hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-22 23:49:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,636 Commits 1,712 Branches 163 Tags
347bd2ebc2eec49cdb7034cd88c1a406fd5dd74a
Commit Graph

2679 Commits

Author SHA1 Message Date
Robert Marsh
d706d7b7a4 Merge pull request #5887 from MathiasVP/fewer-rand-sources-in-uncontrolled-arithmetic 
C++: Add more sanitizers to `cpp/uncontrolled-arithmetic`
 2021-05-14 15:35:56 -07:00
Mathias Vorreiter Pedersen
e94dab70b5 C++: Add sanitizers to cpp/uncontrolled-arithmetic. 2021-05-12 15:44:09 +02:00
Geoffrey White
8f152b7380 Merge pull request #5877 from MathiasVP/detect-more-abs-in-overflow-library 
C++: Detect more uses of `abs`
 2021-05-12 10:02:12 +01:00
Mathias Vorreiter Pedersen
948f1d8e34 C++: Add testcase with INTMAX_MIN. 2021-05-11 19:43:21 +02:00
Geoffrey White
d7e560c611 Merge pull request #5767 from ihsinme/ihsinme-patch-268 
CPP: Add query for CWE-1126: Declaration of Variable with Unnecessarily Wide Scope
 2021-05-11 15:24:25 +01:00
Mathias Vorreiter Pedersen
48e783184c C++: Fix false positive by recognizing more absolute value functions in Overflow.qll 2021-05-11 14:30:28 +02:00
Mathias Vorreiter Pedersen
24d8abd2c2 C++: Add false positive testcase when an absolute value is used in comparison. 2021-05-11 14:27:53 +02:00
AlexDenisov
2905bb8b9a Merge pull request #5861 from AlexDenisov/alexdenisov/adjust-user-defined-literals-test 
C++: Adjust user-defined literals test' expectations
 2021-05-11 09:31:54 +02:00
Mathias Vorreiter Pedersen
5016c6436a Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type 
C++: Fix false positive in `cpp/comparison-with-wider-type`
 2021-05-10 17:58:31 +02:00
Mathias Vorreiter Pedersen
51d04cb5b3 C++: Correct test annotation. 2021-05-10 15:30:35 +02:00
Mathias Vorreiter Pedersen
c0b65314be C++: Fix false positive by restricting _both_ the old (unconverted) expression _and_ all of the conversions. 2021-05-10 15:18:42 +02:00
Mathias Vorreiter Pedersen
c7cd75437f C++: Add testcase demonstrating false positive from conversions. 2021-05-10 14:58:33 +02:00
ihsinme
9e5a38debd Update DeclarationOfVariableWithUnnecessarilyWideScope.expected 2021-05-10 14:17:40 +03:00
ihsinme
d3c6093f37 Update test.c 2021-05-10 14:16:38 +03:00
Alex Denisov
dcdd54593e C++: Adjust user-defined literals test' expectations 2021-05-10 13:03:40 +02:00
Mathias Vorreiter Pedersen
c91ed80e6c C++: Fix false positive by computing range of the converted expression. 2021-05-10 10:12:43 +02:00
Mathias Vorreiter Pedersen
7ac7830973 C++: Add testcase with false positive involving a conversion on the large-expression side of the comparison. 2021-05-10 10:11:31 +02:00
Geoffrey White
65ac5b862d Merge pull request #5847 from MathiasVP/improve-wrong-in-detecting-and-handling-memory-allocation-errors 
Improve wrong in detecting and handling memory allocation errors
 2021-05-07 17:39:04 +01:00
Geoffrey White
75edcf0b4f Merge branch 'main' into unsigneddiff2 2021-05-07 16:35:16 +01:00
Mathias Vorreiter Pedersen
fc7d9c2c09 C++: Fix missing result by properly specifying that the function with unknown code actually didn't throw an exception. 2021-05-07 12:34:38 +02:00
Mathias Vorreiter Pedersen
90e8368258 C++: Properly handle conversions in convertedExprMayThrow. This recursive implementation idea is stolen from convertedExprMightOverflow in SimpleRangeAnalysis. 2021-05-07 12:31:43 +02:00
Mathias Vorreiter Pedersen
7adb7b67f2 C++: Add false positive testcase involving conversions. 2021-05-07 12:19:19 +02:00
Mathias Vorreiter Pedersen
88e6cbaacd C++: Include Assignments in exprMayThrow and accept test changes. 2021-05-07 11:49:25 +02:00
Mathias Vorreiter Pedersen
80d41d9fe5 C++: Add false positive testcase involving assignments. 2021-05-07 11:48:09 +02:00
Mathias Vorreiter Pedersen
5437bd7a41 C++: Fix annotation. 2021-05-06 17:57:57 +02:00
Mathias Vorreiter Pedersen
c12837cff0 C++: Fix false negative. 2021-05-06 16:57:09 +02:00
Mathias Vorreiter Pedersen
7b8a51f995 C++: Add test with missing result. 2021-05-06 16:56:11 +02:00
Mathias Vorreiter Pedersen
167dc86f7a C++: Accept test changes. 2021-05-06 14:36:35 +02:00
Mathias Vorreiter Pedersen
42b8f923be C++: Call noexcept constructor instead. 2021-05-06 14:30:43 +02:00
Mathias Vorreiter Pedersen
420215931c C++: Rename query. 2021-05-06 13:35:08 +02:00
Mathias Vorreiter Pedersen
d3576b9c92 C++: Accept test changes. 2021-05-06 13:29:28 +02:00
Mathias Vorreiter Pedersen
58f3048808 C++: Add more testcases. 2021-05-06 13:15:34 +02:00
ihsinme
bb97507ebc Update test.c 2021-05-02 22:59:56 +03:00
ihsinme
21f43252e6 Update DeclarationOfVariableWithUnnecessarilyWideScope.expected 2021-05-02 22:59:04 +03:00
Mathias Vorreiter Pedersen
44de127bff C++: Extend and improve the testcases for cpp/detect-and-handle-memory-allocation-errors. 2021-04-29 11:57:43 +02:00
Mathias Vorreiter Pedersen
0f141edbc3 Merge pull request #5737 from dbartol/dbartol/smart-pointers/work 
C++: IR Alias Analysis for smart pointers
 2021-04-27 21:40:14 +02:00
Mathias Vorreiter Pedersen
04a785b9fb C++: Accept test changes. 2021-04-27 09:43:27 +02:00
ihsinme
98f7f70814 Add files via upload 2021-04-25 22:35:40 +03:00
Dave Bartolomeo
383210096c C++: Isolate models from AST dataflow's reference/object conflation 
`DataFlowFunction` models treat references a pointers - an explicit level of indirection. The AST dataflow library generally treats references as if they were the referred-to object. This commit removes a workaround in the dataflow model for unary `operator*` on smart pointers, and makes the AST dataflow library adjust the results of querying the model so that a returned reference only gets flow that was modeled as going to the dereference of the return value.

This fixes some missing flow in IR dataflow, and recovers some (presumably) missing reverse taint flow in AST taint tracking as well.
 2021-04-21 18:09:44 -04:00
Geoffrey White
ba335089c4 Merge pull request #5601 from ihsinme/ihsinme-patch-259 
CPP: Add query for CWE-691 Insufficient Control Flow Management After Refactoring The Code
 2021-04-21 15:13:38 +01:00
Dave Bartolomeo
1d0cb0407d Merge from main 2021-04-20 23:37:04 -04:00
Dave Bartolomeo
a447b049fc C++: Impoved alias analysis of smart pointers 2021-04-20 19:42:06 -04:00
Dave Bartolomeo
078d2522d2 C++: Add missing shared_ptr<T> members 2021-04-20 19:40:36 -04:00
Dave Bartolomeo
45968efd28 C++: Add shared test headers to emulate standard library types 2021-04-20 18:21:50 -04:00
Mathias Vorreiter Pedersen
93e55e2631 C++: Fix FP in cpp/return-stack-allocated-memory. 2021-04-20 13:58:12 +02:00
Mathias Vorreiter Pedersen
1797b6c7f9 C++: Add FP test from the work on smart pointers in dataflow. 2021-04-20 13:54:57 +02:00
Jonas Jensen
d4fdd50e2c Merge pull request #5723 from MathiasVP/cleanup-smart-ptr-model 
C++: Simplify smart pointer model
 2021-04-20 13:25:02 +02:00
Geoffrey White
2b7e599dc4 Merge pull request #5703 from MathiasVP/improve-access-of-memory-location-after-end-of-buffer-using-strncat 
C++: Improve cpp/access-memory-location-after-end-buffer-strncat
 2021-04-20 10:44:24 +01:00
Mathias Vorreiter Pedersen
61d4d17225 C++: Simplify smart pointer model and accept test changes. 2021-04-20 09:57:58 +02:00
ihsinme
c2d97b98e2 Merge branch 'main' into ihsinme-patch-259 2021-04-18 21:01:56 +03:00