hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,895 Commits 1,671 Branches 157 Tags
4f54bb66b807ee4b22f6be28cfbb71d21b901b10
Commit Graph

7811 Commits

Author SHA1 Message Date
Paul1nh0
2dad2c477b query description added 2022-03-22 19:06:03 +08:00
Geoffrey White
5d5904d6c8 C++: Autoformat. 2022-03-22 10:55:04 +00:00
Mathias Vorreiter Pedersen
5cbd86519b C++: Add internal extraction errors query and modify the 'code-scanning-selectors' to exclude internal queries. 2022-03-22 10:52:02 +00:00
Jeroen Ketema
2d9b630fa8 C++: Fix ExecTainted.ql formatting 2022-03-21 23:28:58 +01:00
Jeroen Ketema
b79eb6d10d C++: Encode string value of data flow nodes in ExecState 2022-03-21 21:29:42 +01:00
Robert Marsh
23e9963a19 Merge branch 'main' into rdmarsh2/ir-global-vars 2022-03-21 16:13:40 -04:00
Robert Marsh
5bb6441047 C++: Fix consistency issues with aggregate inits 2022-03-21 16:01:24 -04:00
github-actions[bot]
a3e74efc21 Post-release preparation for codeql-cli-2.8.4 2022-03-21 19:36:47 +00:00
Robert Marsh
a36c6f2dab C++: restrict IR generation to global vars w inits 2022-03-21 14:26:29 -04:00
Robert Marsh
c27dfb5120 C++: IR translation for global variable inits 2022-03-21 13:17:05 -04:00
github-actions[bot]
dedc8c2254 Release preparation for version 2.8.4 2022-03-21 13:25:49 +00:00
Geoffrey White
97fef4b3a5 C++: Switch strategy to nomagic. 2022-03-21 12:58:06 +00:00
Geoffrey White
7f825c12eb C++: Make getUnderlyingType 'nomagic'. 2022-03-21 11:12:18 +00:00
Jeroen Ketema
e05227d3fe C++: Add change note for the cpp/command-line-injection changes 2022-03-21 11:30:39 +01:00
Jeroen Ketema
8b4c42dd07 C++: Add cpp/command-line-injection test using a wrapper macro 2022-03-21 11:19:54 +01:00
ihsinme
151c93f502 Update DangerousUseOfExceptionBlocks.cpp 2022-03-21 09:52:14 +03:00
ihsinme
22cf3f7b20 Update test.cpp 2022-03-21 09:50:30 +03:00
Jeroen Ketema
f8198c3123 C++: Use flow states in cpp/command-line-injection 2022-03-18 20:06:45 +01:00
Jeroen Ketema
d37ef1b5ca C++: Add command line injection test that currently results in a false positive 2022-03-18 16:12:09 +01:00
Jeroen Ketema
459870ac1e C++: Add additional command line injection tests 2022-03-18 13:42:27 +01:00
Geoffrey White
ff3bedcab9 C++: Fix expensive getWideCharType(). 2022-03-17 14:41:57 +00:00
Tom Hvitved
79ea2a3a9c Data flow: Sync files 2022-03-17 14:03:58 +01:00
4B5F5F4B
d4c7314484 Delete cve-2016-6480.ql 
commit by mistake
 2022-03-17 09:49:28 +08:00
Dave Bartolomeo
606e015afb Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:35 -04:00
Dave Bartolomeo
e275ab3951 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:15 -04:00
Dave Bartolomeo
6adc11b10e Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:08 -04:00
Dave Bartolomeo
b36281dd8c Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:07:02 -04:00
Dave Bartolomeo
db4963ada0 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 13:06:54 -04:00
Jeroen Ketema
7a9a9d833a Merge pull request #8435 from jketema/all-the-barriers 
Add flow state versions of isBarrierIn, isBarrierOut, and isBarrierGuard
 2022-03-16 15:50:19 +01:00
Dave Bartolomeo
571c034549 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-16 10:14:45 -04:00
Dave Bartolomeo
e669ffa22e Merge pull request #8320 from jketema/structured-binding-array 
C++: Handle initialization of structured bindings via bitwise copy in extractor
 2022-03-16 09:41:31 -04:00
Geoffrey White
95a63a69a5 Merge branch 'main' into cwe497b 2022-03-16 11:09:46 +00:00
Paul1nh0
85b22647ac Add query for double-fetch vulnerability 2022-03-16 18:16:49 +08:00
4B5F5F4B
2a29c201ff Merge branch 'github:main' into main 2022-03-16 18:06:16 +08:00
4B5F5F4B
baf1c8d76b Create cve-2016-6480.ql 2022-03-16 17:49:05 +08:00
ihsinme
ccbb4434de Update DangerousUseOfExceptionBlocks.expected 2022-03-16 09:54:35 +03:00
ihsinme
cd561dd19c Update test.cpp 2022-03-16 09:53:45 +03:00
ihsinme
2959150198 Update DangerousUseOfExceptionBlocks.ql 2022-03-16 09:30:38 +03:00
Jeroen Ketema
d51cbe2525 C++: Update IR tests for handling of bitwise copy with explicit source 2022-03-15 23:22:37 +01:00
Jeroen Ketema
8be02b164c C++: Add IR tests exposing incorrect translation due to unhandled bitwise copy 
These tests are in addition to exisiting tests involving default copy
constructors, which suffer from the same problem, i.e., the extractor not
handling bitwise copies.
 2022-03-15 23:22:37 +01:00
Jeroen Ketema
2894bb0933 C++: Use correct change note file name format 2022-03-15 23:21:14 +01:00
Jeroen Ketema
638b2cac04 C++: Add change note on _Noreturn/noreturn in C11 2022-03-15 23:21:14 +01:00
Jeroen Ketema
1a1c34e1be C++: Handle C11 _Noreturn in DefaultOptions 2022-03-15 23:21:14 +01:00
Geoffrey White
92d748e006 C++: Fix ODR/dbcheck issue in test. 2022-03-15 20:00:19 +00:00
Dave Bartolomeo
7359e3253d Fix reference to deprecated predicate 2022-03-15 15:59:35 -04:00
Dave Bartolomeo
62553ab089 Merge remote-tracking branch 'upstream/main' into semantic-scratch 2022-03-15 15:53:50 -04:00
Erik Krogh Kristensen
b45f56ac08 Merge pull request #8431 from erik-krogh/deadCode 
Delete dead code
 2022-03-15 20:09:06 +01:00
Dave Bartolomeo
f22c91b762 Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-15 15:01:32 -04:00
Dave Bartolomeo
c8a0a86354 Fix Code Scanning warning 2022-03-15 14:53:43 -04:00
Dave Bartolomeo
7623b3d04d Update cpp/ql/lib/experimental/semmle/code/cpp/semantic/SemanticType.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-03-15 14:49:20 -04:00