hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

5805 Commits

Author SHA1 Message Date
ihsinme
fc9d219057 Update AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql 2021-01-26 23:50:54 +03:00
ihsinme
de0bbc8826 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-26 23:47:07 +03:00
Henning Makholm
54f00de3e0 Add "tests" fields to test qlpacks 
This will allow `codeql resolve tests --ignore-dubious-cases`
(and thus the VSCode extension) to recognize all `.ql` files in those
packs as test cases, even if they don't have accompanying `.expected`
files.

CLI versions prior to 2.1.0 will choke on this, but it's almost 10
months since that came out.
 2021-01-26 18:15:22 +01:00
Mathias Vorreiter Pedersen
04a3c3d29c Merge pull request #4953 from ihsinme/ihsinme-patch-207 
CPP: Add query for CWE-14 compiler removal of code to clear buffers.
 2021-01-26 18:13:18 +01:00
Mathias Vorreiter Pedersen
416aa49d99 C++: Capitalize alert message. 2021-01-26 17:24:03 +01:00
Remco Vermeulen
1834403148 Replace HTTP entity 
The code formatting operator correctly translate to HTTP entities.
 2021-01-26 14:14:42 +01:00
Remco Vermeulen
8c09032d1d Correct access specifier 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-26 13:23:43 +01:00
Remco Vermeulen
932ee968e0 Correct pointer to data member example 
The class `PointerToMemberType` is preceded by an example that doesn't define the variable `c` used to access a data member.
 2021-01-26 13:08:28 +01:00
Robert Marsh
44bc6d7fdb C++/C#: add NonPhiMemoryOperand union type 
This fixes a performance issue where the whole MemoryOperand table was
scanned in some predicates that used only NonPhiMemoryOperand
 2021-01-25 17:03:19 -08:00
Tom Hvitved
1c84455a6d Merge pull request #5003 from hvitved/csharp/remove-getaqlclass 
C#: Remove uses of `getAQlClass()`
 2021-01-25 10:57:04 +01:00
Jonas Jensen
1b3d69d617 Merge pull request #4784 from MathiasVP/mathiasvp/reverse-read-take-3 
C++: Support longer access paths in IR field flow
 2021-01-25 10:36:03 +01:00
Tom Hvitved
c235462f7d C++: Sync IRType.qll 2021-01-25 09:43:57 +01:00
ihsinme
b899229298 Add files via upload 2021-01-25 00:33:54 +03:00
ihsinme
9ae503a5a8 Add files via upload 2021-01-25 00:30:35 +03:00
ihsinme
20e19ec467 Add files via upload 2021-01-25 00:09:55 +03:00
ihsinme
9071ba2f99 Add files via upload 2021-01-25 00:06:19 +03:00
ihsinme
fcd532522d Add files via upload 2021-01-24 22:36:42 +03:00
ihsinme
20d1b24e9c Add files via upload 2021-01-24 22:35:11 +03:00
Mathias Vorreiter Pedersen
b4f9b1590d C++: Restore lost result on git/git. We lost the result in a00bd7ae02 because the added check for type T to type T* conversion didn't handle const qualifiers. 2021-01-22 14:20:18 +01:00
Mathias Vorreiter Pedersen
682b246441 C++: Fix path-problem format. 2021-01-22 13:40:44 +01:00
ihsinme
9c53e39394 Update CompilerRemovalOfCodeToClearBuffers.ql 2021-01-21 16:52:00 +03:00
Geoffrey White
d5d8b48218 C++: More accurate solution using Guards library. 2021-01-20 17:15:42 +00:00
Geoffrey White
439fe41b0a C++: Add a couple more test cases. 2021-01-20 15:33:32 +00:00
Mathias Vorreiter Pedersen
b0e255eb16 C++: Encapsulate skipSkippableInstructions in a module. 2021-01-20 15:45:37 +01:00
Mathias Vorreiter Pedersen
f12ebe88e6 Revert "C++: Replace SkippableInstruction with local flow steps." 
This reverts commit 258d04178f. This
change caused a ~20% performance regression.
 2021-01-20 15:43:24 +01:00
ihsinme
4c9de4574a Update CompilerRemovalOfCodeToClearBuffers.ql 2021-01-20 16:24:43 +03:00
Geoffrey White
d2dd19a293 C++: It turns out __assert_fail is special (see DefaultOptions.qll) so we don't need a body here. And the body was wrong. 2021-01-19 16:56:19 +00:00
Geoffrey White
fe4ae7e975 C++: General solution for functions that may exit. 2021-01-19 16:56:19 +00:00
Geoffrey White
8fa3ffe125 C++: Add a few more test cases that we don't recognize as OK. 2021-01-19 16:56:19 +00:00
Jonas Jensen
24947f27b4 Merge pull request #4750 from geoffw0/modelclasses 
C++: Model classes in StdString.qll.
 2021-01-19 12:51:30 +01:00
Geoffrey White
cff56350e0 C++: Fix getClassAndName parameter name. 2021-01-19 10:34:25 +00:00
Geoffrey White
b4a5346dc3 C++: It turns out .getTemplate() is not necessary. 2021-01-19 08:46:53 +00:00
Geoffrey White
f8a1fb1c35 C++: Apply the new pattern where it doesn't matter for performance as well, for consistency. 2021-01-19 08:46:53 +00:00
Geoffrey White
bfef1a200e C++: Apply the new pattern in other parts of StdString.qll where it matters. 2021-01-19 08:46:53 +00:00
Geoffrey White
b8e6ad8922 C++: Introduce new predicate for better performance in models. 2021-01-19 08:46:52 +00:00
Geoffrey White
a5632b272e C++: Fix performance issue in hasTaintFlow / hasDataFlow. 2021-01-19 08:46:52 +00:00
Mathias Vorreiter Pedersen
dcbae8b22b Fix code tag. 2021-01-15 19:47:09 +01:00
Geoffrey White
15089c4117 Merge branch 'main' into modelclasses 2021-01-14 15:57:02 +00:00
Geoffrey White
7012bc05a2 C++: Simplification. 2021-01-14 15:21:26 +00:00
Geoffrey White
54bd36def2 C++: Correct QLDoc comments. 2021-01-14 15:20:29 +00:00
Geoffrey White
13d0efe96d C++: Change to more natural expressions without use of weird predicates or 'any'. The classes for string objects now match instantiations directly rather than the template. 2021-01-14 15:02:51 +00:00
ihsinme
805352945e Update CompilerRemovalOfCodeToClearBuffers.ql 2021-01-14 17:27:58 +03:00
ihsinme
10ab1d9b54 Update CompilerRemovalOfCodeToClearBuffers.ql 2021-01-14 17:24:49 +03:00
ihsinme
cd0d2a5692 Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-14 17:21:19 +03:00
ihsinme
7f5e5fcb99 Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.qhelp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-14 17:19:57 +03:00
ihsinme
3e715ff52d Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.qhelp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-14 17:19:23 +03:00
ihsinme
0d0ea0c5e1 Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-14 17:17:56 +03:00
ihsinme
4ba4de3d41 Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.c 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-14 17:17:08 +03:00
ihsinme
76b768f7e0 Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.c 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-14 17:16:53 +03:00
ihsinme
4631658e5e Update cpp/ql/src/experimental/Security/CWE/CWE-14/CompilerRemovalOfCodeToClearBuffers.c 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-14 17:16:37 +03:00