hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-26 09:18:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,482 Commits 1,718 Branches 163 Tags
34fbafafde8be89e1383b378c052cbcdcdcc7000
Commit Graph

2667 Commits

Author SHA1 Message Date
AlexDenisov
2905bb8b9a Merge pull request #5861 from AlexDenisov/alexdenisov/adjust-user-defined-literals-test 
C++: Adjust user-defined literals test' expectations
 2021-05-11 09:31:54 +02:00
Mathias Vorreiter Pedersen
5016c6436a Merge pull request #5859 from MathiasVP/fix-fp-in-comparison-with-wider-type 
C++: Fix false positive in `cpp/comparison-with-wider-type`
 2021-05-10 17:58:31 +02:00
Mathias Vorreiter Pedersen
51d04cb5b3 C++: Correct test annotation. 2021-05-10 15:30:35 +02:00
Mathias Vorreiter Pedersen
c0b65314be C++: Fix false positive by restricting _both_ the old (unconverted) expression _and_ all of the conversions. 2021-05-10 15:18:42 +02:00
Mathias Vorreiter Pedersen
c7cd75437f C++: Add testcase demonstrating false positive from conversions. 2021-05-10 14:58:33 +02:00
Alex Denisov
dcdd54593e C++: Adjust user-defined literals test' expectations 2021-05-10 13:03:40 +02:00
Mathias Vorreiter Pedersen
c91ed80e6c C++: Fix false positive by computing range of the converted expression. 2021-05-10 10:12:43 +02:00
Mathias Vorreiter Pedersen
7ac7830973 C++: Add testcase with false positive involving a conversion on the large-expression side of the comparison. 2021-05-10 10:11:31 +02:00
Geoffrey White
65ac5b862d Merge pull request #5847 from MathiasVP/improve-wrong-in-detecting-and-handling-memory-allocation-errors 
Improve wrong in detecting and handling memory allocation errors
 2021-05-07 17:39:04 +01:00
Geoffrey White
75edcf0b4f Merge branch 'main' into unsigneddiff2 2021-05-07 16:35:16 +01:00
Mathias Vorreiter Pedersen
fc7d9c2c09 C++: Fix missing result by properly specifying that the function with unknown code actually didn't throw an exception. 2021-05-07 12:34:38 +02:00
Mathias Vorreiter Pedersen
90e8368258 C++: Properly handle conversions in convertedExprMayThrow. This recursive implementation idea is stolen from convertedExprMightOverflow in SimpleRangeAnalysis. 2021-05-07 12:31:43 +02:00
Mathias Vorreiter Pedersen
7adb7b67f2 C++: Add false positive testcase involving conversions. 2021-05-07 12:19:19 +02:00
Mathias Vorreiter Pedersen
88e6cbaacd C++: Include Assignments in exprMayThrow and accept test changes. 2021-05-07 11:49:25 +02:00
Mathias Vorreiter Pedersen
80d41d9fe5 C++: Add false positive testcase involving assignments. 2021-05-07 11:48:09 +02:00
Mathias Vorreiter Pedersen
5437bd7a41 C++: Fix annotation. 2021-05-06 17:57:57 +02:00
Mathias Vorreiter Pedersen
c12837cff0 C++: Fix false negative. 2021-05-06 16:57:09 +02:00
Mathias Vorreiter Pedersen
7b8a51f995 C++: Add test with missing result. 2021-05-06 16:56:11 +02:00
Mathias Vorreiter Pedersen
167dc86f7a C++: Accept test changes. 2021-05-06 14:36:35 +02:00
Mathias Vorreiter Pedersen
42b8f923be C++: Call noexcept constructor instead. 2021-05-06 14:30:43 +02:00
Mathias Vorreiter Pedersen
420215931c C++: Rename query. 2021-05-06 13:35:08 +02:00
Mathias Vorreiter Pedersen
d3576b9c92 C++: Accept test changes. 2021-05-06 13:29:28 +02:00
Mathias Vorreiter Pedersen
58f3048808 C++: Add more testcases. 2021-05-06 13:15:34 +02:00
Mathias Vorreiter Pedersen
44de127bff C++: Extend and improve the testcases for cpp/detect-and-handle-memory-allocation-errors. 2021-04-29 11:57:43 +02:00
Mathias Vorreiter Pedersen
0f141edbc3 Merge pull request #5737 from dbartol/dbartol/smart-pointers/work 
C++: IR Alias Analysis for smart pointers
 2021-04-27 21:40:14 +02:00
Mathias Vorreiter Pedersen
04a785b9fb C++: Accept test changes. 2021-04-27 09:43:27 +02:00
Dave Bartolomeo
383210096c C++: Isolate models from AST dataflow's reference/object conflation 
`DataFlowFunction` models treat references a pointers - an explicit level of indirection. The AST dataflow library generally treats references as if they were the referred-to object. This commit removes a workaround in the dataflow model for unary `operator*` on smart pointers, and makes the AST dataflow library adjust the results of querying the model so that a returned reference only gets flow that was modeled as going to the dereference of the return value.

This fixes some missing flow in IR dataflow, and recovers some (presumably) missing reverse taint flow in AST taint tracking as well.
 2021-04-21 18:09:44 -04:00
Geoffrey White
ba335089c4 Merge pull request #5601 from ihsinme/ihsinme-patch-259 
CPP: Add query for CWE-691 Insufficient Control Flow Management After Refactoring The Code
 2021-04-21 15:13:38 +01:00
Dave Bartolomeo
1d0cb0407d Merge from main 2021-04-20 23:37:04 -04:00
Dave Bartolomeo
a447b049fc C++: Impoved alias analysis of smart pointers 2021-04-20 19:42:06 -04:00
Dave Bartolomeo
078d2522d2 C++: Add missing shared_ptr<T> members 2021-04-20 19:40:36 -04:00
Dave Bartolomeo
45968efd28 C++: Add shared test headers to emulate standard library types 2021-04-20 18:21:50 -04:00
Mathias Vorreiter Pedersen
93e55e2631 C++: Fix FP in cpp/return-stack-allocated-memory. 2021-04-20 13:58:12 +02:00
Mathias Vorreiter Pedersen
1797b6c7f9 C++: Add FP test from the work on smart pointers in dataflow. 2021-04-20 13:54:57 +02:00
Jonas Jensen
d4fdd50e2c Merge pull request #5723 from MathiasVP/cleanup-smart-ptr-model 
C++: Simplify smart pointer model
 2021-04-20 13:25:02 +02:00
Geoffrey White
2b7e599dc4 Merge pull request #5703 from MathiasVP/improve-access-of-memory-location-after-end-of-buffer-using-strncat 
C++: Improve cpp/access-memory-location-after-end-buffer-strncat
 2021-04-20 10:44:24 +01:00
Mathias Vorreiter Pedersen
61d4d17225 C++: Simplify smart pointer model and accept test changes. 2021-04-20 09:57:58 +02:00
ihsinme
c2d97b98e2 Merge branch 'main' into ihsinme-patch-259 2021-04-18 21:01:56 +03:00
Mathias Vorreiter Pedersen
95742aec69 C++: Accept test changes for the other experimental query in the directory. This is only a change in line numbers. 2021-04-16 21:29:17 +02:00
Mathias Vorreiter Pedersen
64f8316a6d C++: Tidy up the ql file and accept test changes. 2021-04-16 21:22:13 +02:00
Mathias Vorreiter Pedersen
1e327289b2 C++: Add false negative test. 2021-04-16 18:38:51 +02:00
Mathias Vorreiter Pedersen
50abb6e3a1 C++: Cleanup test.c 2021-04-16 17:32:44 +02:00
Geoffrey White
e1028a2765 Merge pull request #5667 from MathiasVP/use-range-analysis-in-overflow 
C++: Use range analysis in Overflow.qll
 2021-04-16 12:00:28 +01:00
Mathias Vorreiter Pedersen
7fbc62358e C++: Accept test changes after making the exprMightOverFlow predicates more sound. 2021-04-15 13:57:44 +02:00
Robert Marsh
fe57876fd8 Merge pull request #5643 from dbartol/smart-pointers/side-effect-refactor 
C++: Refactor some side effect generation code
 2021-04-14 09:59:41 -07:00
Jonas Jensen
b4f01c9afa Merge pull request #5578 from MathiasVP/ast-flow-smart-pointers 
C++: AST dataflow through smart pointers
 2021-04-14 16:39:05 +02:00
Mathias Vorreiter Pedersen
92508beb82 Merge pull request #5600 from ihsinme/ihsinme-patch-258 
CPP: Add query for CWE-691 Insufficient Control Flow Management When Using Bit Operations
 2021-04-14 14:55:30 +02:00
Mathias Vorreiter Pedersen
bc7cc2f7ce C++: Remove rule that wasn't needed. 2021-04-14 14:50:27 +02:00
Mathias Vorreiter Pedersen
da36508714 Revert "C++: As response to the review comments this commit adds a reference-to-pointer state to AddressFlow. A call to an unwrapper function now adds a pointer -> reference-to-pointer transition, and a ReferenceDereference adds a reference-to-pointer -> pointer transition." 
This reverts commit 5aeaab7c6d.
 2021-04-14 14:41:22 +02:00
Robert Marsh
419d25cbcf Merge pull request #5325 from ihsinme/ihsinme-patch-245 
CPP: Add query for CWE-783 Operator Precedence Logic Error When Use Bool Type
 2021-04-13 13:24:39 -07:00