hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
68,067 Commits 1,673 Branches 157 Tags
1bb762bea94e75c7b422ff32a2b3636ff44c69dd
Commit Graph

6652 Commits

Author SHA1 Message Date
github-actions[bot]
8a25081a0e Post-release preparation for codeql-cli-2.17.5 2024-06-10 15:33:08 +00:00
github-actions[bot]
877bfa2468 Release preparation for version 2.17.5 2024-06-10 13:40:39 +00:00
Mathias Vorreiter Pedersen
9f4c1380e5 Merge pull request #16677 from MathiasVP/phi-input-nodes 
C++: Extend barrier guards to handle phi inputs
 2024-06-06 19:21:30 +01:00
Mathias Vorreiter Pedersen
05d46a6793 C++: Also ignore phi input edges in 'AllocaInLoop.ql'. 2024-06-05 09:58:44 +01:00
Jeroen Ketema
6f8449cf75 C++: Add change note 2024-06-05 10:05:13 +02:00
Jeroen Ketema
66077dc38d C++: Ignore gets'es with incorrect parameter counts 2024-06-04 11:15:07 +02:00
github-actions[bot]
906b65d09c Post-release preparation for codeql-cli-2.17.4 2024-05-28 18:02:25 +00:00
github-actions[bot]
33b4ae8bbb Release preparation for version 2.17.4 2024-05-28 15:44:32 +00:00
Remco Vermeulen
6df4c8964b Rewrite recommendations 
- Replace segmentation fault with crash that is platform agnostic (I think segmentation fault is not really a thing on Windows).
- Replace security vulnerability with malicious code execution. This provides a range of issues, because a crash (previously segmentation fault) could also be considered a security vulnerability. Namely a DOS.
- Removed the additional note on stack allocated arrays which seem confusing because we are always talking about buffers allocated on the heap.
 2024-05-24 16:10:42 -07:00
Dave Bartolomeo
613ccaac1d Add change note to all v1.0.0 packs 2024-05-23 13:01:22 -04:00
Dave Bartolomeo
ffe4c8c87b Update all pack versions to 1.0.0 2024-05-22 13:39:08 -04:00
Mathias Vorreiter Pedersen
769d9317c7 C++: Avoid a CP between 'getExpr(node)' and 'this' in 'LoopWithAlloca'. 2024-05-22 15:15:40 +01:00
Mathias Vorreiter Pedersen
1a0d66b339 Merge pull request #16557 from MathiasVP/fix-unique-pointer-query-fp 
C++: Fix `cpp/use-of-unique-pointer-after-lifetime-ends` FP
 2024-05-22 15:09:54 +01:00
Mathias Vorreiter Pedersen
9907f0f827 C++: Exclude a cast to any integral type. 2024-05-22 13:42:07 +01:00
Mathias Vorreiter Pedersen
00a940fd58 Merge pull request #16524 from catenacyber/deref-null-result 
Adds another rule for null deref
 2024-05-22 12:37:39 +01:00
Mathias Vorreiter Pedersen
4b02f88089 C++: Add change note. 2024-05-22 12:37:08 +01:00
Mathias Vorreiter Pedersen
af81698fa8 C++: Fix FP and accept test changes. 2024-05-22 12:34:09 +01:00
Mathias Vorreiter Pedersen
eda815789b Update cpp/ql/src/experimental/Likely Bugs/DerefNullResult.ql 2024-05-22 11:21:04 +01:00
Philippe Antoine
ab4b823c2e fixup unique assignment 2024-05-21 22:10:00 +02:00
Jeroen Ketema
1a60c01723 C++: Add memcmp test for cpp/network-to-host-function-as-array-bound 2024-05-21 10:27:38 +02:00
Philippe Antoine
8ace9da14a fixup dataflow path and formatting 2024-05-20 21:31:47 +02:00
Geoffrey White
13a7d9acb6 Merge pull request #16528 from geoffw0/docfix2 
C++: Update an instance of the name 'Semmle' in a doc page.
 2024-05-20 15:07:42 +01:00
Geoffrey White
0ba3cd96f5 C++: Update an instance of the name 'Semmle' in a doc page. 2024-05-20 10:02:50 +01:00
Mathias Vorreiter Pedersen
2f7766a557 C++: Autoformat. 2024-05-20 09:04:24 +01:00
Mathias Vorreiter Pedersen
e8b9d7e6fa C++: Modify change note to be more aligned with existing change notes. 2024-05-20 08:52:18 +01:00
codeqlhelper
15667dcf1e Create 2024-05-19-avoid-reporting-static-variable.md 2024-05-19 21:55:35 +08:00
codeqlhelper
1d8d45b3aa Static variables are initialized to zero or null by compiler 
Static variables are initialized to zero or null by compiler, no need to get an initializer of them
 2024-05-19 21:48:43 +08:00
Philippe Antoine
73d306c8c8 Adds another rule for null deref 2024-05-17 17:35:07 +02:00
github-actions[bot]
32e8b5c667 Post-release preparation for codeql-cli-2.17.3 2024-05-14 21:14:08 +00:00
github-actions[bot]
100166fa53 Release preparation for version 2.17.3 2024-05-14 19:23:18 +00:00
Erik Krogh Kristensen
bcddef8f32 Merge pull request #16131 from erik-krogh/cpp-path 
C++: Improve the cpp/path-injection qhelp
 2024-05-09 22:21:51 +02:00
erik-krogh
a51d24cbab apply suggestions from code review, and the examples to the test 2024-05-08 19:34:50 +02:00
Geoffrey White
49aba25852 Merge pull request #16445 from geoffw0/qhelp4 
C++: Improve qhelp for DoubleFree.
 2024-05-08 18:02:12 +01:00
Geoffrey White
53d4a10108 Update cpp/ql/src/Critical/DoubleFree.qhelp 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
 2024-05-08 17:15:08 +01:00
Geoffrey White
088f8297b6 C++: Use nullptr. 2024-05-08 14:04:21 +01:00
Geoffrey White
3fd6bc9b5c C++: Fix qhelp format. 2024-05-08 11:46:07 +01:00
Geoffrey White
486226814a C++: Add a second example. 2024-05-08 11:40:29 +01:00
Geoffrey White
871fd9aba3 Merge pull request #16405 from geoffw0/qhelp3 
C++: Improve qhelp for StrncpyFlippedArgs.
 2024-05-08 11:23:41 +01:00
Geoffrey White
880d56c576 Merge pull request #16404 from geoffw0/qhelp2 
C++: Improve qhelp for WrongTypeFormatArguments.
 2024-05-08 11:22:57 +01:00
Geoffrey White
9c8945f626 Merge pull request #16403 from geoffw0/qhelp1 
C++: Improve qhelp for IncorrectNotOperatorUsage.
 2024-05-08 11:22:15 +01:00
erik-krogh
3989717878 Merge branch 'main' into cpp-path 2024-05-07 23:01:52 +02:00
erik-krogh
336c7de643 updates based on review 2024-05-07 22:58:49 +02:00
Geoffrey White
575b66a054 C++: Clarify the recommendation and example. 2024-05-07 16:52:50 +01:00
Geoffrey White
dd95a2abab C++: Move qhelp. 2024-05-07 16:35:21 +01:00
Geoffrey White
c0cf1c7c8c Merge pull request #16402 from geoffw0/stringlifetimedoc 
C++: Improve UseOfStringAfterLifetimeEnds doc.
 2024-05-03 15:04:07 +01:00
Geoffrey White
807e6795a7 Apply suggestions from code review 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-03 11:40:56 +01:00
Geoffrey White
f5431abb10 C++: Fix strncpy reference link (the old link was broken). 2024-05-02 17:37:52 +01:00
Geoffrey White
73cc211779 C++: Fix qhelp error. 2024-05-02 17:36:35 +01:00
Geoffrey White
08e08a2b3a C++: Qhelp punctuation. 2024-05-02 17:32:24 +01:00
Geoffrey White
657402b42f C++: Fix % character in qhelp. 2024-05-02 17:31:09 +01:00