hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-18 21:44:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
77,106 Commits 1,740 Branches 165 Tags
30ff68dc715f5b13b04f0561245ede080d2beb36
Commit Graph

113 Commits

Author SHA1 Message Date
Calum Grant
3193fe856a C++: Update comments 2024-12-20 09:11:58 +00:00
Calum Grant
7abe7003dc Update cpp/ql/test/query-tests/Likely Bugs/Memory Management/ReturnStackAllocatedMemory/test.cpp 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2024-12-19 16:01:05 +00:00
Calum Grant
e067ac92a7 C++: Address review comments 2024-12-19 14:27:13 +00:00
Calum Grant
14cef6a207 C++: Fix FPs to cpp/return-stack-allocated-memory 2024-12-17 15:58:39 +00:00
Mathias Vorreiter Pedersen
d5d04f2f4c C++: Add a 'cpp/unsafe-strncat' FP. 2024-07-08 15:13:00 +01:00
Jeroen Ketema
c8fec336ce C++: Fix typo in cpp/network-to-host-function-as-array-bound 2024-05-21 10:29:17 +02:00
Jeroen Ketema
1a60c01723 C++: Add memcmp test for cpp/network-to-host-function-as-array-bound 2024-05-21 10:27:38 +02:00
Mathias Vorreiter Pedersen
401a378598 C++: Accept test changes. 2023-11-23 14:12:16 +00:00
Mathias Vorreiter Pedersen
640e2f56d5 C++: Accept test changes. 2023-11-22 15:43:24 +00:00
Mathias Vorreiter Pedersen
2b8b5cf1b8 C++: Accept test changes. 2023-11-15 11:52:14 +00:00
Mathias Vorreiter Pedersen
118d50236f C++: Add failing tests. 2023-11-15 11:48:37 +00:00
Mathias Vorreiter Pedersen
16d62186c0 C++: Use this new predicate everywhere we need to convert an instruction to an expression. 2023-09-01 13:32:25 +01:00
Jeroen Ketema
18dea55071 C++: Fix cpp/alloca-in-loop regressions with use-use dataflow 2022-12-12 19:15:50 +01:00
Jeroen Ketema
4731f9222c Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-22 10:53:24 +01:00
Mathias Vorreiter Pedersen
ef6b85fa77 C++: Accept test changes. 2022-11-18 16:43:30 +00:00
Mathias Vorreiter Pedersen
172261495f Merge branch 'replace-ast-with-ir-use-usedataflow' into fix-as-expr 2022-10-28 10:32:31 +02:00
Mathias Vorreiter Pedersen
562f052eb0 C++: Accept test changes. 2022-10-26 17:06:38 +02:00
Robert Marsh
de89b4c69f C++: repair the ReturnCstr query 2022-10-26 11:02:23 -04:00
Mathias Vorreiter Pedersen
4c5953fce0 C++: Accept query-test changes. 2022-10-14 10:14:52 +02:00
erik-krogh
2351884352 update some alert-messages based on review feedback 2022-09-23 14:45:59 +02:00
erik-krogh
33165f4f55 CPP: update expected output 2022-09-23 14:45:59 +02:00
Mathias Vorreiter Pedersen
d6b8f25312 C++: Add more tests. 2022-09-06 15:22:10 +01:00
Nora Dimitrijević
8e60a4a478 Update StrncpyFlippedArgs.expected 
Add output lines for the newly implemented test case, test.cpp/test9().
 2022-08-10 13:42:21 +02:00
Nora Dimitrijević
df419003ad Use Strcpy.qll in StrncpyFlippedArgs.ql 
As a result, the query gets access to more types of strncpy-like
functions, as demonstrated by test.cpp, which now "fails" (i.e. works) for the new test
cases instroduced
in the previous commit.
 2022-08-10 13:42:21 +02:00
Nora Dimitrijević
554aea1bb8 New strcpy-variant in StrncpyFlippedArgs test 
Added wcsxfrm_l, which is not currently caught by the query,
meaning that in this case a successful
test implies missing functionality.
 2022-08-10 13:42:21 +02:00
Mathias Vorreiter Pedersen
5181cc1295 C++: Add a 'allowInterproceduralFlow' predicate to the 'MustFlow' library to and use it instead of checking the enclosing callables after computing the dataflow graph. 2022-08-02 13:43:01 +01:00
Jeroen Ketema
a546e6e01c C++: Update test to run with C++14 
The test uses an `auto` return type without a trailing return type, which is
a C++14 feature.
 2022-04-25 21:13:24 +02:00
Mathias Vorreiter Pedersen
dfb20f7721 Merge pull request #8368 from MathiasVP/add-must-flow-lib 
C++: Factor must-flow predicates out of two queries
 2022-03-09 17:07:23 +00:00
Mathias Vorreiter Pedersen
69417e150a C++: Address review comments. 2022-03-08 13:15:02 +00:00
Mathias Vorreiter Pedersen
bf10456bf5 C++: Add a path explanation to the 'cpp/using-expired-stack-address' query. 2022-03-03 13:55:00 +00:00
Mathias Vorreiter Pedersen
9df923a7c8 C++: Catch more true positives by stepping into calls in the 'cpp/using-expired-stack-address' query. 2022-03-03 13:53:09 +00:00
Mathias Vorreiter Pedersen
e4af34253a C++: Actually fix incorrect annotation 2022-02-24 11:06:57 +00:00
Mathias Vorreiter Pedersen
033edc24f4 C++: Respond to review comments. 2022-02-23 16:23:49 +00:00
Mathias Vorreiter Pedersen
53299d61eb C++: Add more tests. 2022-02-23 11:38:01 +00:00
Mathias Vorreiter Pedersen
ea35f56212 C++: Add a query for detecting uses of expired stack pointers that escaped through global variables. 2022-02-22 19:12:08 +00:00
Mathias Vorreiter Pedersen
48064c1c8f C++: Fix false positive. 2022-01-21 15:16:02 +00:00
Mathias Vorreiter Pedersen
7c8c2090f7 C++: Add real-world false positive from the 'cpp/return-stack-allocated-memory' query. 2022-01-21 15:14:18 +00:00
Mathias Vorreiter Pedersen
117795c409 Merge pull request #7682 from MathiasVP/rewrite-return-stack-allocated-memory-to-use-ir 
C++: Use the IR for `cpp/return-stack-allocated-memory`.
 2022-01-21 14:57:30 +00:00
Mathias Vorreiter Pedersen
e689f6bad2 C++: Use the IR for 'cpp/return-stack-allocated-memory'. 2022-01-20 18:22:49 +00:00
Geoffrey White
548a62d1ab C++: Fix branch related FPs in cpp/improper-null-termination. 2022-01-18 11:13:08 +00:00
Geoffrey White
5379b25146 C++: Add tests. 2021-10-20 15:44:56 +01:00
Geoffrey White
11b8d4191f C++: Repair .expected following merge. 2021-10-04 16:53:33 +01:00
Geoffrey White
2c64fa50d2 Merge branch 'main' into impropnullfp 2021-10-04 16:51:21 +01:00
Geoffrey White
ada30800c9 C++: Exclude results where identity-like functions obscure operations on a variable. 2021-10-01 16:16:06 +01:00
Geoffrey White
11d7a0b712 C++: Exclude results where the address of the variable is taken. 2021-10-01 14:39:02 +01:00
Geoffrey White
ec2e4f432a C++: Add more test cases, inspired by FPs on LGTM with the query. 2021-10-01 14:03:41 +01:00
Geoffrey White
74957dcb2e C++: Test spacing. 2021-10-01 13:59:34 +01:00
Geoffrey White
7e7dfe2cc4 C++: Understand format arguments. 2021-09-24 19:25:43 +01:00
Geoffrey White
91a8b9fdd9 C++: Add suggested test (and a good variant). 2021-09-24 18:34:28 +01:00
Geoffrey White
4e60fd5fc7 C++:Add the ImproperNullTerminationTainted.ql query to the test. 2021-09-03 15:53:24 +01:00