hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,895 Commits 1,671 Branches 157 Tags
4f54bb66b807ee4b22f6be28cfbb71d21b901b10
Commit Graph

7811 Commits

Author SHA1 Message Date
Geoffrey White
4e2344c488 C++: Add test cases for SAXParser. 2022-04-28 16:11:08 +01:00
Jonas Jensen
f1fa7cba5a C++: Remove import order workarounds 
These workarounds are no longer needed from CodeQL CLI 2.9.0.
 2022-04-28 14:40:57 +02:00
Jeroen Ketema
4a648f3c89 Fix change note items 2022-04-28 14:14:19 +02:00
github-actions[bot]
8e4cf190e9 Release preparation for version 2.9.1 2022-04-28 11:59:05 +00:00
Mathias Vorreiter Pedersen
2517371a37 Merge pull request #8933 from MathiasVP/revert-globals 
C++: Revert #8515
 2022-04-28 10:38:08 +01:00
Mathias Vorreiter Pedersen
dc96d55943 Merge pull request #8888 from geoffw0/xxe2 
C++: Add support for createLSParser to the CWE-611 XXE query.
 2022-04-27 16:24:27 +01:00
Mathias Vorreiter Pedersen
75c1e56bbd Revert "Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars" 
This reverts commit 800e4ea7df, reversing
changes made to 7ce040f331.
 2022-04-27 16:04:28 +01:00
Geoffrey White
d04078f989 C++: Fix. 2022-04-27 15:45:23 +01:00
Geoffrey White
4aa41dfa52 Update cpp/ql/src/Security/CWE/CWE-611/XXE.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-04-27 13:06:02 +01:00
Geoffrey White
6ada1bd05b C++: Match createLSParser more precisely. 2022-04-27 11:51:17 +01:00
Erik Krogh Kristensen
e1c7d369be Merge pull request #8796 from erik-krogh/redundantImport 
Remove redundant imports
 2022-04-27 12:39:51 +02:00
Geoffrey White
a21af8e262 C++: Address QLDoc alerts. 2022-04-27 11:05:11 +01:00
Mathias Vorreiter Pedersen
800e4ea7df Merge pull request #8515 from rdmarsh2/rdmarsh2/ir-global-vars 
C++: generate IR for global variables with initializers
 2022-04-26 18:17:13 +01:00
Geoffrey White
7ce040f331 Merge pull request #8736 from geoffw0/xxe 
C++: New query for CWE-611 / XML External Entity Expansion (XXE)
 2022-04-26 17:21:06 +01:00
Geoffrey White
742949154b C++: Apply code style suggestion. 2022-04-26 16:53:24 +01:00
Erik Krogh Kristensen
d389012b75 Merge branch 'main' into redundantImport 2022-04-26 14:24:51 +02:00
Anders Schack-Mulligen
59aedc2872 Merge pull request #8853 from aschackmull/dataflow/fix-join 
Dataflow: Fix join-on-config producing a CP.
 2022-04-26 09:52:50 +02:00
Jeroen Ketema
e7580b68d8 Merge pull request #8852 from jketema/frontend-update 
Fix test regressions due to C++ frontend  update
 2022-04-26 09:52:34 +02:00
Mathias Vorreiter Pedersen
aca4c8727f Merge pull request #8802 from github/post-release-prep/codeql-cli-2.9.0 
Post-release preparation for codeql-cli-2.9.0
 2022-04-25 22:52:55 +01:00
Jeroen Ketema
73e4f0c044 C++: Set clang_version to the default from previous frontend version 
This ensures that `__atomic_fetch_min` parses and that the number of
builtins does not changed compared to the previous version of the
frontend.
 2022-04-25 21:15:28 +02:00
Jeroen Ketema
ccd545336c C++: Fix tests where float128 error message has changed 2022-04-25 21:14:20 +02:00
Jeroen Ketema
8e7066600a C++: Fix test failures where location of reference dereference in lambda changed 2022-04-25 21:14:17 +02:00
Jeroen Ketema
6c1e21cd91 C++: Fix test where variable access position is more accurate in frontend 2022-04-25 21:14:06 +02:00
Jeroen Ketema
5b0603a5b9 C++: Artificial block insertion for loops and switches has changed in frontend 
There are now more artificial blocks containing more than one instruction
(artificial blocks containing a single instruction have the extractor only
emit that instruction and not the block). The second instruction in each case
is the label for breaking out of a loop or switch.
 2022-04-25 21:13:52 +02:00
Jeroen Ketema
d43ae9b7ed C++: More artificially inserted blocks carry location information in frontend 2022-04-25 21:13:29 +02:00
Jeroen Ketema
a546e6e01c C++: Update test to run with C++14 
The test uses an `auto` return type without a trailing return type, which is
a C++14 feature.
 2022-04-25 21:13:24 +02:00
Jeroen Ketema
b9e7045a2f C++: Update vector type test to reflect it uses old-clang features 
These features are no longer available and the frontend does stricter checking
on this.
 2022-04-25 21:13:04 +02:00
Robert Marsh
d0fc348ad9 C++: autoformat 2022-04-25 14:17:49 -04:00
Mathias Vorreiter Pedersen
faaa2cedcd Merge pull request #8849 from JohnMcSandwich/main 
C++: add new Windows pool allocation functions in `Allocation.qll`
 2022-04-25 12:46:31 +01:00
Anders Schack-Mulligen
c06efa1f42 Dataflow: Sync. 2022-04-25 13:11:04 +02:00
Tom Hvitved
bffa8fa7cb Merge pull request #8641 from hvitved/dataflow/interpret-read-store 
Data flow: Introduce `ContentSet`
 2022-04-25 12:17:34 +02:00
Mathias Vorreiter Pedersen
516ef8d27a Update cpp/ql/lib/change-notes/2022-04-25-windows-pool-allocation-functions.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-04-25 10:54:12 +01:00
Mathias Vorreiter Pedersen
12c8d9c60e C++: Add change note. 2022-04-25 10:51:49 +01:00
JohnMcSandwich
b3dff77d1a C++: add new Windows pool allocation functions in Allocation.qll 
Add:
 - ExAllocatePool2
 - ExAllocatePool3
 - ExAllocatePoolZero
 2022-04-25 10:21:42 +02:00
Mathias Vorreiter Pedersen
e8b6bfbe0e Merge pull request #8813 from jketema/buffer 
C++: Cover variable sized member arrays without a size in `Buffer.qll`
 2022-04-25 09:20:31 +01:00
Tom Hvitved
2466288656 Data flow: Simplify revFlowStore 2022-04-25 10:11:54 +02:00
Tom Hvitved
cf0a1e748a Add change notes 2022-04-25 09:17:40 +02:00
Mathias Vorreiter Pedersen
1e61fdde8b Merge pull request #8815 from jketema/unreachable-test-case 
C++: Add non-returning function test case using `__builtin_expect`
 2022-04-22 16:47:44 +01:00
Jeroen Ketema
97d4a12fb2 C++: Add non-returning function test case using __builtin_expect 2022-04-22 17:10:54 +02:00
Jeroen Ketema
dee0f09197 C++: Cover variable sized member arrays without a size in Buffer.qll 
Currently the extractor incorrectly emits 0 for the array `data` below:
```
struct myStruct { // c
   ...
   char data[]; // v
};
```
This will change in the future, and  no size will be emitted anymore.
This commit makes sure `Buffer.qll` handles arrays without sizes.
 2022-04-22 16:57:24 +02:00
Robert Marsh
ebdf553621 Merge pull request #8806 from dbartol/dbartol/typedefs/work 
C++: Work around missing size for typedef
 2022-04-22 10:09:24 -04:00
Tom Hvitved
bc6ee10583 Data flow: Sync files 2022-04-22 15:10:00 +02:00
Tom Hvitved
b033f107df Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store 2022-04-22 14:35:02 +02:00
Geoffrey White
d859a91a14 C++: Add support for createLSParser. 2022-04-22 12:24:01 +01:00
Erik Krogh Kristensen
ff73dbc35c delete redundant imports 2022-04-22 12:55:28 +02:00
Geoffrey White
79aba67036 Merge branch 'main' into xxe 2022-04-22 11:50:41 +01:00
Erik Krogh Kristensen
a96489b23d delete duplicate imports 2022-04-22 12:41:30 +02:00
Mathias Vorreiter Pedersen
52dc016a7a Merge pull request #8798 from jketema/using 
C++: Fix tests after extractor changes that improve `using` position accuracy
 2022-04-22 08:15:34 +01:00
Dave Bartolomeo
83fdff54c4 Work around missing size for typedef 
See #8805 for the underlying issue. The symptom was bad IR generation on a large number of functions because we never generated an `IRVariable` for a parameter with the affected type.
 2022-04-21 16:16:09 -04:00
github-actions[bot]
1aecfc67c2 Post-release preparation for codeql-cli-2.9.0 2022-04-21 19:22:19 +00:00