codeql

mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00

Author	SHA1	Message	Date
Nora Dimitrijević	96e1536769	C++/SqlTainted	2025-10-28 09:42:17 +01:00
Nora Dimitrijević	ec63547925	C++/UseOfHttp	2025-10-28 09:42:03 +01:00
Nora Dimitrijević	a65d4d5997	C++/TaintedAllocationSize	2025-10-28 09:42:01 +01:00
Nora Dimitrijević	f3d51e0151	C++/ArithmeticUncontrolled	2025-10-28 09:41:57 +01:00
Nora Dimitrijević	1321cbb021	C++/DecompressionBombs	2025-10-28 09:41:55 +01:00
Nora Dimitrijević	bbe2bf2b7f	C++/CleartextTransmission	2025-10-28 09:41:52 +01:00
Nora Dimitrijević	b0180409f4	C++/CleartextFileWrite	2025-10-28 09:41:49 +01:00
Nora Dimitrijević	d89aa0f19d	C++/CleartextBufferWrite	2025-10-28 09:41:46 +01:00
Nora Dimitrijević	17b261a506	C++/AuthenticationBypass	2025-10-28 09:41:43 +01:00
Nora Dimitrijević	0ed27f4e81	C++/CleartextSqliteDatabase	2025-10-28 09:41:40 +01:00
Nora Dimitrijević	f7a1a4cf75	C++/NonConstantFormat	2025-10-28 09:41:38 +01:00
Nora Dimitrijević	2756e8255f	C++/UnboundedWrite	2025-10-28 09:41:35 +01:00
Nora Dimitrijević	a4ac0392a6	C++/OverflowDestination	2025-10-28 09:41:32 +01:00
Nora Dimitrijević	65d79ff6fc	C++/ExecTainted	2025-10-28 09:41:29 +01:00
Nora Dimitrijević	464f6cb096	C++/ConstantSizeArrayOffByOne	2025-10-28 09:41:26 +01:00
Nora Dimitrijević	ad31f1ab6d	C++/WordexpTainted Same file usees source and sink as endpoints	2025-10-28 09:39:19 +01:00
Simon Friis Vindum	d1ea1af945	C++: Make small trivial tweaks	2025-10-24 16:16:57 +02:00
Simon Friis Vindum	5709964fbf	C++: Simplify boundFromGuard The last disjunct in `boundFromGuard` is moved into `linearBoundFromGuard`. This avoids repeating the calculation for `boundValue`. `getBounds` and `getExprTypeBounds` are turned into predicates with result. Their middle argument was the "output" which was confusing.	2025-10-24 16:12:05 +02:00
Simon Friis Vindum	383e6a44aa	C++: Use `or` instead of `if` The proposition in the true branch implied the condition, so `or` is more appropriate. Also eliminated an existentially quantified variable.	2025-10-24 16:08:35 +02:00
Simon Friis Vindum	3af9885489	C++: Fix typos in tests	2025-10-24 16:04:34 +02:00
Simon Friis Vindum	17e0dec08a	C++: Add toString for RelationStrictness This helps for debugging.	2025-10-24 16:01:38 +02:00
Simon Friis Vindum	a0a6f288b5	Merge pull request #20645 from paldepind/cpp/range-analysis-measure C++: Range analysis measure bounds	2025-10-24 15:30:07 +02:00
Anders Schack-Mulligen	f257c7a570	Guards: Align the SSA signature with the one from shared SSA.	2025-10-23 10:23:22 +02:00
Anders Schack-Mulligen	8a3f62b9b6	Merge pull request #20558 from aschackmull/csharp/guards3 C#: Instantiate shared Guards and shared ControlFlowReachability and replace nullness	2025-10-23 08:43:14 +02:00
Simon Friis Vindum	f207404b0d	C++: Accept test changes	2025-10-21 16:03:12 +02:00
Simon Friis Vindum	0badcfd663	C++: Address review comments	2025-10-21 09:47:58 +02:00
Ben Rodes	2b683c210f	Merge branch 'main' into santander-java-crypto-check	2025-10-18 17:56:43 -04:00
Owen Mansel-Chan	66f95bcbcd	Merge pull request #20603 from owen-mc/update-broken-algo-qhelp Many languages: Update broken algo qhelp	2025-10-17 12:30:43 +01:00
Simon Friis Vindum	979b05cc1a	C++: Apply suggested fixes from review	2025-10-17 09:50:36 +02:00
Simon Friis Vindum	68d4240c26	C++: Add change note	2025-10-16 15:56:11 +02:00
Simon Friis Vindum	9502d83f2c	C++: Add debug predicates	2025-10-16 15:05:48 +02:00
Simon Friis Vindum	c1f0f3da96	C++: Handle guard phi nodes differently	2025-10-16 15:05:46 +02:00
Simon Friis Vindum	99103a5741	C++: Add additional test for range analysis	2025-10-16 15:05:45 +02:00
Simon Friis Vindum	8896a7210b	C++: Add number of bounds test to simple range analysis	2025-10-16 15:05:44 +02:00
Simon Friis Vindum	7eacd87343	C++: Apply widening based on number of bounds measure	2025-10-16 15:05:42 +02:00
Simon Friis Vindum	70a8c4f37f	C++: Add range analysis examples that explode	2025-10-15 11:42:17 +02:00
Simon Friis Vindum	8aaf9f696a	C++: Factor out widening of bounds	2025-10-15 11:11:45 +02:00
github-actions[bot]	6dd07790ac	Post-release preparation for codeql-cli-2.23.3	2025-10-14 11:16:33 +00:00
Henry Mercer	17352a101d	Rephrase C++ BMN changelog note	2025-10-14 11:13:23 +01:00
Henry Mercer	9466279909	Prefer code quotes for BMN	2025-10-14 11:10:42 +01:00
github-actions[bot]	33542f7d40	Release preparation for version 2.23.3	2025-10-14 09:30:24 +00:00
$REDMOND\brodes$ REDMOND\brodes	cf88e3f52d	Crypto: Standardize naming where use of "family" and "type" have been used. Prefer 'type'.	2025-10-08 09:54:53 -04:00
Owen Mansel-Chan	0bcdb91639	Improve qhelp for broken crypto algo queries Previously it focussed too much on the risk of data being decrypted, and didn't explain why using weak algorithms is a problem in other contexts.	2025-10-08 14:10:54 +01:00
Ian Lynagh	791a92b146	C++: Add a changenote for C/C++ BMN GA	2025-10-07 17:32:36 +01:00
Nicolas Will	378eb18db5	Merge branch 'main' into jca_signature_extensions	2025-10-06 14:50:15 +02:00
$REDMOND\brodes$ REDMOND\brodes	f4fea6d635	Crypto: Fix consistency update with "other" vs "unknown" naming convetions for openssl.	2025-10-03 12:10:48 -04:00
Anders Schack-Mulligen	fad49ffbfb	C++: Accept qltest change (useless guard tautology removed).	2025-10-03 15:59:54 +02:00
Jeroen Ketema	7807804f4d	Merge pull request #20573 from MathiasVP/fix-bad-magic-on-get-file C++: Fix bad magic on `Element.getFile`	2025-10-03 01:21:32 +02:00
Nicolas Will	4901cdf929	Crypto: Refactor and change casts to `super`	2025-10-02 18:43:38 +02:00
Mathias Vorreiter Pedersen	bc0b87632d	C++: Fix bad magic on `Element.getFile` when running on InconsistentCheckReturnNull.qll: Evaluated non-recursive predicate Element::Element.getFile/0#dispred#536cb5f3#bb@f6f5329i in 182326ms (size: 50437). Evaluated relational algebra for predicate Element::Element.getFile/0#dispred#536cb5f3#bb@f6f5329i with tuple counts: 2029351 ~0% {2} r1 = SCAN `Expr::Expr.getLocation/0#dispred#0a3d90c6` OUTPUT In.1, In.0 2029351 ~0% {2} \| JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` ON FIRST 1 OUTPUT Rhs.1, Lhs.1 1168789 ~0% {2} \| JOIN WITH `InconsistentCheckReturnNull::assertInvocation/2#b2a4c9e3_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1 5533128288 ~0% {3} \| JOIN WITH `Location::Location.getContainer/0#9edabfb6_10#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0 50413 ~0% {2} \| JOIN WITH `Element::Element.getLocation/0#dispred#6c3f5b09#bf` ON FIRST 2 OUTPUT Lhs.0, Lhs.2 3043 ~0% {2} r2 = JOIN `project#InconsistentCheckReturnNull::relevantFunctionCall/2#d18cd566` WITH `Expr::Expr.getLocation/0#dispred#0a3d90c6` ON FIRST 1 OUTPUT Rhs.1, Lhs.0 3043 ~0% {2} r3 = JOIN r2 WITH locations_default ON FIRST 1 OUTPUT Rhs.4, Lhs.1 1945 ~3% {2} \| JOIN WITH `InconsistentCheckReturnNull::assertInvocation/2#b2a4c9e3_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1 9106248 ~2% {3} \| JOIN WITH `Location::Location.getContainer/0#9edabfb6_10#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0 0 ~0% {2} \| JOIN WITH `Element::Element.getLocation/0#dispred#6c3f5b09#bf` ON FIRST 2 OUTPUT Lhs.0, Lhs.2 3043 ~0% {3} r4 = JOIN r2 WITH locations_default ON FIRST 1 OUTPUT _, Lhs.1, Rhs.4 3043 ~0% {2} \| REWRITE WITH Tmp.0 := 1, Out.0 := (In.2 + Tmp.0) KEEPING 2 2013 ~0% {2} \| JOIN WITH `InconsistentCheckReturnNull::assertInvocation/2#b2a4c9e3_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1 9621327 ~0% {3} \| JOIN WITH `Location::Location.getContainer/0#9edabfb6_10#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0 24 ~3% {2} \| JOIN WITH `Element::Element.getLocation/0#dispred#6c3f5b09#bf` ON FIRST 2 OUTPUT Lhs.0, Lhs.2 50437 ~0% {2} r5 = r1 UNION r3 UNION r4 return r5	2025-10-02 17:36:21 +01:00

1 2 3 4 5 ...

13934 Commits