hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

842 Commits

Author SHA1 Message Date
Ziemowit Laski
81bfbc250f [CPP-370] Forgot to update an .expected file. 2019-05-21 07:08:13 -07:00
Ziemowit Laski
ae55b7b643 [CPP-370] Add new test file for testing procedurally nested format 
argument violations.
 2019-05-21 07:08:13 -07:00
Ziemowit Laski
92054e2481 [CPP-370] Reformat test cases so that the .expect files line up with what was 
checked in initially.  Check for DataFlow::DefinitionByReferenceNode
          when computing isSource() for our taint analysis.
 2019-05-21 06:54:41 -07:00
Ziemowit Laski
098b6543f5 [CPP-370] Rewrite of NonConstantFormat.ql using the taint tracking library. 2019-05-21 06:51:47 -07:00
Ziemowit Laski
d8b8dda439 [CPP-370] First attempt at isAdditionalFlowStep(). 2019-05-21 06:45:52 -07:00
Ziemowit Laski
dbec17f85b [CPP-370] Tentative implementation of NonConstantFormat.ql using the global 
DataFlow library.  This is intended solely for further discussion.
 2019-05-21 06:23:51 -07:00
Ziemowit Laski
6025c03857 [CPP-370] Add nested.cpp test case, for nested calls to ...printf functions. 2019-05-21 06:21:12 -07:00
Ziemowit Laski
8faf95ec84 [CPP-370] Tentatively modify CWE consts.cpp file to play nice with the dataflow library. 2019-05-21 06:21:12 -07:00
Ziemowit Laski
b205951e6d [CPP-370] Reformat test cases so that the .expect files line up with what was 
checked in initially.  Check for DataFlow::DefinitionByReferenceNode
          when computing isSource() for our taint analysis.
 2019-05-21 06:18:31 -07:00
Ziemowit Laski
ed67c9fd5a [CPP-370] Rewrite of NonConstantFormat.ql using the taint tracking library. 2019-05-21 06:18:31 -07:00
Ziemowit Laski
fae55d5493 [CPP-370] First attempt at isAdditionalFlowStep(). 2019-05-21 06:18:30 -07:00
Ziemowit Laski
775861c386 [CPP-370] Minor textual tweaks. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
de10598dd6 [CPP-370] NonConstantFormat.expected changed for some reason. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
ffddc5bff6 [CPP-370] Update the NonConstantFormat.expected result template. 2019-05-21 06:18:30 -07:00
Ziemowit Laski
0c86d4c112 [CPP-370] Tentative implementation of NonConstantFormat.ql using the global 
DataFlow library.  This is intended solely for further discussion.
 2019-05-21 06:18:30 -07:00
Robert Marsh
e899120270 C++: replace getType().getUnspecifiedType() 2019-05-20 15:08:28 +01:00
Jonas Jensen
93658038bc C++: Use a smaller double literal in test 
This number got rounded differently on Linux and Windows, causing the
Windows test to fail.
 2019-05-03 09:06:10 +02:00
Jonas Jensen
3905cf70f4 Merge pull request #1255 from geoffw0/wrongtypeformatmore 
CPP: WrongTypeFormatArguments.ql Improvements
 2019-05-02 09:17:21 +02:00
Jonas Jensen
dcbf70f616 Merge pull request #1279 from geoffw0/large-parameter 
CPP: Tests and changes for LargeParameter.ql
 2019-05-02 09:15:57 +02:00
Jonas Jensen
9d15e67f3c C++: Use variableAccessedAsValue in LargeParameter 
Using `variableAccessedAsValue` fixes a FP because we can now
distinguish modifications to the parameter from modifications to data
_reachable from_ the parameter.
 2019-05-01 13:58:55 +01:00
Geoffrey White
60494fd6d5 CPP: Subtle test case. 2019-05-01 13:17:11 +01:00
Geoffrey White
2ef3cc30c0 CPP: Fix for functions with no definition. 2019-05-01 13:17:11 +01:00
Geoffrey White
6f2274aa5e CPP: Another test case. 2019-05-01 13:17:10 +01:00
Geoffrey White
32b6e9bd3c CPP: Exclude cases where the parameter is written to. 2019-05-01 13:17:10 +01:00
Geoffrey White
54c766c622 CPP: Add more test cases for LargeParameter.ql. 2019-05-01 13:17:10 +01:00
Jonas Jensen
490dd0e8c0 Merge pull request #1245 from geoffw0/classesmanyfields 
CPP: Fix performance issues in ClassesWithManyFields.ql
 2019-05-01 13:58:28 +02:00
Geoffrey White
1ee28fa15b CPP: Add a test cases that uses restrict. 2019-05-01 11:12:07 +01:00
Geoffrey White
a749b5b6d1 CPP: Improve WrongTypeFormatArguments logic when there is more than one possible expected argument type. 2019-05-01 11:12:06 +01:00
Geoffrey White
ac277ad7ad CPP: Fix %I length specifier. 2019-05-01 11:12:06 +01:00
Geoffrey White
98c3e1475e CPP: Add test cases of %I64 and similar. 2019-05-01 11:12:06 +01:00
Geoffrey White
3a0dfbd00f CPP: Normalize test cases between some of the WrongTypeFormatArguments tests. 2019-05-01 11:12:06 +01:00
Geoffrey White
efa3c77db5 CPP: Additional test cases. 2019-05-01 10:58:03 +01:00
Geoffrey White
89c26ca394 CPP: Rewrite the VDE grouping in ClassesWithManyField.ql to be more performant (and modern). 2019-05-01 10:35:59 +01:00
Jonas Jensen
40aea2f76d C++: Shorten alert message 
We don't write the reason for the alert in the alert message.
 2019-05-01 08:33:36 +02:00
Jonas Jensen
e38ac9f88a C++: suppress alerts in tightly bounded loops 2019-05-01 08:33:35 +02:00
Jonas Jensen
54091e87fa Merge pull request #1136 from zlaski-semmle/cpp340a 
[CPP-340] Refinements to FutileParams.ql etc.
 2019-05-01 08:21:35 +02:00
Ziemowit Laski
17066cfe3e [CPP-340] Adjust annotations in test.c file. 2019-04-30 13:21:36 -07:00
Ziemowit Laski
be77eb7367 [CPP-340] Add new test cases to test.c; this required the .expected 
files to be regenerated.
 2019-04-29 15:30:28 -07:00
Ziemowit Laski
4a760b1561 [CPP-340] Delete ArgumentsToImplicit.ql and associated files. 
Reduce MistypedFunctionArguments.ql precision to `medium`.
 2019-04-28 13:49:46 -07:00
Ziemowit Laski
ac58bdfc58 [CPP-340] For MistypedFunctionArguments.ql, add support for pointers to pointers and pointers to arrays. 2019-04-24 14:54:01 -07:00
Ziemowit Laski
62b030d27f [CPP-340] Add a fourth query, ArgumentsToImplicit.ql, to deal strictly with implicitly declared 
functions.  TooManyArguments.ql will now deal with explicitly declared/prototyped functions.
 2019-04-18 17:56:41 -07:00
Geoffrey White
57a4e52b47 CPP: Remove the overlap between these two queries. 2019-04-18 10:33:33 +01:00
Geoffrey White
ca6ba36d87 CPP: Unify and improve the MallocCall classes. 2019-04-18 10:30:18 +01:00
Geoffrey White
1ba8364c3b CPP: Add more test cases. 2019-04-18 10:28:34 +01:00
Geoffrey White
8856442f7f CPP: Add NoSpaceForZeroTerminator to the OverflowCalculated test. 2019-04-18 09:19:44 +01:00
Geoffrey White
12650f85c5 CPP: Rename a test file. 2019-04-18 09:16:55 +01:00
Robert Marsh
09d0548c81 Merge pull request #1237 from geoffw0/commentedoutcode2 
CPP: Fix FPs from detecting commented out preprocessor logic
 2019-04-16 10:31:42 -07:00
Geoffrey White
2d15163e30 CPP: Test of a comment inside #if 0. 2019-04-16 15:37:21 +01:00
Ziemowit Laski
b58f414ede [CPP-340] Add more test case; exclude K&R definitions of functions when looking 
up ()-declarations; refactor QL code.
 2019-04-12 17:25:33 -07:00
Geoffrey White
1e0e3192bb CPP: Restrict to #elif, #else, #endif. 2019-04-11 15:14:21 +01:00