hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
83,296 Commits 1,671 Branches 157 Tags
25a46a82ba04025e6aab93874b4291edf295802b
Commit Graph

13583 Commits

Author SHA1 Message Date
Mingjie Shen
25a46a82ba C++: Use appropriate sizeof in CWE-119 memcpy tests 
Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2025-11-27 05:15:51 +00:00
Mingjie Shen
b293dfe3a6 C++: Fix CWE-119 memcpy tests 
sizeof(pointer) only gives the pointer size, not the buffer
size, so use explicit 10/20 lengths in tests.cpp and update
OverflowBuffer.expected to accept the resulting memcpy diagnostics.

Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2025-11-19 22:06:06 +00:00
Henry Mercer
17352a101d Rephrase C++ BMN changelog note 2025-10-14 11:13:23 +01:00
Henry Mercer
9466279909 Prefer code quotes for BMN 2025-10-14 11:10:42 +01:00
github-actions[bot]
33542f7d40 Release preparation for version 2.23.3 2025-10-14 09:30:24 +00:00
Ian Lynagh
791a92b146 C++: Add a changenote for C/C++ BMN GA 2025-10-07 17:32:36 +01:00
Nicolas Will
378eb18db5 Merge branch 'main' into jca_signature_extensions 2025-10-06 14:50:15 +02:00
REDMOND\brodes
f4fea6d635 Crypto: Fix consistency update with "other" vs "unknown" naming convetions for openssl. 2025-10-03 12:10:48 -04:00
Jeroen Ketema
7807804f4d Merge pull request #20573 from MathiasVP/fix-bad-magic-on-get-file 
C++: Fix bad magic on `Element.getFile`
 2025-10-03 01:21:32 +02:00
Nicolas Will
4901cdf929 Crypto: Refactor and change casts to super 2025-10-02 18:43:38 +02:00
Mathias Vorreiter Pedersen
bc0b87632d C++: Fix bad magic on Element.getFile when running on InconsistentCheckReturnNull.qll: 
Evaluated non-recursive predicate Element::Element.getFile/0#dispred#536cb5f3#bb@f6f5329i in 182326ms (size: 50437).
Evaluated relational algebra for predicate Element::Element.getFile/0#dispred#536cb5f3#bb@f6f5329i with tuple counts:
           2029351   ~0%    {2} r1 = SCAN `Expr::Expr.getLocation/0#dispred#0a3d90c6` OUTPUT In.1, In.0
           2029351   ~0%    {2}    | JOIN WITH `Location::Location.getStartLine/0#d54f9e6c` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
           1168789   ~0%    {2}    | JOIN WITH `InconsistentCheckReturnNull::assertInvocation/2#b2a4c9e3_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
        5533128288   ~0%    {3}    | JOIN WITH `Location::Location.getContainer/0#9edabfb6_10#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0
             50413   ~0%    {2}    | JOIN WITH `Element::Element.getLocation/0#dispred#6c3f5b09#bf` ON FIRST 2 OUTPUT Lhs.0, Lhs.2

              3043   ~0%    {2} r2 = JOIN `project#InconsistentCheckReturnNull::relevantFunctionCall/2#d18cd566` WITH `Expr::Expr.getLocation/0#dispred#0a3d90c6` ON FIRST 1 OUTPUT Rhs.1, Lhs.0

              3043   ~0%    {2} r3 = JOIN r2 WITH locations_default ON FIRST 1 OUTPUT Rhs.4, Lhs.1
              1945   ~3%    {2}    | JOIN WITH `InconsistentCheckReturnNull::assertInvocation/2#b2a4c9e3_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
           9106248   ~2%    {3}    | JOIN WITH `Location::Location.getContainer/0#9edabfb6_10#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0
                 0   ~0%    {2}    | JOIN WITH `Element::Element.getLocation/0#dispred#6c3f5b09#bf` ON FIRST 2 OUTPUT Lhs.0, Lhs.2

              3043   ~0%    {3} r4 = JOIN r2 WITH locations_default ON FIRST 1 OUTPUT _, Lhs.1, Rhs.4
              3043   ~0%    {2}    | REWRITE WITH Tmp.0 := 1, Out.0 := (In.2 + Tmp.0) KEEPING 2
              2013   ~0%    {2}    | JOIN WITH `InconsistentCheckReturnNull::assertInvocation/2#b2a4c9e3_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
           9621327   ~0%    {3}    | JOIN WITH `Location::Location.getContainer/0#9edabfb6_10#join_rhs` ON FIRST 1 OUTPUT Lhs.1, Rhs.1, Lhs.0
                24   ~3%    {2}    | JOIN WITH `Element::Element.getLocation/0#dispred#6c3f5b09#bf` ON FIRST 2 OUTPUT Lhs.0, Lhs.2

             50437   ~0%    {2} r5 = r1 UNION r3 UNION r4
                            return r5
 2025-10-02 17:36:21 +01:00
Ben Rodes
d251b3f9f7 Merge branch 'main' into signature_model_refactor 2025-10-02 09:02:34 -04:00
Mathias Vorreiter Pedersen
b0e9238ddf Merge branch 'main' into use-shared-guards-library 2025-10-01 11:59:17 +01:00
Mathias Vorreiter Pedersen
353ee8baa0 C++: Port a test from the experimental directory to show that it works in the non-experimental "new" range analysis. 2025-10-01 11:33:47 +01:00
Mathias Vorreiter Pedersen
ca53a8e787 C++: Update QLDoc. 2025-09-30 14:15:55 +01:00
Mathias Vorreiter Pedersen
1b2bd30a29 Update cpp/ql/lib/semmle/code/cpp/controlflow/IRGuards.qll 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
 2025-09-30 14:14:19 +01:00
github-actions[bot]
a7a4e43991 Post-release preparation for codeql-cli-2.23.2 2025-09-29 15:10:19 +00:00
github-actions[bot]
d2130a589b Release preparation for version 2.23.2 2025-09-29 10:28:45 +00:00
Jeroen Ketema
9dfd87c284 Merge pull request #20514 from jketema/permissive 
C++: Update tests after extractor changes
 2025-09-28 16:56:31 +02:00
Mathias Vorreiter Pedersen
c1c1f60241 C++: Delete incorrect comment and add a bunch of barrier guard tests. 2025-09-25 12:56:46 +01:00
Mathias Vorreiter Pedersen
04ce4057e1 C++: Add more comments to describe the constant expression hack. 2025-09-25 12:43:57 +01:00
Mathias Vorreiter Pedersen
5b5c1de05b C++: Fix fan-out. 2025-09-25 12:33:44 +01:00
Jeroen Ketema
e41b5f2bc0 C++: Update tests after extractor changes 2025-09-25 09:52:22 +02:00
Mathias Vorreiter Pedersen
b169ccf29a C++: Fully delete TRange. 2025-09-25 08:30:42 +01:00
Mathias Vorreiter Pedersen
a07d03f49b C++: Use the 'StoreInstruction' instead of the 'ReturnValueInstruction' when detecting return expressions. 2025-09-24 20:09:35 +01:00
Mathias Vorreiter Pedersen
26a8a4b3d2 C++: Add failing test demonstrating broken wrapper barrier guards. 2025-09-24 19:54:05 +01:00
Mathias Vorreiter Pedersen
b2269fb5f5 C++: Add more tests. 2025-09-24 19:06:02 +01:00
Mathias Vorreiter Pedersen
d15e388f5c C++: Get rid of the case range constant value with and instead implement 'rangeGuard'. 2025-09-24 15:52:10 +01:00
Mathias Vorreiter Pedersen
13cde4d700 C++: Add testcase demonstrating that a ConstantValue IPA branch representing a gcc case range is a bad idea. 2025-09-24 15:34:35 +01:00
Mathias Vorreiter Pedersen
d10d5fd05e C++: Rename in the name of consistency. 2025-09-24 15:34:03 +01:00
Mathias Vorreiter Pedersen
99e1a07b8e C++: Add a comment to the 'ConditionalBranchInstruction' case in 'additionalImpliesStep. 2025-09-24 10:58:47 +01:00
Mathias Vorreiter Pedersen
2b47ac83e8 C++: Remove superfluous inference logic. 2025-09-24 10:51:45 +01:00
Mathias Vorreiter Pedersen
b3cbdb5c1a C++: Add QLDoc to TRange. 2025-09-24 10:39:27 +01:00
Simon Friis Vindum
7d6e2060e5 Adapt all languages to changes in shared library 2025-09-22 14:18:58 +02:00
Mathias Vorreiter Pedersen
c481be8ea7 C++: Accept test changes for tests that select all types of an expression. 2025-09-18 12:16:28 +01:00
Mathias Vorreiter Pedersen
a4dbee3b13 C++: Add change note. 2025-09-18 12:16:26 +01:00
Mathias Vorreiter Pedersen
e22d6656fe C++: Fix barrier guards. 2025-09-18 12:16:25 +01:00
Mathias Vorreiter Pedersen
d8f34dba17 C++: Do not use the deprecated predicate in queries. 2025-09-18 12:16:23 +01:00
Mathias Vorreiter Pedersen
5e82eb9b24 C++: Fixup queries which assumes that a guard is always an expression. 2025-09-18 12:16:21 +01:00
Mathias Vorreiter Pedersen
fbd877a118 C++: Delete a test. This is no longer useful when every expression is a guard condition. 2025-09-18 12:16:20 +01:00
Mathias Vorreiter Pedersen
2dc783d91f C++: Accept test changes. 2025-09-18 12:16:16 +01:00
Mathias Vorreiter Pedersen
0b81fbbb2b C++: Fixup tests. 2025-09-18 12:16:11 +01:00
Mathias Vorreiter Pedersen
9ed8b75c5d C++: Add a few helper predicates on 'Definition' which the guards library needs. 2025-09-18 11:05:55 +01:00
Mathias Vorreiter Pedersen
ac5233d19c C++: Lots of renamings. 2025-09-18 11:05:54 +01:00
Mathias Vorreiter Pedersen
840097f121 C++: Instantiate the shared guards library. 2025-09-18 11:05:52 +01:00
Mathias Vorreiter Pedersen
3a8f77d6f4 C++: Qualified import of cpp. 2025-09-18 11:05:50 +01:00
Mathias Vorreiter Pedersen
2b0b8402ce C++: Delete a bunch of predicates. Also set up things so that they work after instantiating the shared guards library. 2025-09-18 11:05:49 +01:00
Mathias Vorreiter Pedersen
f0f4311b65 C++: Sync identical files. 2025-09-18 11:05:47 +01:00
Mathias Vorreiter Pedersen
70a8364a38 C++: Add another convenience predicate on 'BinaryInstruction'. 2025-09-18 11:05:45 +01:00
Mathias Vorreiter Pedersen
19b8e0db9c C++: Add a few subclasses to 'EdgeKind'. 2025-09-18 11:05:43 +01:00