hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

2579 Commits

Author SHA1 Message Date
Geoffrey White
7b88bf7617 CPP: Add a test. 2019-03-25 09:22:18 +00:00
Ziemowit Laski
29af56d21b [CPP-340] Refine the test query for mismatching args/params by applying 
C promotion rules.  The following issues are now flagged:
             (1) passing a larger type than the receiver can accept
                 (e.g., long long -> int)
             (2) passing a type of different signedness than the
                 parameter specified.
 2019-03-24 19:42:05 -07:00
Dave Bartolomeo
d20e5bc69c C++: IR construction for lambda expressions 
The IR construction code wasn't handling lambda expressions, so I added `TranslatedLambdaExpression`. It's pretty straightforward: it creates a temporary variable, initializes it with an `Uninitialized` instruction, then initializes the individual captured fields with the initializer list supplied in the AST.

When testing the case of a lambda with no captures, I noticed that we weren't handling initialization of empty structs with an initializer list correctly, so I fixed that along the way.

I was getting confused by the bad indentation for wrapped lines in
TranslatedInitialization.qll, so I fixed that up in a separate commit.
 2019-03-22 15:17:27 -07:00
Jonas Jensen
db8db8669b Merge pull request #1141 from geoffw0/newfreebug 
CPP: Fix a bug in NewFree.qll
 2019-03-21 17:22:00 +01:00
Jonas Jensen
552842346c C++: Fix special-casing of Qt library 
The `Expr.getType` predicate returns a pointer type since that's the
type of the `new`-expression as a whole. To find the class type, we use
`NewExpr.getAllocatedType`.

This commit reduces the number of alerts in a Qt snapshot from 229 to
51, and it removes the two false positives in
https://github.com/Subsurface-divelog/subsurface.
 2019-03-21 13:37:18 +01:00
Jonas Jensen
a59a9f6075 C++: Add test cases for Qt's QObject 
The Qt library requires client code to call `new` but not `delete`.
 2019-03-21 13:31:50 +01:00
Geoffrey White
867f357b36 CPP: Correct the test. 2019-03-21 10:57:44 +00:00
Ziemowit Laski
5a092d0fed [CPP-340] Create three QL queries: (1) mismatched argument types, 
(2) too few arguments and (3) too many arguments.
    Create new 'UnderspecifiedFunction' folders for both queries and tests.
 2019-03-20 19:42:51 -07:00
Geoffrey White
faeb326bf8 CPP: Use newer dataflow for the fix. 2019-03-20 15:47:48 +00:00
Geoffrey White
7d8886e30c CPP: Fix over-enthusiastic dataflow in allocExprOrIndirect. 2019-03-20 15:40:02 +00:00
Geoffrey White
ea7e8927fe CPP: Add a test similar to the false positive in arvidn/libtorrent. 2019-03-20 15:35:58 +00:00
Ziemowit Laski
2def0ee9c1 [CPP-340] Re-work QL query; treat undeclared C functions the same way as 
()-declared functions.
 2019-03-19 16:01:35 -07:00
Ziemowit Laski
0c350dc504 [CPP-340] Create QL query for function call argument count mismatches. 
Update QHELP file, test and test results.
 2019-03-19 16:00:02 -07:00
zlaski-semmle
241994d1f8 Merge pull request #1107 from zlaski-semmle/cpp355 
Updated query to look for Microsoft-specific '_alloca' and '_malloca'
Merge to Semmle/ql:master.
 2019-03-19 13:40:27 -07:00
Ziemowit Laski
09e729ff59 Turns out that '__builtin_alloca' takes 'unsigned long', not 'unsigned long long'; rename some parameters to align with C11 standard. 2019-03-19 13:27:14 -07:00
Ziemowit Laski
11ed4f3312 Change __builtin_alloca declaration to use an unsigned long long parameter. 2019-03-19 13:12:29 -07:00
Ziemowit Laski
ff3430d8d0 Use '// GOOD' and '// BAD' annotations for query diagnostics. 2019-03-19 12:29:38 -07:00
Max Schaefer
6fbf487524 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-2019-03-19 2019-03-19 14:09:03 +00:00
Jonas Jensen
a31794f20c Merge pull request #1129 from geoffw0/unusedstatic 
CPP: Add to UnusedStaticVariables tests.
 2019-03-19 14:16:30 +01:00
Jonas Jensen
111a462d16 C++: Recover some of the good results we lost 
My recent changes to suppress FPs in `ReturnStackAllocatedMemory.ql`
caused us to lose all results where there was a `Conversion` at the
initial address escape. We cannot handle conversions in general, but
this commit restores the good results for the trivial types of
conversion that we can handle.
 2019-03-19 11:09:58 +01:00
Jonas Jensen
d864df5b7f C++: Tests for new false negatives 2019-03-19 10:30:14 +01:00
Ziemowit Laski
566fdc3f70 Change names of parameters to memcpy(), as per Geoff. 2019-03-18 11:15:43 -07:00
Geoffrey White
73b7b980c8 CPP: Add to UnusedStaticVariables tests. 2019-03-18 16:43:48 +00:00
Nick Rolfe
8e9aeffdbc C++: accept test output from changes to extractor TRAP ordering 2019-03-18 10:44:18 +00:00
Jonas Jensen
6b1cd17009 C++: Fix FPs due to data flow Conversion handling 
Since we cannot track data flow from a fully-converted expression but
only the unconverted expression, we should check whether the address
initially escapes into the unconverted expression, not the
fully-converted one.

This fixes most of the false positives observed on lgtm.com.
 2019-03-16 20:50:27 +01:00
Jonas Jensen
1a7351ef6e C++: Add tests for three FPs observed on lgtm.com 2019-03-16 20:50:27 +01:00
Ziemowit Laski
2d5bdc85b0 Add 'restrict' support to the C++ test cases. 2019-03-14 12:12:45 -07:00
Ziemowit Laski
586aa0ae41 Updated query to look for Microsoft-specific '_alloca' and '_malloca' entry points. Added sundry positive and negative test cases. 2019-03-13 18:43:24 -07:00
Nick Rolfe
ac2dbbff13 C++: accept test output from extractor changes to template class decls 2019-03-13 16:38:24 +00:00
Jonas Jensen
028e61b71c Merge pull request #1101 from robertbrignull/merge/rc/1.20 
Merge rc/1.20 => master
 2019-03-13 16:36:55 +01:00
Kevin Backhouse
08d852fa94 Merge pull request #1048 from jbj/dataflow-link-targets 
C++: Data flow dispatch across link targets
 2019-03-13 12:39:59 +00:00
Robert Brignull
5380e1df68 Merge remote-tracking branch 'upstream/rc/1.20' into merge/rc/1.20 2019-03-13 10:55:30 +00:00
Dave Bartolomeo
b5a3edfdae C++: FunctionIR -> IRFunction 2019-03-12 11:28:22 -07:00
Max Schaefer
605f6bc6a6 Merge pull request #1082 from hvitved/merge-rc 
Merge rc/1.20 into master
 2019-03-12 13:49:12 +00:00
Tom Hvitved
c5450128be Merge branch 'rc/1.20' into merge-rc 2019-03-12 09:14:38 +01:00
Ziemowit Laski
75b4a6d6b3 [CPP-80] Provide kinder, gentler wording for messages (ClassesWithManyFields.{ql,qhelp}) 2019-03-11 16:16:05 -07:00
Robert Marsh
8a2a4678d8 C++: accept dataflow test change 2019-03-07 13:14:57 -08:00
Robert Marsh
17ad124c9e C++: remove VariableAddress from points_to test 2019-03-07 13:14:56 -08:00
Robert Marsh
7e30ce0c09 C++: add phi node support to escape analysis 2019-03-07 13:14:56 -08:00
Robert Marsh
97c11a5222 C++: points-to for argument-returning calls 2019-03-07 13:14:55 -08:00
Robert Marsh
c70bd285de C++: assume arguments to virtual functions escape 2019-03-07 13:14:49 -08:00
Robert Marsh
2c94a8887d C++: test for virtual functions in escape analysis 2019-03-07 13:14:49 -08:00
Robert Marsh
6089172554 C++: escape analysis for this parameters 2019-03-07 13:14:49 -08:00
Robert Marsh
466e110338 C++: add new interprocedural escape analysis 2019-03-07 13:14:48 -08:00
Robert Marsh
bd39698528 C++: test changes for interproc escape analysis 2019-03-07 13:14:48 -08:00
Jonas Jensen
57732ee6f9 Merge pull request #1008 from geoffw0/wprintf 
CPP: Clean up and fix FormattingFunction, FormatLiteral
 2019-03-06 15:08:29 +00:00
Geoffrey White
9f9712047c CPP: Add a few more tests of '%c'. 2019-03-06 10:23:45 +00:00
Jonas Jensen
80b0765618 C++: Make IR DataFlow dispatch use non-IR version 
This removes code duplication and ensures that the IR version also gets
the support for flow across link targets.
 2019-03-06 10:08:14 +01:00
Jonas Jensen
10ce13d1e9 C++: Tests for cross-target dispatch 2019-03-06 10:08:13 +01:00
Jonas Jensen
0a57767cc6 C++: Data flow through StmtExpr 2019-03-05 14:36:40 +01:00