hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
85,119 Commits 1,693 Branches 160 Tags
4f4baee888344ec6ceaead3296ef21a95a5666e1
Commit Graph

203 Commits

Author SHA1 Message Date
Michael Nebel
83d53baf82 C++: Fix some Ql4Ql violations. 2025-09-03 08:19:18 +02:00
Mathias Vorreiter Pedersen
3a977b86d4 Update cpp/ql/lib/semmle/code/cpp/security/ProductFlowUtils/ProductFlowUtils.qll 
Co-authored-by: Idriss Riouak <idrissrio@github.com>
 2025-07-23 12:27:38 +01:00
Mathias Vorreiter Pedersen
5d6c4a63bb Update cpp/ql/lib/semmle/code/cpp/security/ProductFlowUtils/ProductFlowUtils.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-07-23 11:53:55 +01:00
Mathias Vorreiter Pedersen
a1f4246c5f C++: Extract the barriers from 'cpp/invalid-pointer-deref' into a library. 2025-07-22 18:35:29 +01:00
Mathias Vorreiter Pedersen
8b953e4f22 C++: No need for 'resolveCall' anymore. 2025-07-16 14:28:04 +01:00
Mathias Vorreiter Pedersen
ca913b452c C++: Don't summarize calls through function pointers in FunctionWithWrappers. 2025-07-16 11:51:46 +01:00
Jeroen Ketema
a77ddd7532 C++: Add Windows command line and environment models 2025-05-23 15:56:09 +02:00
Napalys Klicius
703aec1990 cpp: removed now unused predicate commandLineArg 2025-05-19 13:27:26 +02:00
Napalys Klicius
c74321a2ee all: used Erik's script to delete outdated deprecations 2025-05-19 13:26:08 +02:00
Mathew Payne
bbce0d0c65 Update cpp/ql/lib/semmle/code/cpp/security/FlowSources.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-05-16 18:55:00 +01:00
Mathew Payne
c79a724f5d feat(cpp): Update FlowSources to add wmain 2025-05-16 18:21:44 +01:00
Anders Schack-Mulligen
9375e571b1 C++: Use SSA data flow integration module. 2025-03-14 10:51:24 +01:00
Jeroen Ketema
0520fc2d9f Merge pull request #17583 from jketema/rm-inline 
C++: Remove `inline` pragma from sink
 2024-09-25 16:30:30 +02:00
Jeroen Ketema
0ee1383732 C++: Remove inline pragma from sink 2024-09-25 14:04:31 +02:00
Anders Schack-Mulligen
3a1b618a74 Cpp: Replace sink inlining with a forward scan from source. 2024-09-25 10:28:23 +02:00
REDMOND\brodes
1005a89007 Updating test cases. 2024-09-05 15:25:23 -04:00
REDMOND\brodes
77b88afa9e Removing commented out code and altering comments to explain why the code was removed. 2024-09-04 12:44:36 -04:00
REDMOND\brodes
e4d29905a9 Formatting and updating tests. 2024-09-04 11:16:24 -04:00
REDMOND\brodes
f0eeaaf44e BufferAccess must be reachable. False positives observed where accesses occur in dead code. 2024-09-04 11:16:23 -04:00
REDMOND\brodes
abd0a076a8 Addressing false positive with strncpy. 2024-09-04 11:16:21 -04:00
erik-krogh
0fdd06fff5 use my script to delete outdated deprecations 2024-09-03 20:30:58 +02:00
Mathias Vorreiter Pedersen
4079de125f C++: Fix FP by also excluding indirections of array expressions. 2024-06-13 10:59:39 +01:00
Geoffrey White
a8742ea111 C++: PascalCase and US spelling fixes. 2024-04-03 14:17:55 +01:00
Geoffrey White
fa26b55452 C++: Add models-as-data models for ZMQ networking library + wiring. 2024-03-28 21:50:07 +00:00
Geoffrey White
8d3fc735ea C++: Fix compilation issue in UseAfterFree.qll. 2024-03-13 17:03:00 +00:00
Geoffrey White
1da611cc02 Merge branch 'main' into mad 2024-02-27 17:29:45 +00:00
Ben Rodes
55fe8d376c Update cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll 2024-01-23 10:49:47 -05:00
Benjamin Rodes
dfb3aec002 Removing unnecessary private modules and adding comments. 2024-01-23 10:47:38 -05:00
Mathias Vorreiter Pedersen
42fd3fc836 C++: Make more things 'private' and add QLDoc to public things. (#40) 2024-01-23 10:27:01 -05:00
Benjamin Rodes
da10e6ca5b Moving FlowAfterFree and UseAfterFree.qll as a general purpose lib. 2024-01-22 11:18:03 -05:00
Geoffrey White
a8863e44db C++: Port implementation to CPP. 2024-01-18 13:24:57 +00:00
Jeroen Ketema
5165999e9e C++: Deprecate isUserInput, userInputArgument, and userInputReturned 2023-12-08 13:21:31 +01:00
Jeroen Ketema
c02a732632 C++: Remove DefaultTaintTracking library 2023-11-24 18:35:19 +01:00
Mathias Vorreiter Pedersen
375f0ea8b6 C++: Update documentation. 2023-10-30 15:57:30 +00:00
Mathias Vorreiter Pedersen
1e699ec0e5 C++: Simplify 'InvalidPointerToDereference.qll' now that the difference between 'derefSource' and 'pai' is always 0. 2023-10-30 15:53:48 +00:00
Mathias Vorreiter Pedersen
c8edf3151b C++: Remove the use of range analysis in 'invalidPointerToDerefSource'. 2023-10-30 15:47:47 +00:00
Mathias Vorreiter Pedersen
7e6857d36b C++: Make 'hasSize' slightly smarter when handling ternary operators. 2023-10-16 10:48:28 +01:00
Mathias Vorreiter Pedersen
843e9ad254 C++: Add more QLDoc. 2023-10-04 14:37:05 +02:00
Mathias Vorreiter Pedersen
9df5e43fae C++: Block flow through indirect flow through pointer-arithmetic instructions when following flow for the allocation size. 2023-10-03 15:31:50 +02:00
Mathias Vorreiter Pedersen
20f501d1c7 C++: Change queries to use 'asExpr' instead of 'asConvertedExpr'. 2023-09-01 15:01:32 +01:00
Mathias Vorreiter Pedersen
d14ad92dbd Merge pull request #14006 from MathiasVP/promote-invalid-pointer-deref-out-of-experimental 
C++: Promote `cpp/invalid-pointer-deref` out of experimental
 2023-08-29 09:38:56 +01:00
Mathias Vorreiter Pedersen
89b91ec5c8 C++: Disable field flow from the 'cpp/invalid-pointer-deref' query. 2023-08-25 15:01:37 +01:00
Alex Eyers-Taylor
a2f2b6c33f CPP:Only consider **argv as tainted. 2023-08-25 13:05:10 +01:00
Mathias Vorreiter Pedersen
9c5d7350dc C++: Add a small amount of pruning to 'SizeBarrierConfig'. 2023-08-25 10:25:28 +01:00
Mathias Vorreiter Pedersen
ded06a77d0 C++: More pruning. 2023-08-25 10:22:55 +01:00
Mathias Vorreiter Pedersen
123e58767b C++: Share RangeAnalysisUtil with 'cpp/overrun-write'. 2023-08-23 22:42:00 +01:00
Mathias Vorreiter Pedersen
9359bea7b5 Merge pull request #13725 from MathiasVP/fix-barriers-in-invalid-pointer-deref 
C++: Fix barriers in invalid pointer deref
 2023-08-14 14:29:12 +01:00
Mathias Vorreiter Pedersen
e2f671e327 C++: Add more comments. 2023-08-14 10:44:46 +01:00
Mathias Vorreiter Pedersen
df9c756369 C++: Add more comments. 2023-08-14 10:09:27 +01:00
Mathias Vorreiter Pedersen
c265113073 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-08-14 09:51:28 +01:00