hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,672 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

3044 Commits

Author SHA1 Message Date
Jonas Jensen
a380dc113f C++: Test field conflation with array in struct 2020-05-14 16:29:39 +02:00
Geoffrey White
754d7f0be8 C++: More test cases for TaintedAllocationSize. 2020-05-14 15:23:31 +01:00
Jonas Jensen
3cd377e299 C++: Fixup forgotten test annotation 
This should have been removed in 038bea2f52.
 2020-05-14 15:57:47 +02:00
Mathias Vorreiter Pedersen
1c2b8563ae C++: Remove 'flow' value from testcases 2020-05-14 15:33:02 +02:00
Geoffrey White
da83f826b9 C++: Solve duplication in getParameterString(). 2020-05-14 14:21:06 +01:00
Geoffrey White
ca0d23fd72 C++: Add a test case. 2020-05-14 14:20:02 +01:00
Mathias Vorreiter Pedersen
5f9b96cde9 C++: Fix off-by-one in test annotation 2020-05-14 15:12:00 +02:00
Geoffrey White
78f098f37a C++: Test Function.getParameterString(). 2020-05-14 13:05:39 +01:00
Mathias Vorreiter Pedersen
f414b277ba C++: Modify complex.cpp test to account for longer access paths in the dataflow library 2020-05-14 13:58:04 +02:00
Geoffrey White
53a53fb633 C++: Modernize the Functions test. 2020-05-14 12:50:57 +01:00
Mathias Vorreiter Pedersen
f5f3405ec3 C++: Modify IR field flow tests to use InlineExpectationsTest.qll 2020-05-14 11:11:21 +02:00
Robert Marsh
396ccda81f Merge pull request #3422 from Cornelius-Riemenschneider/inbounds-ptr 
C++: Add InBoundsPointerDeref.qll to experimental
 2020-05-13 16:55:42 -07:00
Mathias Vorreiter Pedersen
34314d0cb6 C++: Annotation field flow tests with [IR] and [AST] 2020-05-13 15:16:02 +02:00
Dave Bartolomeo
b0f7e9c6a7 C++: Accept test output 2020-05-13 08:02:17 -04:00
Jonas Jensen
1018eaff09 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
 2020-05-13 12:05:58 +02:00
Jonas Jensen
038bea2f52 C++: Add type check to prevent field conflation 2020-05-13 09:25:24 +02:00
Jonas Jensen
250e12a323 C++: Demonstrate new field conflation 2020-05-13 09:24:36 +02:00
Dave Bartolomeo
5d3f25211d C++/C#: Remove UnmodeledUse instruction 2020-05-13 01:06:40 -04:00
Jonas Jensen
451ae7b762 Merge pull request #3444 from dbartol/codeql-c-analysis-team/68 
Rename `sanity` -> `consistency`
 2020-05-12 12:33:08 +02:00
Mathias Vorreiter Pedersen
73882c9f90 Merge pull request #3439 from jbj/passesByReference-qualifier 
C++: Call qualifiers are passed by reference
 2020-05-12 08:31:57 +02:00
Mathias Vorreiter Pedersen
df6abdc074 Merge pull request #3389 from jbj/dataflow-defbyref-to-field 
C++: Post-update flow through &, *, +, ...
 2020-05-12 08:30:33 +02:00
Robert Marsh
090977447b Merge pull request #3445 from geoffw0/rangerounding 
C++: Round result of >> in SimpleRangeAnalysis
 2020-05-11 13:07:18 -07:00
Geoffrey White
a4fa4c859a C++: Fix rounding for >>. 2020-05-11 18:55:01 +01:00
Geoffrey White
b1c32deabc C++: Add some tests with 64-bit values. 2020-05-11 18:54:50 +01:00
Dave Bartolomeo
09d1da2f7a C++/C#: Rename sanity -> consistency 
I did both of these languages together because they share some of the changed code via `identical-files.json`.
 2020-05-11 13:29:52 -04:00
Jonas Jensen
3a89f43cd6 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
 2020-05-11 14:44:17 +02:00
Jonas Jensen
bebd5ae36b C++: Call qualifiers are passed by reference 
After #3382 changed the escape analysis to model qualifiers as escaping,
there was an imbalance in the SSA library, where `addressTakenVariable`
excludes variables from SSA analysis if they have their address taken
but are _not_ passed by reference. This showed up as a missing result in
`TOCTOUFilesystemRace.ql`, demonstrated with a test case in #3432.

This commit changes the definition of "pass by reference" to include
call qualifiers, which allows SSA modeling of variables that have member
function calls on them.
 2020-05-11 09:39:48 +02:00
Jonas Jensen
8ff045b6a2 Merge pull request #3432 from geoffw0/toctou 
C++: Add a test of TOCTOUFilesystemRace.ql
 2020-05-11 09:18:51 +02:00
Jonas Jensen
71c21e6eca C++: Accept test changes forgotten in 32e04b403 
Adding a new test case leads to changes in all `.expected` files in its
directory.

The new results show that the `DefinitionsAndUses` library does not
model `std::addressof` correctly, but that library is not intended to be
used for new code.
 2020-05-11 08:17:13 +02:00
Cornelius Riemenschneider
3596ff7c51 Address review. 2020-05-10 19:34:16 +02:00
Geoffrey White
bff97d9fe5 C++: Effect of #3382. 2020-05-07 19:06:05 +01:00
Geoffrey White
6499197087 C++: Add a test of TOCTOUFilesystemRace.ql. 2020-05-07 19:03:32 +01:00
Jonas Jensen
4b9a3f1482 Merge remote-tracking branch 'upstream/master' into dataflow-defbyref-to-field 2020-05-07 16:48:41 +02:00
Jonas Jensen
88eeca39fb Merge commit '52d8acc1a198c5ea29c1dddceda1d6c0fb75de14' into dataflow-defbyref-to-field 
This is a partial merge from master. In particular, it takes in #3382
and #3385.
 2020-05-07 16:46:11 +02:00
Jonas Jensen
32e04b4033 C++: Support std::addressof 
I didn't add this support in `AddressConstantExpression.qll` since I
think it would require extra work and testing to get the constexprness
right. My long-term plan for `AddressConstantExpression.qll` is to move
its functionality to the extractor.
 2020-05-07 16:30:44 +02:00
Mathias Vorreiter Pedersen
594f3b1807 C++: Add testcase for #3110 2020-05-07 14:39:53 +02:00
Geoffrey White
c8524522c8 C++: Add test cases. 2020-05-06 18:51:50 +01:00
Cornelius Riemenschneider
e397e5d325 Add new testcase to arraylengthanalysis library. 2020-05-06 16:36:48 +02:00
Cornelius Riemenschneider
1c9fa4eb1d This library proves that a subset of pointer dereferences in a program are safe, i.e. in-bounds. 
It does so by first defining what a pointer dereference is (on the IR
`Instruction` level), and then using the array length analysis and the range
analysis together to prove that some of these pointer dereferences are safe.
 2020-05-06 16:36:48 +02:00
Robert Marsh
78d2ac1ff4 Merge pull request #3368 from Cornelius-Riemenschneider/local-ala 
C++: Add experimental Array Length Tracking library
 2020-05-05 13:05:52 -07:00
Geoffrey White
3e2e69c06a C++: Autoformat. 2020-05-05 16:55:15 +01:00
Geoffrey White
2940f4794e C++: Fix isfromtemplateinstantiation test. 2020-05-05 13:12:44 +01:00
Geoffrey White
511d7c9199 C++: Improve solution for UsingDeclarationEntry. 2020-05-04 18:01:29 +01:00
Geoffrey White
3d431607e7 C++: Combine the usings tests and add detail about classes. 2020-05-04 17:48:42 +01:00
Geoffrey White
9fc37d174e C++: Update the 'usings' tests. 2020-05-04 17:46:26 +01:00
Nick Rolfe
ae913fbf56 C++: update expected output to include field attribute 2020-05-04 16:17:59 +01:00
Nick Rolfe
124ea86d65 C++: add test for attributes on fields 2020-05-04 15:12:49 +01:00
Cornelius Riemenschneider
bab893d2d1 Address review. 2020-05-02 15:27:56 +02:00
Nick Rolfe
4ce896b856 Merge pull request #3378 from matt-gretton-dann/codeql-c-extractor/49-consteval 
Add support for C++20's consteval specifier
 2020-05-01 17:56:56 +01:00
Mathias Vorreiter Pedersen
2e3463740d Merge pull request #3382 from jbj/escape-qualifier 
C++: Addresses may escape through call qualifiers
 2020-05-01 16:23:46 +02:00