codeql

mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00

Author	SHA1	Message	Date
Geoffrey White	13b15d9bcd	C++: Model swap.	2020-09-24 18:38:27 +01:00
Geoffrey White	6119bf3430	C++: Model begin and end.	2020-09-24 18:38:27 +01:00
Geoffrey White	25e0c680c6	C++: Model insert.	2020-09-24 18:38:27 +01:00
Geoffrey White	0dca7f81bc	C++: Model std::swap.	2020-09-24 15:49:33 +01:00
Geoffrey White	49f9a76c54	C++: Add tests for std::map and std::unordered_map.	2020-09-24 15:19:39 +01:00
Geoffrey White	71a605b7d9	C++: Add tests for std::pair.	2020-09-23 18:43:28 +01:00
Robert Marsh	e28a45b8e6	Merge branch 'main' into rdmarsh2/cpp/output-iterators-1 Resolve test output conflicts from IR model improvements	2020-09-22 11:17:38 -07:00
Geoffrey White	e836bae20f	C++: Tidy up test stl.h a little.	2020-09-22 13:21:50 +01:00
Jonas Jensen	5cbf498a2d	Merge pull request #4302 from MathiasVP/fix-field-conflation-after-4230 C++: Fix field conflation after #4230	2020-09-22 10:23:17 +02:00
Robert Marsh	772a51508f	C++: Update test comment	2020-09-21 16:19:41 -07:00
Robert Marsh	9e3bfe1968	C++: Fix iterator flow context sensitivity	2020-09-21 16:17:16 -07:00
Robert Marsh	913881b17b	C++: Add test for iterator false positive	2020-09-21 16:15:24 -07:00
Mathias Vorreiter Pedersen	873e871620	C++: Handle more cases in arrayReadStep.	2020-09-21 14:35:37 +02:00
Mathias Vorreiter Pedersen	62d42f20d9	C++: use(x) is no longer an array read.	2020-09-21 12:46:03 +02:00
Mathias Vorreiter Pedersen	49dd576352	C++: Add more tests	2020-09-21 10:59:16 +02:00
Robert Marsh	bc3e74f7d6	Merge branch 'main' into rdmarsh2/cpp/ir-qualifier-flow Fix test conflicts	2020-09-18 15:40:43 -07:00
Robert Marsh	12be90a6af	C++: remove unneeded cast	2020-09-18 15:00:01 -07:00
Mathias Vorreiter Pedersen	53da751b15	C++: Accept tests	2020-09-18 17:12:27 +02:00
Mathias Vorreiter Pedersen	b40941b89c	C++: Add test demonstrating field conflation after merging #4230	2020-09-18 13:23:23 +02:00
Jonas Jensen	c67605f15c	Merge pull request #4230 from MathiasVP/mathiasvp/array-field-flow C++: Replace `field -> object` taint rule with `ArrayContent` dataflow	2020-09-18 10:56:51 +02:00
Mathias Vorreiter Pedersen	3ef6e8a580	Merge pull request #4283 from geoffw0/stringstream4 C++: Model getline	2020-09-18 10:17:47 +02:00
Robert Marsh	3a83cc71fe	C++: use qualifier flow in more models	2020-09-17 18:03:02 -07:00
Robert Marsh	556ace004f	C++: use qualifiers in string constructor model	2020-09-17 17:39:50 -07:00
Robert Marsh	6b7b64d7be	C++: IR data and taint flow through qualifiers	2020-09-17 17:10:11 -07:00
Robert Marsh	f73ff988e0	C++: improve cast and ptr handling in taint test	2020-09-17 16:55:36 -07:00
Geoffrey White	5cc11f1c44	C++: Additional model for 'this' flow through chains.	2020-09-17 14:12:30 +01:00
Geoffrey White	73399cb5f7	C++: Model GetLine.	2020-09-17 14:05:43 +01:00
Geoffrey White	2c15e6f934	C++: Add test cases.	2020-09-17 13:43:07 +01:00
Mathias Vorreiter Pedersen	63afe1da78	Merge pull request #4276 from geoffw0/stringstream3 C++: More stringstream models.	2020-09-17 14:19:52 +02:00
Geoffrey White	4d6125841d	C++: Clean up multiply defined functions.	2020-09-17 11:48:26 +01:00
Robert Marsh	691d0f3fb2	Merge branch 'main' into rdmarsh2/cpp/output-iterators-1 Fix merge conflict in test expectations	2020-09-16 13:52:59 -07:00
Robert Marsh	44c5233459	C++: accept test output	2020-09-16 12:49:15 -07:00
Robert Marsh	fa0e27b2de	C++: move interprocedural iterator flow to taint	2020-09-16 12:34:52 -07:00
Geoffrey White	86404af501	Merge pull request #4270 from MathiasVP/mathiasvp/single-field-flow-fix-cwe190test C++: Use underlying type when checking whether a type is a single-field struct.	2020-09-16 17:21:07 +01:00
Geoffrey White	c4de071a4c	C++: Flow through swap.	2020-09-16 13:39:07 +01:00
Geoffrey White	eb7bd6e176	C++: Flow through putback.	2020-09-16 13:39:07 +01:00
Geoffrey White	7cc60a30a6	C++: Flow through get, peek, read, readsome.	2020-09-16 13:36:41 +01:00
Geoffrey White	56390c1aef	C++: Flow through operator>>.	2020-09-16 13:32:13 +01:00
Mathias Vorreiter Pedersen	7b456d6162	Merge branch 'main' into mathiasvp/array-field-flow	2020-09-16 10:45:31 +02:00
Mathias Vorreiter Pedersen	c8a3baf356	Merge pull request #4272 from jbj/dataflow-partial-access C++: Add AST flow through arrays	2020-09-16 09:29:39 +02:00
Matthew Gretton-Dann	795bf0d93c	Update tests for extractor changes with ctors	2020-09-15 17:58:37 +01:00
Jonas Jensen	78560833a1	C++: Add a test distilled from real code Author: @rvermeulen. The consistency warnings go away because `sink` is defined with a body in this file.	2020-09-15 16:24:37 +02:00
Jonas Jensen	bdce24735c	C++: Add flow through arrays This works by adding data-flow edges to skip over array expressions when reading from arrays. On the post-update side, there was already code to skip over array expressions when storing to arrays. That happens in `valueToUpdate` in `AddressFlow.qll`, which needed just a small tweak to support assignments with non-field expressions at the top-level LHS, like `*a = ...` or `a[0] = ...`. The new code in `AddressFlow.qll` is copy-pasted from `EscapesTree.qll`, and there is already a note in these files saying that they share a lot of code and must be maintained in sync.	2020-09-15 14:46:11 +02:00
Jonas Jensen	27b8dc2b13	C++: Add tests for flow through arrays	2020-09-15 14:19:34 +02:00
Mathias Vorreiter Pedersen	0ba72c6685	C++: Accept changes.	2020-09-15 12:49:22 +02:00
Mathias Vorreiter Pedersen	d18dd5ab09	C++: Add testcase demonstrating the underlying problem in `6ca9c449af`.	2020-09-15 12:32:15 +02:00
Jonas Jensen	25412da845	Merge pull request #4253 from geoffw0/stringstream2 C++: Model more stringstream features	2020-09-15 12:19:26 +02:00
Robert Marsh	5f2cafc4f5	C++: Interprocedural iterator flow	2020-09-14 14:36:19 -07:00
Mathias Vorreiter Pedersen	0c14e2b69a	C++: Fix annotations in taint.cpp	2020-09-14 23:08:50 +02:00
Mathias Vorreiter Pedersen	7cd6137b34	Merge branch 'main' into mathiasvp/array-field-flow	2020-09-14 20:45:06 +02:00

... 4 5 6 7 8 ...

1602 Commits