hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,029 Commits 1,671 Branches 157 Tags
z80coder/query-pack-release-candidate-2
Commit Graph

3044 Commits

Author SHA1 Message Date
Robert Marsh
6f03c3e252 C++: Accept command injection test changes 
Making the DefaultTaintTracking configurations inactive removed many
unneeded nodes and edges from the PathGraph predicates.
 2021-09-22 14:19:23 -07:00
Robert Marsh
21ed5c430d Merge branch 'main' into rdmarsh2/improve-exec-tainted 
Manual fix for conflict in Models.qll
 2021-09-22 11:51:18 -07:00
Robert Marsh
d62f76afa6 Merge pull request #6133 from MathiasVP/promote-sql-pqxx 
C++: Promote `cpp/sql-injection-via-pqxx` out of experimental
 2021-09-21 10:13:57 -07:00
Geoffrey White
e7c82d7370 C++: Accept subpaths in tests. 2021-09-17 16:14:24 +01:00
Geoffrey White
24668b2281 Merge branch 'main' into cwe139 2021-09-17 16:04:51 +01:00
ihsinme
b6bcf9fa44 Add files via upload 2021-09-16 19:18:19 +03:00
Robert Marsh
c85cc1455b C++: accept changes to new ExecTainted test 2021-09-15 11:27:13 -07:00
Robert Marsh
509a3493b6 C++: support new subpaths predicate in ExecTainted 2021-09-15 10:55:56 -07:00
Robert Marsh
83cc098412 C++: accept test output 2021-09-15 10:55:55 -07:00
Robert Marsh
37c92178a5 C++: exclude int/string conversion in ExecTainted 2021-09-15 10:55:52 -07:00
Robert Marsh
5e265f45e1 C++: ExecTainted tests for int/string conversions 2021-09-15 10:55:51 -07:00
Robert Marsh
9926892c8a C++: remove debugging predicates 2021-09-15 10:55:51 -07:00
Robert Marsh
9c478c502e C++: add some more tests for ExecTainted 2021-09-15 10:55:50 -07:00
Robert Marsh
6f408f949c C++: Refactor ExecTainted.ql to need concatenation 
This makes ExecTainted report results only when the tainted value does
not become the start of the string which is eventually run as a shell
command. The theory is that those cases are likely to be deliberate, and
part of the expected threat model of the program (e.g. $CC in make).
This lines up better with the results I considered fixable true
positives in LGTM testing
 2021-09-15 10:55:49 -07:00
Robert Marsh
8f4df8603a C++: more tests for command injection 2021-09-15 10:55:49 -07:00
Mathias Vorreiter Pedersen
33ef634ea8 Merge pull request #6679 from andersfugmann/relax_memberMayBeVarSize 
Improve precision on OverflowStatic query.
 2021-09-15 17:24:10 +01:00
Geoffrey White
c4714b55a3 Merge pull request #6588 from ihsinme/ihsinme-patch-069 
CPP: Add query for CWE-675: Duplicate Operations on Resource
 2021-09-15 15:10:03 +01:00
Jonas Jensen
65f4ec403f Merge pull request #6593 from geoffw0/samate-move 
C++: Add test cases with SAMATE Juliet code snippets to the codeql test suite.
 2021-09-15 14:18:08 +02:00
Geoffrey White
9ad51fbc02 C++: Fix the correct test this time. 2021-09-15 11:03:09 +01:00
Geoffrey White
8fd848701e C++: Fix test failure. 2021-09-14 16:38:11 +01:00
Mathias Vorreiter Pedersen
44dca68463 Merge branch 'main' into promote-sql-pqxx 2021-09-14 15:29:37 +01:00
Geoffrey White
67c6b35845 C++: We get many more real world results using taint tracking. 2021-09-13 15:03:28 +01:00
Geoffrey White
0e8064dbf9 C++: Add a test demonstrating taint. 2021-09-13 15:00:31 +01:00
Geoffrey White
902fa7d44a C++: Subsection header. 2021-09-13 14:10:17 +01:00
Geoffrey White
acd1acd869 C++: Give it a section header. 2021-09-13 14:08:18 +01:00
Geoffrey White
befd1a7ccc C++: Rename security tests readme. 2021-09-13 14:06:22 +01:00
Geoffrey White
ee7ccd7936 C++: Upgrade to path problem. 2021-09-13 13:52:12 +01:00
Anders Fugmann
9a35a699cb C++: Update tests 2021-09-13 12:10:58 +02:00
Geoffrey White
f58177f292 C++: Full dataflow version. 2021-09-13 10:53:09 +01:00
Anders Fugmann
342b2df93f C++: zero or one byte sized arrays in unions are considered as having the length of the union its a member of 2021-09-13 11:25:04 +02:00
Anders Fugmann
3172d5727a C++: Relax constraints on Buffer::memberMayBeVarSize 2021-09-13 11:15:33 +02:00
Anders Fugmann
4ab9b81a9a C++: Add tests exposing some FP's for OverflowStatic query 2021-09-13 11:09:56 +02:00
Geoffrey White
e696eaaa2f C++: Fix false positives involving STDIN_FILENO. 2021-09-13 09:50:19 +01:00
Geoffrey White
3ba9e80635 C++: Support various functions / variants. 2021-09-13 09:50:03 +01:00
Geoffrey White
1707d67adb C++: Support 'send' as well. 2021-09-13 09:49:40 +01:00
Geoffrey White
29ad3bf7f8 C++: Test dataflow and other slightly more complex cases. 2021-09-13 09:49:25 +01:00
Anders Peter Fugmann
1bbadb57a2 Merge pull request #6568 from andersfugmann/andersfugmann/improve_upper_bound 
C++: Improve predicate upperBound in SimpleRangeAnalysis
 2021-09-10 09:49:48 +02:00
Anders Fugmann
270dbd2bf7 C++: Revert peer review suggestion. 
The suggested change has a severe impact on row counts, as cpp does not cache
the results for `bbDominates`. Since the `getGuardedUpperBound` predicate the
cost of runtime complexity is considered higher than the benefit of this change.
 2021-09-09 13:26:42 +02:00
Anders Fugmann
6c44b0e6e7 C++: Add test case where a guarded block has two predecessors which are both in the dominance domain of the guard 2021-09-09 13:18:49 +02:00
Anders Schack-Mulligen
f30dad7705 Dataflow: Update test expected outputs. 2021-09-07 13:02:20 +02:00
Mathias Vorreiter Pedersen
5cecea42e4 Merge pull request #6603 from geoffw0/impropnulltests 
C++: Add test cases for cpp/improper-null-termination.
 2021-09-07 09:55:36 +01:00
Mathias Vorreiter Pedersen
b7206c1218 Merge pull request #6581 from geoffw0/uncontrolledarith2 
CPP: Improvements for cpp/uncontrolled-arithmetic
 2021-09-07 09:48:59 +01:00
Anders Fugmann
ebdda885f9 C++: Update test annotation for OverflowStatic 2021-09-07 10:38:16 +02:00
Geoffrey White
cd5a5347fc C++: Add basic test. 2021-09-06 18:11:34 +01:00
Anders Fugmann
9af4d560dd Merge branch 'main' into andersfugmann/improve_upper_bound 2021-09-06 14:26:58 +02:00
Anders Fugmann
ddbaf585ec Merge branch 'main' into andersfugmann/improve_upper_bound 2021-09-06 10:32:44 +02:00
Andrew Eisenberg
6a47fcaf1f Packaging: Normalize all qlpack.yml files for all languages 
This commit ensures consistency among all of our qlpacks. Here are the
changes:

1. Ensure only modern references are used (codeql-{lang} is converted to
   codeql/{lang}-all or codeql/{lang}-queries where appropriate).
2. Use consistent version numbers. All languages are at 0.0.2 except
   javascript, which is 0.0.3.
3. Convert all `libraryPathDependencies` to `dependencies` with version
   constraints
4. Dependencies from query packs to other packs are always `"*"` since
   these dependencies are always from source and we should get the
   latest.
5. Dependencies from codeql/{lang}-lib to codeql/{lang}-upgrades must
   be strict since there is a tight connection between the libary
   and its relevant upgrades.
 2021-09-03 11:53:28 -07:00
Geoffrey White
4e60fd5fc7 C++:Add the ImproperNullTerminationTainted.ql query to the test. 2021-09-03 15:53:24 +01:00
Geoffrey White
ccf1a44a2b C++: Extend tests for cpp/improper-null-termination. 2021-09-03 15:48:36 +01:00
Geoffrey White
f2047ee4d0 C++: Actually fix expected files after layout changes. 2021-09-03 09:13:41 +01:00