00
Jonas Jensen
4ef5c9af62 C++: Autoformat everything 
Some files that will change in #1736 have been spared.

    ./build -j4 target/jars/qlformat
    find ql/cpp/ql -name "*.ql"  -print0 | xargs -0 target/jars/qlformat --input
    find ql/cpp/ql -name "*.qll" -print0 | xargs -0 target/jars/qlformat --input
    (cd ql && git checkout 'cpp/ql/src/semmle/code/cpp/ir/implementation/**/*SSA*.qll')
    buildutils-internal/scripts/pr-checks/sync-identical-files.py --latest
 2019-09-09 11:25:53 +02:00
Jonas Jensen
b14b65ecf0 C++: Don't use deprecated predicates in test 
This made the `expected` file contain QL line numbers.
 2019-09-09 11:04:04 +02:00
Jonas Jensen
ea3d066661 C++: Add D.cpp, ported from D.java 
The original port of the Java field-flow tests did not include this
file. It's added here for completeness, and the results are the same as
for Java.
 2019-09-09 10:45:06 +02:00
Jonas Jensen
10b69358ae C++: Fix flow from this by ref. 2019-09-09 10:36:58 +02:00
Jonas Jensen
08b63d4342 C++: Test to show lack of flow from this by ref. 
The `test_nonMemberSetA` also shows how the lack of flow through `&` is
a problem for non-member getters, but that's addressed on a separate
branch.
 2019-09-09 10:36:11 +02:00
Jonas Jensen
d51e5212fb Merge remote-tracking branch 'upstream/master' into dataflow-TTwo 
Conflicts:
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
      cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
      cpp/ql/test/library-tests/dataflow/fields/flow.expected
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
      csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
      java/ql/src/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
 2019-09-08 21:08:43 +02:00
Ian Lynagh
4190a53574 C++: Update test output 2019-09-06 17:31:08 +01:00
Robert Marsh
94c625f03f Merge pull request #1777 from jbj/ast-field-flow-defbyref 
C++: Don't use definitionByReference for data flow
 2019-09-05 10:23:28 -07:00
Ian Lynagh
1d56407c72 C++: Pull some of library-tests/dataflow/dataflow-tests into clang.cpp 
g++ doesn't support this code:

    sorry, unimplemented: non-trivial designated initializers not supported
       twoIntFields sSwapped = { .m2 = source(), .m1 = 0 };

so we need to build it in clang mode.
 2019-09-05 15:12:17 +01:00
Jonas Jensen
114c2fe0d4 Merge remote-tracking branch 'upstream/master' into ast-field-flow-defbyref 2019-09-05 09:33:45 +02:00
Jonas Jensen
8579d7d1cf C++: Tests for aliasing of nested structs 
This test shows that local pointers into structs do propagate data flow
like pass-by-reference does in calls.
 2019-09-04 10:26:49 +02:00
Jonas Jensen
0e54709d47 Merge pull request #1859 from geoffw0/qldocpartialdef 
CPP: Document PartialDefinitions
 2019-09-04 09:54:55 +02:00
Jonas Jensen
067c55adb9 C++: Fix ConditionDeclExpr data flow 
Data flow probably never worked when a variable declared in a
`ConditionDeclExpr` was modeled with `BlockVar`. That combination did
not come up in testing before the last commit.
 2019-09-04 09:33:00 +02:00
Nick Rolfe
641232a9d7 Merge pull request #1855 from mgrettondann/cpp-343-lambda-names-simplification 
C++: Update tests for lambda description changes
 2019-09-03 11:45:50 +01:00
Jonas Jensen
d7681bf122 C++: Don't use definitionByReference for data flow 
The data flow library conflates pointers and objects enough for the
`definitionByReference` predicate to be too strict in some cases. It was
too permissive in other cases that are now (or will be) handled better
by field flow.

See also the change note entry.
 2019-09-03 11:49:01 +02:00
Geoffrey White
84da3e3431 CPP: Effect of 'Support nested field flow'. 2019-09-03 09:27:50 +01:00
Geoffrey White
8105d153b1 CPP: Add a test of PartialDefinitions. 2019-09-03 09:27:50 +01:00
Jonas Jensen
d3a6ae5657 C++: Support nested field flow 
This is the C/C++ side of PR #1766.
 2019-09-03 08:50:15 +02:00
Matthew Gretton-Dann
03eb1ff785 C++: Update taint-tests for changed lambda support 2019-09-02 15:18:27 +01:00
Jonas Jensen
b1be123e31 C#/C++/Java: Prettier AccessPath.toString 
The `ppReprType` predicate should now be `none()` instead of `result=""`
to signal that there is nothing to print. That seems clearer to me.
 2019-09-02 13:14:20 +02:00
Jonas Jensen
9f0f2f7c04 C++: Accept test changes 2019-09-02 13:14:17 +02:00
Jonas Jensen
e9a029cba3 C++: Local field flow using global library 
This commit removes fields from the responsibilities of `FlowVar.qll`.
The treatment of fields in that file was slow and imprecise.

It then adds another copy of the shared global data flow library, used
only to find local field flow, and it exposes that local field flow
through `localFlow` and `localFlowStep`.

This has a performance cost. It adds two cached stages to any query that
uses `localFlow`: the stage from `DataFlowImplCommon`, which is shared
with all queries that use global data flow, and a new stage just for
`localFlowStep`.
 2019-09-02 11:17:27 +02:00
Jonas Jensen
4f57f37b31 C++: Test to show false flow through object copy 2019-09-02 11:16:48 +02:00