555 Commits

Author	SHA1	Message	Date
Anders Schack-Mulligen	dc6d3fe7ba	Use flowFrom.	2025-12-03 14:04:18 +01:00
Felicity Chapman	caf6b950ac	Remove trailing periods from @name metadata in query files ... Fixed 73 .ql query files where the @name metadata contained an ending period. This ensures consistency with the CodeQL query metadata style guidelines.	2025-11-26 14:29:51 +00:00
Nora Dimitrijević	1321cbb021	C++/DecompressionBombs	2025-10-28 09:41:55 +01:00
Nora Dimitrijević	464f6cb096	C++/ConstantSizeArrayOffByOne	2025-10-28 09:41:26 +01:00
Nora Dimitrijević	ad31f1ab6d	C++/WordexpTainted ... Same file usees source and sink as endpoints	2025-10-28 09:39:19 +01:00
Mathias Vorreiter Pedersen	5e82eb9b24	C++: Fixup queries which assumes that a guard is always an expression.	2025-09-18 12:16:21 +01:00
Michael Nebel	83d53baf82	C++: Fix some Ql4Ql violations.	2025-09-03 08:19:18 +02:00
Nora Dimitrijević	e382cb5696	[DIFF-INFORMED] C++: DecompressionBombs	2025-08-15 12:00:48 +02:00
Nora Dimitrijević	fabdf9923c	[DIFF-INFORMED] C++: ConstantSizeArrayOffByOne	2025-08-15 12:00:46 +02:00
Nora Dimitrijević	2316b8cf89	C++: mass-add none() location overrides	2025-06-17 17:10:07 +02:00
Nora Dimitrijević	4dd07f475b	C++: mass enable diff-informed data flow ... An auto-generated patch that enables diff-informed data flow in the obvious cases. Builds on https://github.com/github/codeql/pull/18342 and https://github.com/github/codeql-patch/pull/88	2025-06-11 18:51:01 +02:00
Owen Mansel-Chan	cf614a596d	Fix cwe tags to include leading zero	2025-04-30 16:43:03 +01:00
Jeroen Ketema	a065434dd7	Merge pull request #16811 from porcupineyhairs/curlssl ... CPP: Disabled SSL certificate verification	2024-09-19 20:02:17 +02:00
Porcupiney Hairs	ee41e65e90	Include changes from review	2024-09-19 22:52:20 +05:30
Porcupiney Hairs	57d1035acd	Include changes from review	2024-09-19 03:32:34 +05:30
am0o0	401bb24fde	remove redundent zStreamAccess in flow steps	2024-09-05 17:09:26 +02:00
Jeroen Ketema	3aa68b34bb	C++: Fix zstd and clean up test	2024-09-04 22:25:44 +02:00
Jeroen Ketema	9b905d5e84	C++: Set precision to low ... There are no barriers, so the query as is will flag up any use of the identified functions.	2024-09-04 14:13:43 +02:00
Jeroen Ketema	238895e677	C++: Fix formatting	2024-09-04 14:10:24 +02:00
Jeroen Ketema	92c6170a76	C++: Simplify QLhelp ... One good and one bad example suffices to get the point across, and makes the help more readable. The examples also do not have to be complete.	2024-09-04 14:06:12 +02:00
Jeroen Ketema	2369b18ca6	C++: Make additional flow steps more uniform	2024-09-04 13:43:03 +02:00
Jeroen Ketema	8fe0d0a045	C++: Improve query output	2024-09-04 13:22:02 +02:00
Jeroen Ketema	8d22d147b8	C++: Clean up QLDoc	2024-09-04 13:16:56 +02:00
Jeroen Ketema	65fafbf4df	C++: Fix QL-for-QL warnings	2024-09-04 11:57:10 +02:00
Jeroen Ketema	084dbc4e12	C++: Rename qhelp file to match ql file	2024-09-04 11:48:42 +02:00
Jeroen Ketema	50d9e77339	C++: Move experimental files into the correct locations	2024-09-04 09:33:27 +02:00
am0o0	13f697c056	relocate the query	2024-06-25 17:31:40 +02:00
Porcupiney Hairs	a7cdf0e2fd	CPP: Disabled SSL certificate verification ... Disable SSL certificate verification can expose the communication to MITM attacks. This PR adds a query to detect the same. This also include the tests and qhelp for the same.	2024-06-23 14:27:04 +05:30
am0o0	11a416ea7c	add FlowSources as a common source for all sinks, so we don't need States anymore	2024-06-13 03:30:07 +02:00
am0o0	273848c879	remove old comments	2024-06-07 05:40:17 +02:00
am0o0	a5363286f1	add implicit this	2024-06-07 05:37:58 +02:00
am0o0	184aa0480e	Merge branch 'amammad-cpp-bombs' of https://github.com/amammad/codeql into amammad-cpp-bombs	2024-06-07 05:27:12 +02:00
Am	a5c9dc74bf	Merge branch 'github:main' into amammad-cpp-bombs	2024-06-07 05:27:08 +02:00
am0o0	e37ceac3b1	merge all query files into one query file	2024-06-07 05:26:51 +02:00
Mathias Vorreiter Pedersen	179270ffc1	C++: Move 'cpp/iterator-to-expired-container' out of experimental.	2024-04-29 11:07:55 +01:00
Geoffrey White	0fb71e24cb	C++: Fix typo.	2024-04-25 14:52:56 +01:00
Mathias Vorreiter Pedersen	cedc84df8f	C++: Fix FPs by only having one dataflow config. This means we preserve the call context all the way though from the source to the sink.	2024-04-19 08:27:41 +01:00
Mathias Vorreiter Pedersen	96ba3ec88e	C++: Rename predicate.	2024-04-17 10:10:54 +01:00
Mathias Vorreiter Pedersen	eb2790ae63	C++: Fix 'case 2' in 'destroyedToBeginSink' now that we're working with the sink instead of the source.	2024-04-17 10:10:39 +01:00
Mathias Vorreiter Pedersen	d22e2bae8e	C++: Select the post-update node in 'getADestroyedNode'.	2024-04-17 10:10:39 +01:00
Mathias Vorreiter Pedersen	b2974ba1c6	C++: Factor body of isSink into its own predicate.	2024-04-17 10:10:21 +01:00
Mathias Vorreiter Pedersen	b944f3b411	C++: Fix FP.	2024-03-18 15:57:20 +00:00
Mathias Vorreiter Pedersen	7b6accd33a	Update cpp/ql/src/experimental/Security/CWE/CWE-416/IteratorToExpiredContainer.ql ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2024-03-18 12:01:51 +00:00
Mathias Vorreiter Pedersen	457d71d7bc	Update cpp/ql/src/experimental/Security/CWE/CWE-416/IteratorToExpiredContainer.ql ... Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>	2024-03-18 12:01:44 +00:00
Mathias Vorreiter Pedersen	a8718f99a1	C++: Add qhelp for 'cpp/iterator-to-expired-container'.	2024-03-15 17:35:47 +00:00
Mathias Vorreiter Pedersen	23cf99734a	C++: Add a new experimental query ' cpp/iterator-to-expired-container'.	2024-03-15 14:29:29 +00:00
Ian Lynagh	e357d18d35	C++: Fix typo	2024-01-12 17:57:34 +00:00
Geoffrey White	17cd22f9d0	Merge pull request #14972 from geoffw0/cryptoprimitives ... C++: Experimental query for implementation of a cryptographic primitive	2023-12-11 09:47:46 +00:00
Geoffrey White	521d98ed8d	C++: Make the encryption words a tiny bit more flexible.	2023-12-05 18:03:17 +00:00
Geoffrey White	e95098f61f	C++: Add 'experimental' tag.	2023-12-05 18:03:11 +00:00