hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

2579 Commits

Author SHA1 Message Date
Dave Bartolomeo
90b79eb5f3 C++: Accept GVN test expectations with Chi nodes 2018-11-27 12:56:23 -08:00
Geoffrey White
7107cec503 CPP: Add test cases. 2018-11-27 17:20:14 +00:00
Dave Bartolomeo
2b9afe95e8 C++: Accept test output after rebase 2018-11-26 12:08:19 -08:00
Robert Marsh
799eb06eea C++: add AliasedDefinition for aliased SSA 2018-11-26 12:08:19 -08:00
Robert Marsh
3ee033d96e C++: IR sanity fixes for Chi nodes 2018-11-26 12:08:19 -08:00
Robert Marsh
b401cd97f2 C++: use UnmodeledDefinition in UnmodeledUse 2018-11-26 12:08:19 -08:00
Robert Marsh
927f935e62 C++: hook ChiInstructions into the operand graph 2018-11-26 12:08:19 -08:00
Robert Marsh
a33b59103a C++: insert Chi nodes in the IR successor relation 
This commit adds Chi nodes to the successor relation and accounts for
them in the CFG, but does not add them to the SSA data graph. Chi nodes
are inserted for partial writes to any VirtualVariable, regardless of
whether the partial write reaches any uses.
 2018-11-26 12:08:18 -08:00
Dave Bartolomeo
1fb36ff7e7 C++: Add conservative side effects for function calls 2018-11-26 12:08:18 -08:00
Geoffrey White
f034abc275 CPP: Add the Semmle security tests. 2018-11-26 17:52:34 +00:00
Aditya Sharad
c20b688a3f Merge master into next. 2018-11-23 16:36:31 +00:00
Geoffrey White
e6dddd90b7 CPP: Add a test of FunctionPointerConversions.ql. 2018-11-23 10:31:36 +00:00
Geoffrey White
0a27022dd4 Merge pull request #523 from jbj/placement-new-never-freed 
C++: Detect non-allocating placement new in cpp/memory-never-freed
 2018-11-23 09:40:11 +00:00
Jonas Jensen
4ad59235d8 Merge pull request #524 from geoffw0/cpp-299 
CPP: Add (partial) dataflow to OverflowStatic.ql
 2018-11-23 08:46:07 +01:00
Geoffrey White
5d8e34a55f CPP: Add a test of NonConstFunctionPointer.ql. 2018-11-22 17:48:40 +00:00
Geoffrey White
ea56a5d9ce CPP: Add local dataflow to (one bit of) OverflowStatic.ql. 2018-11-22 15:49:13 +00:00
Geoffrey White
01ba635e1d CPP: Add some test cases involving dataflow. 2018-11-22 15:49:13 +00:00
Jonas Jensen
da26b4f856 C++: Accept test changes for IR 
This test was failing due to a semantic merge conflict between #509,
which added `UninitializedInstruction`, and #517, which added new test
code that would get `UninitializedInstruction`s in it after merging with #509.
 2018-11-22 13:52:33 +01:00
Jonas Jensen
75873bb4a6 C++: Detect non-allocating placement new 
This adds a `NewOrNewArrayExpr.getPlacementPointer` predicate and uses
it in `Alloc.qll` to detect when a `new`-expression is not an
allocation.

User-defined replacements for `operator new` may not be allocations
either, but the code continues to assume that they are. It's possible
that we want to change this assumption in the future or leave it up to
individual queries to decide on which side to err. It's hard to
statically tell whether `operator new` has been overloaded in a
particular file because it can be overloaded by a definition that is not
in scope but is only linked together with that file.
 2018-11-22 11:31:19 +01:00
Jonas Jensen
a17debac3e C++: Placement-new tests for MemoryNeverFreed.ql 2018-11-22 10:48:18 +01:00
Jonas Jensen
e062851709 Merge pull request #517 from dave-bartolomeo/dave/IRFilter 
C++: Don't generate IR for functions with bad ASTs
 2018-11-22 10:02:18 +01:00
Jonas Jensen
70e9d11fd2 Merge pull request #509 from dave-bartolomeo/dave/ConditionDeclExpr 
C++: IR support for ConditionDeclExpr
 2018-11-22 08:03:14 +01:00
Dave Bartolomeo
97fd7b46cc C++: Add tests for filtering bad ASTs 2018-11-21 16:39:08 -08:00
semmle-qlci
62db19bee7 Merge pull request #492 from geoffw0/offsetuse 
Approved by dave-bartolomeo
 2018-11-21 17:26:48 +00:00
ian-semmle
366934f884 Merge pull request #350 from geoffw0/cpp-205-detail 
CPP: Add detail to the CPP-205 test
 2018-11-21 13:30:53 +00:00
Jonas Jensen
4e2d40aad8 Merge pull request #484 from geoffw0/limitedscopefile 
CPP: Fix Limitedscopefile.ql
 2018-11-21 14:30:48 +01:00
Dave Bartolomeo
3715215b3f C++: Add IR support for ConditionalDeclExpr 
Also fixes several places in the library that weren't handling `ConditionalDeclExpr`  correctly.
 2018-11-21 00:14:44 -08:00
Dave Bartolomeo
07f9fe6ee4 C++: Add Uninitialized instruction for list-initialized variables 
This commit inserts an `Uninitialized` instruction to "initialize" a local variable when that variable is initialized with an initializer list. This ensures that there is always a definition of the whole variable before any read or write to part of that variable.

This change appears in a different form in @rdmarsh2's Chi node PR, but I needed to refactor the initialization code anyway to handle ConditionDeclExpr.
 2018-11-20 16:12:44 -08:00
Geoffrey White
9922e36590 CPP: Add missing file. 2018-11-20 16:55:10 +00:00
Jonas Jensen
33111b6b27 Merge pull request #498 from geoffw0/test-cleanup 
CPP: Clean up some test code.
 2018-11-20 14:44:52 +01:00
Geoffrey White
342164ff71 CPP: Clean up / normalize some test code. 2018-11-20 09:50:59 +00:00
Jonas Jensen
6c0305cb80 Merge pull request #495 from geoffw0/returnvalue 
CPP: Fix 'Missing return statement'
 2018-11-20 10:16:30 +01:00
Jonas Jensen
cc28d04ba7 Merge pull request #405 from geoffw0/selfcompare 
CPP: Fix false positives in PointlessSelfComparison.ql
 2018-11-20 09:25:10 +01:00
Geoffrey White
5cae65295d CPP: Fix FPs from AV Rule 114.ql. 2018-11-19 16:09:40 +00:00
Geoffrey White
d18a7012f5 CPP: Add a test case. 2018-11-19 16:08:32 +00:00
Geoffrey White
33130b9800 CPP: Apply recommended fix. 2018-11-19 14:39:28 +00:00
Geoffrey White
6a14748af8 CPP: Add recommended test. 2018-11-19 14:25:11 +00:00
Jonas Jensen
111df470c3 Merge pull request #485 from geoffw0/limitedscopefunction 
CPP: Fix Limitedscopefunction.ql
 2018-11-19 14:51:20 +01:00
Jonas Jensen
6d17642240 Merge pull request #476 from geoffw0/av_165 
CPP: Fix AV Rule 165
 2018-11-19 14:32:02 +01:00
Geoffrey White
e72505707b CPP: Check for a range check before the use. 2018-11-19 11:49:22 +00:00
Geoffrey White
6cdfaeea3c CPP: getAChild() -> getAChild*(). 2018-11-19 11:47:14 +00:00
Geoffrey White
01611d4d96 CPP: Add a test for OffsetUseBeforeRangeCheck.ql. 2018-11-19 11:47:14 +00:00
Geoffrey White
9f688eb7e2 CPP: Exclude variables that have non-function accesses. 2018-11-16 22:48:30 +00:00
Geoffrey White
2d07410f97 CPP: Exclude variables that are part of an interface. 2018-11-16 22:46:11 +00:00
Geoffrey White
b70c572e34 CPP: Add a test for LimitedScopeFunction. 2018-11-16 22:44:41 +00:00
Geoffrey White
e253ab54d7 CPP: Exclude variables that are part of an interface. 2018-11-16 22:38:16 +00:00
Geoffrey White
0e5d23e78b CPP: Add a test of LimitedScopeFile. 2018-11-16 22:37:30 +00:00
Geoffrey White
d1adc0e3ec CPP: Fix for explicitly cast expressions. 2018-11-14 19:43:24 +00:00
Geoffrey White
3028e85457 CPP: Add a test of AV Rule 164. 2018-11-14 19:40:29 +00:00
Geoffrey White
3f428a8876 CPP: Fix for explicitly cast expressions. 2018-11-14 19:11:56 +00:00