hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 16:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,728 Commits 1,673 Branches 157 Tags
1c04c07f07045ec3cfbdcdf729032b385eaa3820
Commit Graph

3801 Commits

Author SHA1 Message Date
Geoffrey White
6440db786d Merge pull request #4420 from jbj/SimpleRangeAnalysis-widen-Expr 
C++: SimpleRangeAnalysis: widen recursive *, +, -
 2020-10-12 11:20:09 +01:00
Jonas Jensen
9b12ceae8d C++: SimpleRangeAnalysis: widen recursive *, +, - 
The number of candidate bounds during the main `SimpleRangeAnalysis`
recursion was in principle always exponential in the size of the
program, but in practice it did not get out of hand when only `+` and
`-` operations were supported. Now that `*` is also supported, the range
analysis started timing out on the SinaMostafanejad/OpenRDM project. The
problematic expressions in that project are of the form

    a*x*x*x + b*x*x + c*x + d

where most of the variables involved are recursive definitions and are
therefore likely to have a large number of candidate bounds.

The fix here is to identify those few binary operations that are most
likely to cause an explosion in the number of bounds and apply widening
to them. Previously, widening was only applied at definitions.
 2020-10-12 11:09:01 +02:00
Anders Schack-Mulligen
725194a3b8 Merge pull request #4447 from aschackmull/dataflow/postupdate-flow-consistency 
Dataflow: Introduce consistency check for flow targeting PostUpdateNodes
 2020-10-12 08:56:19 +02:00
Anders Schack-Mulligen
1c043447e8 Dataflow: Introduce consistency check for flow targeting PostUpdateNodes. 2020-10-09 14:29:52 +02:00
Jonas Jensen
4c9ffcec27 Merge pull request #4396 from geoffw0/stringsets 
C++: Use [, ...] syntax more widely.
 2020-10-09 13:30:05 +02:00
Geoffrey White
493b80c44d C++: Fix incorrect translations to hasQualifiedName. 2020-10-08 17:56:57 +01:00
Jonas Jensen
b409cf6cea Merge pull request #4389 from gsingh93/bitwise-and 
Improve range analysis for bitwise and
 2020-10-08 15:18:15 +02:00
Gulshan Singh
662736eb2d Fix compiler error after removing getLOp/getROp 2020-10-07 12:45:08 -07:00
Gulshan Singh
7233ffa50f Address review comments 2020-10-07 00:21:06 -07:00
Jonas Jensen
984194d308 Merge pull request #4406 from geoffw0/set 
C++: Models for std::set and std::unordered_set
 2020-10-06 15:43:12 +02:00
Jonas Jensen
6b2ae5d1ad Merge pull request #4393 from MathiasVP/no-more-flow-into-read-side-effect 
C++: No more flow into ReadSideEffect instructions
 2020-10-05 19:46:32 +02:00
Robert Marsh
b7dcd5c557 Merge pull request #4395 from geoffw0/modelbeginend 
C++: Merge StdSequenceContainerBeginEnd into the general BeginOrEndFunction
 2020-10-05 12:22:27 -04:00
Geoffrey White
4db964fca9 Merge branch 'main' into set 2020-10-05 15:16:42 +01:00
Geoffrey White
d93b37d5c5 C++: Autoformat some more files. 2020-10-05 15:11:23 +01:00
Mathias Vorreiter Pedersen
a6d7b1f9d9 Update cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-10-05 15:21:15 +02:00
Mathias Vorreiter Pedersen
e95aefe0b2 C++: Now that PrimaryArgumentNode is an OperandNode we want a specialized toString on it 2020-10-05 15:13:33 +02:00
Geoffrey White
c757813d65 Merge branch 'main' into map 2020-10-05 12:32:49 +01:00
Geoffrey White
591c17d7cf C++: Rearrange comments. 2020-10-05 12:22:08 +01:00
Mathias Vorreiter Pedersen
6c87b08c69 C++: Respond to review comments: 
- ArgumentNode is now abstract
- PrimaryArgumentNode is now an OperandNode.
- ArgumentIndirectionNode is now merged into SideEffectArgumentNode.
 2020-10-05 12:54:11 +02:00
Geoffrey White
488a55b9dd C++: Autoformat. 2020-10-05 10:39:32 +01:00
Mathias Vorreiter Pedersen
4c14f5dbb7 Merge branch 'main' into no-more-flow-into-read-side-effect 2020-10-05 11:03:42 +02:00
Alexander Eyers-Taylor
30ed6a0dac Merge pull request #4385 from aibaars/drop-queries 
Drop 'tech-inventory' and 'code duplication' queries from the standard query suites
 2020-10-02 18:31:25 +01:00
Geoffrey White
3536d84bdf C++: Use [, ...] syntax more widely. 2020-10-02 18:04:03 +01:00
Geoffrey White
1efe461a98 C++: Move the rest of of StdSequenceContainerBeginEnd into BeginOrEndFunction. 2020-10-02 18:03:46 +01:00
Geoffrey White
8d5bd2289b C++: Remove parts of StdSequenceContainerBeginEnd in favour of BeginOrEndFunction. 2020-10-02 18:03:46 +01:00
Geoffrey White
2dc8fba7fe C++: Remove StdMapBeginEnd as we now have a general model BeginOrEndFunction in main. 2020-10-02 16:39:23 +01:00
Geoffrey White
0d6bd6facb Merge branch 'main' into map 2020-10-02 16:24:03 +01:00
Geoffrey White
d4a1acedde C++: Remove StdSetBeginEnd as we now have a general model BeginOrEndFunction in main. 2020-10-02 16:23:48 +01:00
Arthur Baars
daa1bcc06e Also mark 'tech inventory' queries as deprecated 2020-10-02 17:23:11 +02:00
Arthur Baars
fc45b6cd3c Drop 'tech-inventory' and 'code duplication' queries from the standard query suites 2020-10-02 17:22:04 +02:00
Geoffrey White
88a93964a7 Merge branch 'main' into set 2020-10-02 16:17:48 +01:00
Mathias Vorreiter Pedersen
8f4982d3f5 C++: Remove flow into ReadSideEffect instructions in simpleInstructionLocalFlowStep 2020-10-02 14:10:28 +02:00
Geoffrey White
4b0e9a4fb1 C++: Remove the model of make_pair. 2020-10-02 10:55:13 +01:00
Chris Smowton
aa707e9370 Merge pull request #4381 from smowton/smowton/admin/fix-owasp-broken-links 
Fix OWASP broken links
 2020-10-02 08:51:36 +01:00
Gulshan Singh
f026d3a1e6 C++: Improve bitwise and range analysis 2020-10-01 23:30:51 -07:00
Jonas Jensen
48c6f34f91 Merge pull request #4372 from matt-gretton-dann/cpp20-constinit 
Add support for Variable.is_constinit()
 2020-10-01 20:19:56 +02:00
Geoffrey White
ad9f306352 C++: Model taint flow only when the second component of a pair would be tainted. 2020-10-01 17:38:09 +01:00
Chris Smowton
578ea1ae43 Fix OWASP broken links 2020-10-01 13:09:52 +01:00
Geoffrey White
cafd320953 C++: Add set/map constructor models. 2020-09-30 17:41:06 +01:00
Geoffrey White
6520f9d0fb C++: Add basic std::set models. 2020-09-30 17:23:56 +01:00
Matthew Gretton-Dann
e0ca4dafb8 Add support for Variable.is_constinit() 2020-09-30 16:31:45 +01:00
Geoffrey White
282d3e8f7e Merge pull request #4322 from jbj/range-analysis-custom-defs 
C++: Support custom defs in SimpleRangeAnalysis
 2020-09-30 15:43:32 +01:00
Jonas Jensen
b1c826e5c0 Merge pull request #4135 from rdmarsh2/rdmarsh2/cpp/output-iterators-1 
C++: Output iterators in AST taint tracking
 2020-09-30 12:54:55 +02:00
Jonas Jensen
68f6d93325 C++: Autoformat fixup 2020-09-30 09:49:56 +02:00
Geoffrey White
8059230bbc Update cpp/ql/src/semmle/code/cpp/models/implementations/StdPair.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-09-28 16:59:28 +01:00
Geoffrey White
759324ca1b Update cpp/ql/src/semmle/code/cpp/models/implementations/StdPair.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-09-28 16:51:21 +01:00
Geoffrey White
11587c930b C++: Autoformat. 2020-09-28 09:19:35 +01:00
Robert Marsh
27dc49ff7a C++: Fix performance issue in PartialDefinition 2020-09-25 19:08:07 -07:00
Robert Marsh
713bdae77a C++: sync identical files 2020-09-25 13:54:58 -07:00
Robert Marsh
9240256a9f C++: fix QLDoc 2020-09-25 11:55:39 -07:00