hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-02 16:23:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,214 Commits 1,688 Branches 159 Tags
158366ab4684d88f4266b6f7e9eb8a000d19996f
Commit Graph

3167 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
624795cbbf Merge pull request #8059 from rdmarsh2/rdmarsh2/cpp/insufficient-key-strength 
C++: new query for insufficient key strength
 2022-03-04 17:11:44 +00:00
Robert Marsh
280fdbfc1b C++: accept test output from perf improvement 
The last commit removed some source nodes from the dataflow graph, which
changed the test expectations slightly. No result changes occurred.
 2022-03-04 11:39:10 -05:00
Mathias Vorreiter Pedersen
9a91e66714 Merge pull request #8321 from MathiasVP/improve-using-expired-address-query 
C++: More TPs from `cpp/using-expired-stack-address`
 2022-03-04 12:07:55 +00:00
Mathias Vorreiter Pedersen
bf10456bf5 C++: Add a path explanation to the 'cpp/using-expired-stack-address' query. 2022-03-03 13:55:00 +00:00
Mathias Vorreiter Pedersen
9df923a7c8 C++: Catch more true positives by stepping into calls in the 'cpp/using-expired-stack-address' query. 2022-03-03 13:53:09 +00:00
Geoffrey White
5402b02fd7 Merge branch 'main' into cwe497 2022-03-01 11:58:24 +00:00
Jeroen Ketema
4ffbc2d148 C++: Ensure we use lvalue reference types for structured bindings 
This also adds a test for rvalue reference uses in the tuple
structured binding case.
 2022-02-27 21:13:48 +01:00
Jeroen Ketema
074577b539 C++: Refactor IR structured binding tuple test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
6515e77c0e C++: Generate additional loads for non-reference structured bindings 2022-02-27 21:13:48 +01:00
Jeroen Ketema
eebfbc12a0 C++: Add structured bindings struct as data member test case 2022-02-27 21:13:48 +01:00
Jeroen Ketema
5814349fd8 C++: Give names in structured binding declarations correct IR types 2022-02-27 21:13:48 +01:00
Jeroen Ketema
73f0366dc6 C++: Add typedef'ed reference structured binding test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
91659af4d4 C++: Add array data member structured binding test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
ec05942693 C++: Use unnamed_local_variable in array structured binding test 2022-02-27 21:13:48 +01:00
Jeroen Ketema
437a85dec7 C++: Add pointer related structured binding tests 2022-02-27 21:13:48 +01:00
Mathias Vorreiter Pedersen
dfd30e46b0 Merge pull request #8227 from geoffw0/319improve 
C++: Promote cpp/non-https-url
 2022-02-25 08:48:44 +00:00
Geoffrey White
899ae90ba4 C++: Add GVN. 2022-02-24 17:22:37 +00:00
Geoffrey White
0bb9a95563 C++: Extend tests. 2022-02-24 17:15:29 +00:00
Geoffrey White
6c40cda68d C++: Pragmatic solution to include more sinks (plus autoformat changes). 2022-02-24 12:10:34 +00:00
Mathias Vorreiter Pedersen
e4af34253a C++: Actually fix incorrect annotation 2022-02-24 11:06:57 +00:00
Geoffrey White
c16302be13 C++: Fix the FP. 2022-02-24 10:54:08 +00:00
Mathias Vorreiter Pedersen
ef5f16ddd3 Merge branch 'main' into add-using-expired-stack-address-query 2022-02-24 08:41:27 +00:00
Geoffrey White
326dfa5bc2 C++: Add test cases. 2022-02-23 18:37:58 +00:00
Mathias Vorreiter Pedersen
033edc24f4 C++: Respond to review comments. 2022-02-23 16:23:49 +00:00
Jeroen Ketema
99dd049c1b Add IR test for tuple structured bindings 2022-02-23 16:15:19 +01:00
Jeroen Ketema
caf0f28547 Add IR test for data member structured bindings 2022-02-23 15:55:19 +01:00
Jeroen Ketema
ec2567b64b Add IR test for array structured bindings 2022-02-23 15:10:10 +01:00
Mathias Vorreiter Pedersen
53299d61eb C++: Add more tests. 2022-02-23 11:38:01 +00:00
Robert Marsh
a37f746dff C++: fix FP and add paths in InsufficientKeySize 2022-02-22 15:38:50 -05:00
Mathias Vorreiter Pedersen
ea35f56212 C++: Add a query for detecting uses of expired stack pointers that escaped through global variables. 2022-02-22 19:12:08 +00:00
Geoffrey White
4908eaf5ec C++: Typos. 2022-02-22 14:33:11 +00:00
Robert Marsh
103796dfa8 C++: respond to PR comments on InsufficientKeySize 2022-02-16 14:58:29 -05:00
Geoffrey White
703f18b82f C++: Better deduplication. 2022-02-15 17:52:27 +00:00
Geoffrey White
c4d9c1d9e7 C++: Reduce result duplication. 2022-02-11 16:03:38 +00:00
Geoffrey White
00ba76b7e4 C++: Convert to IR taint tracking. 2022-02-11 13:00:42 +00:00
Robert Marsh
dbe4770c7d C++: add initial insufficient key size query 2022-02-10 14:53:40 -05:00
Geoffrey White
b0c2a144cc C++: Remove no longer relevant tests. 2022-02-10 11:11:31 +00:00
Geoffrey White
20ad92a82e C++: Filter noisiest sources. 2022-02-10 11:11:30 +00:00
Geoffrey White
7b5b2fdcd1 C++: Modernize cpp/system-data-exposure as a path-problem using IR taint, RemoteFlowSinkFunction. 2022-02-10 11:11:26 +00:00
Geoffrey White
5490809bcf C++: Expand tests. 2022-02-10 10:43:21 +00:00
Jeroen Ketema
46821fe136 Update C++ variable hiding test 
Structured bindings are now handled better, so the false negative
related to structured bindings is now a true positive.
 2022-02-10 10:58:32 +01:00
Jeroen Ketema
1f2865c7cc Merge pull request #7798 from jketema/missing-open-arg 
C++: Add query for missing mode argument in `open`/`openat` calls
 2022-02-07 12:01:44 +01:00
Mathias Vorreiter Pedersen
2e2913b921 Merge pull request #7839 from rdmarsh2/rdmarsh2/ir-initializer-inheritance-fix 
C++: fix IR generation for constructor base inits when no constructor is present.
 2022-02-04 10:32:57 +00:00
Harry Maclean
ab7fd89653 Merge pull request #7663 from github/hmac/api-graph-subclass 
Ruby: Add basic subclassing support to API Graphs
 2022-02-04 10:19:07 +13:00
Robert Marsh
55cbff7614 C++: fix for constructor init without constructor 2022-02-03 13:44:02 -05:00
Robert Marsh
836c47abb3 C++: test for constructor init without constructor 2022-02-03 13:34:05 -05:00
Geoffrey White
8031c3f699 Merge branch 'main' into clrtxt9 2022-02-03 17:01:59 +00:00
Geoffrey White
02b1774d7f C++: Switch from GVN to localFlow. 2022-02-03 16:00:26 +00:00
Geoffrey White
3cfd1b5052 C++: More test cases. 2022-02-03 15:11:59 +00:00
Geoffrey White
4048ba0a1c C++: Fix false positives around terminal output. 2022-02-02 17:59:28 +00:00