hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
29,908 Commits 1,671 Branches 157 Tags
z80coder/ATM-feature-optimisation
Commit Graph

426 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
177f94368e C++: Respond to review comments and accept test changes. 2020-10-30 15:59:39 +01:00
Mathias Vorreiter Pedersen
f3f9a044e0 C++: Accept more tests. 2020-10-29 13:55:45 +01:00
Dave Bartolomeo
5a6cd4aca9 Fix test expectations for new nodes and edges in path queries 2020-10-28 14:47:42 -04:00
Geoffrey White
a372578571 C++: Move the SizeCheck*.ql tests to the standard location. 2020-10-20 16:02:54 +01:00
Mathias Vorreiter Pedersen
e95aefe0b2 C++: Now that PrimaryArgumentNode is an OperandNode we want a specialized toString on it 2020-10-05 15:13:33 +02:00
Mathias Vorreiter Pedersen
d162c3d8c6 C++: Accept more test changes 2020-10-05 14:29:57 +02:00
Mathias Vorreiter Pedersen
072e1967c1 C++: Accept more tests 2020-10-02 15:51:29 +02:00
Mathias Vorreiter Pedersen
73cd5ceb80 C++: Accept tests. Due to the removal of overlap between the reads steps there are fewer repeated edges in path explanations. 2020-09-21 14:17:49 +02:00
Jonas Jensen
c67605f15c Merge pull request #4230 from MathiasVP/mathiasvp/array-field-flow 
C++: Replace `field -> object` taint rule with `ArrayContent` dataflow
 2020-09-18 10:56:51 +02:00
Mathias Vorreiter Pedersen
3520b86771 C++: Accept test changes. 2020-09-16 14:51:11 +02:00
Mathias Vorreiter Pedersen
7b456d6162 Merge branch 'main' into mathiasvp/array-field-flow 2020-09-16 10:45:31 +02:00
Mathias Vorreiter Pedersen
3005f252ca C++: Fix annotation 2020-09-15 13:34:50 +02:00
Mathias Vorreiter Pedersen
0ba72c6685 C++: Accept changes. 2020-09-15 12:49:22 +02:00
Geoffrey White
6ca9c449af C++: Add a test demonstrating the recent regression. 2020-09-14 17:55:20 +01:00
Geoffrey White
22097a9e13 C++: Add some CWE-190 tests I had lying around. 2020-09-14 14:39:02 +01:00
Mathias Vorreiter Pedersen
9659afdf09 C++: Accept more test changes 2020-09-08 22:25:33 +02:00
Jonas Jensen
fd0937eb01 C++: Accept improved IntegerOverflowTainted test 2020-08-18 16:47:29 +02:00
Mathias Vorreiter Pedersen
edc33b6516 C++: Add getOutputParameterIndex override to UserDefinedFormattingFunction and accept test changes 2020-07-15 14:46:08 +02:00
Mathias Vorreiter Pedersen
d711c22cd2 C++: Add testcase demonstrating lost query results 2020-07-15 14:42:45 +02:00
Geoffrey White
91b9b78c48 C++: Add a test case for CWE-114 involving pointers and references. 2020-06-10 14:09:46 +01:00
Jonas Jensen
ad292d8fb6 C++: Accept one more test change from last commit 2020-06-03 14:51:05 +02:00
Jonas Jensen
5f0d283212 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
The conflicts came from how `this` is now a parameter but not a
`Parameter` on `master`.

Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
	cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected
 2020-06-02 15:35:02 +02:00
Mathias Vorreiter Pedersen
bd97fe627c Merge branch 'master' into remove-field-conflation-from-ir-fieldflow 2020-05-27 17:08:19 +02:00
Jonas Jensen
bc09720704 Merge pull request #3479 from geoffw0/fp2762 
C++: Allow equality to block taint (security taint tracking)
 2020-05-25 15:11:10 +02:00
Mathias Vorreiter Pedersen
617ef32464 C++: Remove [FALSE POSITIVE] annotations 2020-05-21 02:22:57 +02:00
Mathias Vorreiter Pedersen
3c167125e5 C++: Accept test output 2020-05-20 18:18:34 +02:00
Geoffrey White
9babd5dc10 C++: Another positive effect of the change. 2020-05-20 12:49:01 +01:00
Jonas Jensen
486f06ab18 C++: Simplify field conflation test 
It turned out the `memcpy` step was not even necessary.
 2020-05-19 14:12:11 +02:00
Geoffrey White
edd09f09cd C++: Add test cases where several specific values are permitted. 2020-05-15 17:01:23 +01:00
Geoffrey White
48f3db3fbe Merge branch 'master' into fp2762 2020-05-15 09:55:30 +01:00
Geoffrey White
4a6021fb61 C++: Allow equality checking to block taint flow. 2020-05-14 18:32:38 +01:00
Jonas Jensen
a380dc113f C++: Test field conflation with array in struct 2020-05-14 16:29:39 +02:00
Geoffrey White
754d7f0be8 C++: More test cases for TaintedAllocationSize. 2020-05-14 15:23:31 +01:00
Jonas Jensen
1018eaff09 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
 2020-05-13 12:05:58 +02:00
Jonas Jensen
3a89f43cd6 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
 2020-05-11 14:44:17 +02:00
Jonas Jensen
bebd5ae36b C++: Call qualifiers are passed by reference 
After #3382 changed the escape analysis to model qualifiers as escaping,
there was an imbalance in the SSA library, where `addressTakenVariable`
excludes variables from SSA analysis if they have their address taken
but are _not_ passed by reference. This showed up as a missing result in
`TOCTOUFilesystemRace.ql`, demonstrated with a test case in #3432.

This commit changes the definition of "pass by reference" to include
call qualifiers, which allows SSA modeling of variables that have member
function calls on them.
 2020-05-11 09:39:48 +02:00
Geoffrey White
bff97d9fe5 C++: Effect of #3382. 2020-05-07 19:06:05 +01:00
Geoffrey White
6499197087 C++: Add a test of TOCTOUFilesystemRace.ql. 2020-05-07 19:03:32 +01:00
Shati Patel
5c80cd5032 Merge branch 'rc/1.24' into mergeback 2020-04-29 08:05:53 +01:00
Cornelius Riemenschneider
a50d5b7c6a Accept changed test output. 2020-04-27 09:17:16 +02:00
Jonas Jensen
718f4cd3f9 C++: Speed up SuspiciousAddWithSizeof select 
This `select` clause had become very slow after we started caching
`ElementBase::toString` because the query used string concatenation to
produce alert messages, and those string concatenations were done very
early in the pipeline, producing lots of strings that would be discarded
moments later.

By using `$@` to interpolate elements into strings, the concatenation is
done outside of QL.

Testing on a Chromium snapshot, this commit takes us from

    #select#ff ................ 6m2s

to

    #select#cpe#134#fff ....... 15.2s
 2020-04-24 16:18:18 +02:00
Dave Bartolomeo
163ecd97de Merge pull request #3277 from geoffw0/rangeshift 
C++: Support for & and >> in SimpleRangeAnalysis
 2020-04-22 11:36:36 -04:00
Geoffrey White
de751b0b75 C++: Correct UnsignedBitwiseAndExpr. 2020-04-17 17:10:59 +01:00
Geoffrey White
01d3257d72 C++: Add test cases involving casts. 2020-04-17 17:01:58 +01:00
Geoffrey White
24d7446976 C++: Basic model of '&' and '>>' in SimpleRangeAnalysis. 2020-04-16 11:17:29 +01:00
Geoffrey White
2acbdecfdb C++: Add test cases. 2020-04-16 11:11:58 +01:00
Geoffrey White
b8acd702d6 C++: Rename the test for consistency. 2020-04-15 12:49:07 +01:00
Geoffrey White
2aa64db40e Merge remote-tracking branch 'upstream/rc/1.24' into alloc-size2 2020-04-15 10:09:54 +01:00
Geoffrey White
a7979fdc12 C++: Base results purely on allocations now, not multiplications by a sizeof. 2020-04-09 15:05:29 +01:00
Geoffrey White
febbbc4423 C++: Additional test cases. 2020-04-09 15:03:35 +01:00