hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,676 Commits 1,672 Branches 157 Tags
yo-h/java15
Commit Graph

5006 Commits

Author SHA1 Message Date
Geoffrey White
6b5f4d9e12 Merge branch 'master' into av114 2020-04-01 18:23:21 +01:00
Geoffrey White
7a98919879 C++: Add a non-standard swap to taint tests. 2020-04-01 17:14:38 +01:00
Geoffrey White
d71098d178 Merge branch 'master' into opnew 2020-04-01 15:00:26 +01:00
Jonas Jensen
9a55d42639 C++: QLDoc in DefaultTaintTracking 
These docs are mostly copied and adapted from
`DefaultTaintTrackingImpl.qll`.
 2020-04-01 15:30:31 +02:00
Geoffrey White
119d4a40a0 C++: Fix unintended consequence in IR. 2020-04-01 14:29:28 +01:00
Mathias Vorreiter Pedersen
fa7dc32dee C++: Remove dependency on implementation of models in TranslatedCall 2020-04-01 14:46:52 +02:00
Tom Hvitved
42e180d6c4 Merge pull request #3060 from aschackmull/dataflow/no-param-to-same-param-flow 
Dataflow: Exclude param-param flow through with identical params.
 2020-04-01 09:42:12 +02:00
Robert Marsh
b579e6aabe C++: accept consistency test output 2020-03-31 12:56:52 -07:00
Robert Marsh
25f3f67c4a Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Fixes test conflicts and reveals a bug in parameter handling
 2020-03-31 12:54:00 -07:00
Mathias Vorreiter Pedersen
f06ae6e9de C++: Accept more test output 2020-03-31 19:49:04 +02:00
Geoffrey White
f430cf9d18 C++: Use hasGlobalName. 2020-03-31 18:11:09 +01:00
Mathias Vorreiter Pedersen
97061716f9 C++: Accept test output 2020-03-31 17:10:33 +02:00
Mathias Vorreiter Pedersen
291df97cd9 C++: Also add InitializeDynamicAllocation instruction for NewArrayExpr 2020-03-31 17:06:19 +02:00
Mathias Vorreiter Pedersen
b6f93746bf C++: Accept test output 2020-03-31 16:00:56 +02:00
Geoffrey White
aa13257c1b C++: Correct QLDoc. 2020-03-31 14:37:54 +01:00
Mathias Vorreiter Pedersen
94f5468504 C++: Accept tests 2020-03-31 13:56:47 +02:00
Mathias Vorreiter Pedersen
bd89ee13d1 C++: Add InitializeDynamicAllocation instruction to NewExpr and NewArrayExpr 2020-03-31 13:56:32 +02:00
Geoffrey White
a75e249112 C++: Autoformat test. 2020-03-31 12:55:45 +01:00
Geoffrey White
18e60fabaf C++: Model operator delete and operator delete[]. 2020-03-31 12:55:44 +01:00
Mathias Vorreiter Pedersen
688464a00f C++: Add testcases with new and accept output 2020-03-31 12:22:07 +02:00
Jonas Jensen
7b7ff1fb3a Merge pull request #3089 from geoffw0/sideeffect 
CPP: Add side effect models for strcpy and strcat.
 2020-03-31 12:11:04 +02:00
Geoffrey White
3b12d1adfd C++: Test getPlacementArgument(). 2020-03-31 11:06:21 +01:00
Geoffrey White
254c877d0a C++: Deduplicate AllocationExprs. 2020-03-31 11:05:50 +01:00
Geoffrey White
259f714d91 C++: Model operator new and operator new[]. 2020-03-31 11:02:52 +01:00
Geoffrey White
ef68bd6bf4 C++: Add a test of direct calls to operator new / operator dedelete. 2020-03-31 11:01:29 +01:00
Geoffrey White
aa49b35d2c C++: Add an explicit test of DeallocationFunction and DeallocationExpr as well. 2020-03-31 10:37:20 +01:00
Geoffrey White
0cb7d4c82d C++: Add an explicit test of AllocationFunction and AllocationExpr. 2020-03-30 20:28:21 +01:00
Geoffrey White
b634b59b9c C++: Merge the two allocators tests. 2020-03-30 18:52:12 +01:00
Jonas Jensen
531ef64c5d C++: Fix other copies of the argHasPostUpdate test 2020-03-30 17:45:53 +02:00
Jonas Jensen
dd322be238 C++: Remove noise from argHasPostUpdate check 
This consistency check seems to have value for AST data flow, but I've
disabled it on the IR for now.

This commit also includes two unrelated changes that seem to fix a
semantic merge conflict.
 2020-03-30 15:51:11 +02:00
Geoffrey White
6d6ad4a0ae Merge branch 'master' into sideeffect 2020-03-30 14:16:23 +01:00
Tom Hvitved
9fa9c10361 Merge pull request #2921 from aschackmull/dataflow/consistency-checks 
Java: Add data-flow consistency checks.
 2020-03-30 12:47:41 +02:00
Anders Schack-Mulligen
caf0d1528f Merge pull request #3155 from max-schaefer/add-module-comment 
Data flow: Add module doc comment for `TaintTrackingImpl.qll`
 2020-03-30 12:07:08 +02:00
Max Schaefer
e5e94e3357 Data flow: Add module doc comment for TaintTrackingImpl.qll 
Modelled after the correponding comment for `DataFlowImpl.qll`.
 2020-03-30 10:35:47 +01:00
Anders Schack-Mulligen
57c9277601 Merge pull request #3142 from MathiasVP/no-magic-in-parameterThroughFlowCand 
Data flow: No magic in returnFlowCallableCand
 2020-03-30 10:15:48 +02:00
Dave Bartolomeo
6b24e3c8be C++: Fix formatting 2020-03-29 08:18:05 -04:00
Mathias Vorreiter Pedersen
7fce4ce9d1 Include join order fix from #3142 2020-03-28 12:34:05 +01:00
Dave Bartolomeo
434e11c0c5 C++: Fix test output 2020-03-27 19:47:08 -04:00
Dave Bartolomeo
39dd9b7099 C++/C#: Fix formatting 2020-03-27 19:46:53 -04:00
Dave Bartolomeo
c3a6ca0d9a C++: Better support for complex numbers in IR and AST 
This PR adds better support for differentiating complex and imaginary floating-point types from real floating-point types, in both the AST and in the IR type system.

*AST Changes*
- Introduces the new class `TypeDomain`, which can be either `RealDomain`, `ImaginaryDomain` or `ComplexDomain`. "type domain" is the term used for this concept in the C standard, and I couldn't think of a better one.
- Introduces `FloatingPointType.getDomain()`, to get the type domain of the type.
- Introduces `FloatingPointType.getBase()`, to get the numeric base of the type (either 2 or 10).
- Introduces three new subtypes of `FloatingPointType`: `RealNumberType`, `ComplexNumberType`, and `ImaginaryNumberType`, which differentiate between the types based on their type domain. Note that the decimal types (e.g., `_Decimal32`) are included in `RealNumberType`.
- Introduces two new subtypes of `FloatingPointType`: `BinaryFloatingPointType` and `DecimalFloatingPointType`, which differentiate between the types based on their numeric base, independent of type domain.

*IR Changes*
- `IRFloatingPointType` now has two additional parameters: the base and the type domain.
- New test that ensures that C++ types get mapped to the correct IR types.
- New IR test that verifies the IR for some basic usage of complex FP types.
 2020-03-27 18:08:14 -04:00
Robert Brignull
90fad6f762 add code scanning suites 2020-03-27 17:03:23 +00:00
Jonas Jensen
710eb0cab9 C++: Replace "min = max" with "unique" 
With the new `unique` aggregate added to QL, we can express directly
what the "min = max" pattern emulates.

Replacing "min and max" with `unique` might in general lead to fewer
results, but that happens only in cases where the aggregate expression
has multiple values. For the three predicates changed in this commit,
that should only happen on malformed databases.
 2020-03-27 17:15:09 +01:00
Dave Bartolomeo
3039aaf4f3 C++: Fix test expectations for complex literals 2020-03-27 10:33:19 -04:00
Mathias Vorreiter Pedersen
5ba5791ec6 C++: Only allow flow through non-conflated chi instructions 2020-03-27 13:37:17 +01:00
Mathias Vorreiter Pedersen
580310f321 Merge branch 'master' into ir-flow-fields 2020-03-27 13:32:26 +01:00
Mathias Vorreiter Pedersen
7890a322c8 C++/C#/Java: Sync identical files 2020-03-27 11:51:38 +01:00
Mathias Vorreiter Pedersen
9ab8580ca7 Data flow: No magic in parameterThroughFlowCand 2020-03-27 11:51:10 +01:00
Jonas Jensen
95f116eb48 Merge branch 'DefaultTaintTracking-argv' into dataflow-indirect-args 2020-03-26 20:47:50 +01:00
Jonas Jensen
2801941ca2 C++: Never track flow out of an argv argument 
This change removes some duplicate results that will otherwise appear
due to https://github.com/Semmle/ql/pull/3123 and possibly
https://github.com/Semmle/ql/pull/2704.
 2020-03-26 20:40:16 +01:00
Dave Bartolomeo
7879dde8b8 Merge pull request #3097 from jbj/detect-conflated-memory 
C++: Implement Instruction.isResultConflated
 2020-03-26 14:52:47 -04:00