hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

756 Commits

Author SHA1 Message Date
Robert Marsh
adfe5f30a1 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-02-18 08:42:27 -08:00
Jonas Jensen
a59c0facee C++: Accept test changes for IR libs 
This is for the tests in the ql repo. There are also changed tests in
the internal repo.
 2020-02-15 21:12:20 +01:00
Jonas Jensen
e95ebb25a5 C++: Ensure tainted_diff.ql keeps using old lib 
Without this, the test will compare the IR to itself after we enable it.
 2020-02-15 21:10:29 +01:00
Robert Marsh
7f69cdfb56 C++: Dynamic allocations in IR alias analysis 2020-02-07 16:37:36 -08:00
Robert Marsh
05c8610bbc C++: tests for alias analysis of malloc 2020-02-07 16:35:58 -08:00
Robert Marsh
d1d19a7446 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 
Update test expectations
 2020-02-07 12:24:05 -08:00
Robert Marsh
dac4f0fac0 Merge pull request #2763 from jbj/ir-VariableNode 
C++: DefaultTaintTracking perf fix for globals
 2020-02-06 18:54:14 -05:00
Robert Marsh
692207472a Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-02-06 11:42:30 -08:00
Jonas Jensen
2e883ab4b2 Merge pull request #2760 from geoffw0/defaulttainttest3 
C++: Emulate old security library's use of predictable more accurately.
 2020-02-06 13:47:27 +01:00
Geoffrey White
2dfeafac30 C++: Interaction with another PR. 2020-02-06 10:21:55 +00:00
Geoffrey White
851c1134f3 C++: Add 'strlen' back. 2020-02-06 10:17:37 +00:00
Geoffrey White
860d0aa42f C++: Remove single argument functions. 2020-02-06 10:17:37 +00:00
Jonas Jensen
a0e2d59c01 C++: Add tests for global-var support 2020-02-05 16:31:13 +01:00
Jonas Jensen
cdfcee3ae9 Merge remote-tracking branch 'upstream/master' into ir-crement-load 
Conflicts:
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_ir.expected
	cpp/ql/test/library-tests/ir/ssa/aliased_ssa_ir_unsound.expected
 2020-02-05 16:13:21 +01:00
Jonas Jensen
2928f9e5b2 Merge pull request #2703 from rdmarsh2/connect-ir-dataflow-models 
C++: IR dataflow through modeled functions
 2020-02-05 11:28:48 +01:00
Jonas Jensen
c77a921b06 Merge pull request #2695 from rdmarsh2/default-taint-tracking-diff-test 
C++: add diff tests for DefaultTaintTracking
 2020-02-04 20:57:55 +01:00
Robert Marsh
ac2e89317b C++: autoformat 2020-02-04 10:41:30 -08:00
Robert Marsh
861d5eb86b C++: update tests after merge 2020-02-04 10:29:52 -08:00
Robert Marsh
785d54ac67 Merge branch 'master' into default-taint-tracking-diff-test 2020-02-04 09:50:05 -08:00
Mathias Vorreiter Pedersen
0276c97b9c Merge pull request #2755 from jbj/BarrierGuard-SSA 
C++: Don't use GVN in AST DataFlow BarrierNode
 2020-02-04 12:00:12 +01:00
Jonas Jensen
b4385c6e60 C++: Don't use GVN in AST DataFlow BarrierNode 
It turns out that the evaluator will evaluate the GVN stage even when no
predicate from it is needed after optimization of the subsequent stages.
The GVN library is expensive to evaluate, and it'll become even more
expensive when we switch its implementation to IR.

This PR disables the use of GVN in `DataFlow::BarrierNode` for the AST
data-flow library, which should improve performance when evaluating a
single data-flow query on a snapshot with no cache. Precision decreases
slightly, leading to a new FP in the qltests.

There is no corresponding change for the IR data-flow library since IR
GVN is not very expensive.
 2020-02-04 08:40:36 +01:00
Robert Marsh
677f0f090a Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-02-03 13:06:35 -08:00
Robert Marsh
3bfcf0bf46 Merge branch 'master' into connect-ir-dataflow-models 2020-02-03 11:06:45 -08:00
Jonas Jensen
e2da98ae24 C++: Accept autoformat and test changes 2020-01-31 20:58:53 +01:00
Robert Marsh
83d611de11 C++: don't conflate pointers in data flow 2020-01-30 16:18:24 -08:00
Robert Marsh
4617940eee Merge branch 'master' into connect-ir-dataflow-models 2020-01-30 08:49:42 -08:00
Jonas Jensen
f0f752844e Merge remote-tracking branch 'upstream/master' into dbartol/Indirections 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll
	csharp/ql/src/semmle/code/csharp/ir/implementation/unaliased_ssa/internal/AliasAnalysis.qll
 2020-01-30 10:26:44 +01:00
Jonas Jensen
036e16af8b Merge remote-tracking branch 'upstream/master' into ir-crement-load 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll
 2020-01-30 09:07:30 +01:00
Jonas Jensen
c4d2163321 Merge pull request #2673 from aschackmull/ql/autoformat-comparisonterm 
Java/C++/C#: Autoformat comparison terms
 2020-01-30 08:47:50 +01:00
Robert Marsh
71d87be773 C++: add flow through partial loads in DTT 2020-01-29 17:51:42 -08:00
Dave Bartolomeo
6249446ba0 Merge remote-tracking branch 'upstream/master' into dbartol/Indirections 2020-01-29 17:29:44 -07:00
Robert Marsh
1472101613 Merge branch 'master' into rdmarsh/cpp/ir-flow-through-outparams 2020-01-29 14:44:29 -08:00
Robert Marsh
37570c7750 Merge pull request #2676 from jbj/dataflow-partial-chi 
C++: data flow through partial chi operands where type is known
 2020-01-29 13:44:06 -05:00
Jonas Jensen
52d2bebd1c C++: Taint through most partial chi operands 
This changes the flow to be taint rather than data flow, and it extends
it to include chi instructions with unknown type as long as they're not
for the `AliasedVirtualVariable`.

We're losing three good test results because these tests are not
affected by `DefaultTaintTracking.qll`. The taint step added here can
later be ported to `TaintTrackingUtil.qll` to recover these results, but
we probably want a better API than transitive-closure search through
instructions before doing that.
 2020-01-29 18:02:03 +01:00
Jonas Jensen
0436caecdc C++: Always use the old library for the diff test 
This change ensures that the diff test will show the difference between
the old and the new library even after we switch the default
implementation of `security.TaintTracking` to be the new one.
 2020-01-29 16:03:35 +01:00
Jonas Jensen
4a77f2b53c Merge remote-tracking branch 'upstream/master' into ir-crement-load 
Update test output to fix semantic merge conflict.
 2020-01-29 15:56:05 +01:00
Anders Schack-Mulligen
96e4a57edd C++: Autoformat. 2020-01-29 13:11:50 +01:00
Jonas Jensen
02cb8e9cc7 Merge remote-tracking branch 'upstream/master' into dataflow-partial-chi 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
 2020-01-29 13:03:40 +01:00
Jonas Jensen
27b5902258 Merge pull request #2707 from geoffw0/taint-format 
C++: Add TaintFunction model to FormattingFunction
 2020-01-29 08:20:34 +01:00
Dave Bartolomeo
60a0eff4d7 Merge remote-tracking branch 'upstream/master' into dbartol/Indirections 2020-01-28 12:06:43 -07:00
Dave Bartolomeo
542579de7f C++: Accept dataflow test changes due to new alias analysis 2020-01-28 10:58:27 -07:00
Mathias Vorreiter Pedersen
c1091a03d0 C++: Accept output 2020-01-28 17:38:35 +01:00
Mathias Vorreiter Pedersen
928b0c50d2 C++: Add test demonstrating false negative when using dynamic_cast 2020-01-28 17:31:53 +01:00
Geoffrey White
f02ffcbbd2 C++: Modify ParameterIndex to account for varargs. 2020-01-28 14:53:18 +00:00
Geoffrey White
d66f608d41 C++: Taint from FormattingFunction varargs. 2020-01-28 14:53:18 +00:00
Geoffrey White
8b215c155e C++: Correct a few test comments. 2020-01-28 14:51:46 +00:00
Mathias Vorreiter Pedersen
287af2bdec C++: Fix annotations in testcase file 2020-01-28 13:51:36 +01:00
Mathias Vorreiter Pedersen
611d9553dd C++: Fix formatting 2020-01-28 10:22:33 +01:00
Mathias Vorreiter Pedersen
130911ad44 C++: Accept new output in already existing test 2020-01-28 10:00:52 +01:00
Mathias Vorreiter Pedersen
fd79e7991d C++: Add tests demonstrating differences between AST virtual dispatch analysis and IR virtual dispatch analysis 2020-01-28 10:00:21 +01:00