hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 08:42:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,754 Commits 1,673 Branches 157 Tags
2a5dd2c8a396d71bfcd472a48a01175fd113abe7
Commit Graph

4812 Commits

Author SHA1 Message Date
Jonas Jensen
0459248b9f Merge remote-tracking branch 'upstream/main' into SimpleRangeAnalysis-guard-overflow 2020-10-12 14:32:29 +02:00
Geoffrey White
6440db786d Merge pull request #4420 from jbj/SimpleRangeAnalysis-widen-Expr 
C++: SimpleRangeAnalysis: widen recursive *, +, -
 2020-10-12 11:20:09 +01:00
Jonas Jensen
30b9d13a45 C++: Correct annotation in test 2020-10-12 11:25:38 +02:00
Jonas Jensen
9b12ceae8d C++: SimpleRangeAnalysis: widen recursive *, +, - 
The number of candidate bounds during the main `SimpleRangeAnalysis`
recursion was in principle always exponential in the size of the
program, but in practice it did not get out of hand when only `+` and
`-` operations were supported. Now that `*` is also supported, the range
analysis started timing out on the SinaMostafanejad/OpenRDM project. The
problematic expressions in that project are of the form

    a*x*x*x + b*x*x + c*x + d

where most of the variables involved are recursive definitions and are
therefore likely to have a large number of candidate bounds.

The fix here is to identify those few binary operations that are most
likely to cause an explosion in the number of bounds and apply widening
to them. Previously, widening was only applied at definitions.
 2020-10-12 11:09:01 +02:00
Jonas Jensen
bbeea452e1 C++: Add test with widening of binary Expr 2020-10-12 11:08:41 +02:00
Anders Schack-Mulligen
725194a3b8 Merge pull request #4447 from aschackmull/dataflow/postupdate-flow-consistency 
Dataflow: Introduce consistency check for flow targeting PostUpdateNodes
 2020-10-12 08:56:19 +02:00
Anders Schack-Mulligen
091e3a2931 Dataflow: Adjust test output. 2020-10-09 16:25:14 +02:00
Anders Schack-Mulligen
1c043447e8 Dataflow: Introduce consistency check for flow targeting PostUpdateNodes. 2020-10-09 14:29:52 +02:00
Jonas Jensen
4c9ffcec27 Merge pull request #4396 from geoffw0/stringsets 
C++: Use [, ...] syntax more widely.
 2020-10-09 13:30:05 +02:00
Geoffrey White
493b80c44d C++: Fix incorrect translations to hasQualifiedName. 2020-10-08 17:56:57 +01:00
Jonas Jensen
b409cf6cea Merge pull request #4389 from gsingh93/bitwise-and 
Improve range analysis for bitwise and
 2020-10-08 15:18:15 +02:00
Gulshan Singh
662736eb2d Fix compiler error after removing getLOp/getROp 2020-10-07 12:45:08 -07:00
Gulshan Singh
7233ffa50f Address review comments 2020-10-07 00:21:06 -07:00
Jonas Jensen
984194d308 Merge pull request #4406 from geoffw0/set 
C++: Models for std::set and std::unordered_set
 2020-10-06 15:43:12 +02:00
Jonas Jensen
1d9acbfca9 C++: Demonstrate overflowing guard bounds 2020-10-06 15:31:34 +02:00
Jonas Jensen
6b2ae5d1ad Merge pull request #4393 from MathiasVP/no-more-flow-into-read-side-effect 
C++: No more flow into ReadSideEffect instructions
 2020-10-05 19:46:32 +02:00
Robert Marsh
b7dcd5c557 Merge pull request #4395 from geoffw0/modelbeginend 
C++: Merge StdSequenceContainerBeginEnd into the general BeginOrEndFunction
 2020-10-05 12:22:27 -04:00
Geoffrey White
4db964fca9 Merge branch 'main' into set 2020-10-05 15:16:42 +01:00
Geoffrey White
d93b37d5c5 C++: Autoformat some more files. 2020-10-05 15:11:23 +01:00
Mathias Vorreiter Pedersen
a6d7b1f9d9 Update cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-10-05 15:21:15 +02:00
Mathias Vorreiter Pedersen
e95aefe0b2 C++: Now that PrimaryArgumentNode is an OperandNode we want a specialized toString on it 2020-10-05 15:13:33 +02:00
Mathias Vorreiter Pedersen
d162c3d8c6 C++: Accept more test changes 2020-10-05 14:29:57 +02:00
Geoffrey White
855d2b50d7 C++: Correct test comments. 2020-10-05 13:00:51 +01:00
Geoffrey White
c757813d65 Merge branch 'main' into map 2020-10-05 12:32:49 +01:00
Geoffrey White
591c17d7cf C++: Rearrange comments. 2020-10-05 12:22:08 +01:00
Mathias Vorreiter Pedersen
6c87b08c69 C++: Respond to review comments: 
- ArgumentNode is now abstract
- PrimaryArgumentNode is now an OperandNode.
- ArgumentIndirectionNode is now merged into SideEffectArgumentNode.
 2020-10-05 12:54:11 +02:00
Geoffrey White
488a55b9dd C++: Autoformat. 2020-10-05 10:39:32 +01:00
Mathias Vorreiter Pedersen
4c14f5dbb7 Merge branch 'main' into no-more-flow-into-read-side-effect 2020-10-05 11:03:42 +02:00
Mathias Vorreiter Pedersen
d38121f54a Merge pull request #4394 from geoffw0/oddsends2 
C++: Clean up and add to taint tests
 2020-10-05 09:16:50 +02:00
Alexander Eyers-Taylor
30ed6a0dac Merge pull request #4385 from aibaars/drop-queries 
Drop 'tech-inventory' and 'code duplication' queries from the standard query suites
 2020-10-02 18:31:25 +01:00
Geoffrey White
3536d84bdf C++: Use [, ...] syntax more widely. 2020-10-02 18:04:03 +01:00
Geoffrey White
1efe461a98 C++: Move the rest of of StdSequenceContainerBeginEnd into BeginOrEndFunction. 2020-10-02 18:03:46 +01:00
Geoffrey White
8d5bd2289b C++: Remove parts of StdSequenceContainerBeginEnd in favour of BeginOrEndFunction. 2020-10-02 18:03:46 +01:00
Geoffrey White
8d5febf9c4 C++: Add a couple more test cases that have been discussed. 2020-10-02 18:03:07 +01:00
Geoffrey White
cc170bd513 C++: Test layout. 2020-10-02 18:03:07 +01:00
Geoffrey White
2dc8fba7fe C++: Remove StdMapBeginEnd as we now have a general model BeginOrEndFunction in main. 2020-10-02 16:39:23 +01:00
Geoffrey White
0d6bd6facb Merge branch 'main' into map 2020-10-02 16:24:03 +01:00
Geoffrey White
d4a1acedde C++: Remove StdSetBeginEnd as we now have a general model BeginOrEndFunction in main. 2020-10-02 16:23:48 +01:00
Arthur Baars
daa1bcc06e Also mark 'tech inventory' queries as deprecated 2020-10-02 17:23:11 +02:00
Arthur Baars
fc45b6cd3c Drop 'tech-inventory' and 'code duplication' queries from the standard query suites 2020-10-02 17:22:04 +02:00
Geoffrey White
88a93964a7 Merge branch 'main' into set 2020-10-02 16:17:48 +01:00
Geoffrey White
28ab092e9f C++: Add 'tainted' markers to standalone_iterators.cpp test. 2020-10-02 15:54:26 +01:00
Mathias Vorreiter Pedersen
072e1967c1 C++: Accept more tests 2020-10-02 15:51:29 +02:00
Mathias Vorreiter Pedersen
48902c07a4 C++: Accept test changes 2020-10-02 14:10:58 +02:00
Mathias Vorreiter Pedersen
8f4982d3f5 C++: Remove flow into ReadSideEffect instructions in simpleInstructionLocalFlowStep 2020-10-02 14:10:28 +02:00
Geoffrey White
4b0e9a4fb1 C++: Remove the model of make_pair. 2020-10-02 10:55:13 +01:00
Geoffrey White
0b6096ebfe C++: Define make_pair and declare std::forward in the test. 2020-10-02 10:51:34 +01:00
Chris Smowton
aa707e9370 Merge pull request #4381 from smowton/smowton/admin/fix-owasp-broken-links 
Fix OWASP broken links
 2020-10-02 08:51:36 +01:00
Gulshan Singh
f026d3a1e6 C++: Improve bitwise and range analysis 2020-10-01 23:30:51 -07:00
Gulshan Singh
78625b764d C++: Add test for bitwise and ranges 2020-10-01 23:30:48 -07:00