hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
45,584 Commits 1,672 Branches 157 Tags
530b29ccdfb42bcb8173f270e2f89d76bc20c2bc
Commit Graph

8445 Commits

Author SHA1 Message Date
Robert Marsh
143b79c0cc C++/WIP: Generate IR for global variables 2022-03-14 17:12:30 -04:00
Robert Marsh
bf21a471ed C++: add some global variables to IR tests 2022-03-14 17:11:36 -04:00
Arthur Baars
6a74e761c8 Merge pull request #8398 from github/post-release-prep/codeql-cli-2.8.3 
Post-release preparation for codeql-cli-2.8.3
 2022-03-14 21:05:09 +01:00
Geoffrey White
73710e9edb C++: Fix QLDoc. 2022-03-14 19:11:43 +00:00
Geoffrey White
7c93eb1eaf C++: Fix large newtype. 2022-03-14 19:06:41 +00:00
Geoffrey White
d1b04b4e07 C++: Use asDefiningArgument() where appropriate. 2022-03-14 17:53:47 +00:00
Mathias Vorreiter Pedersen
7593ebaa62 C++: Use 'getAstVariable' now that 'getASTVariable' is deprecated. 2022-03-14 13:38:27 +00:00
Mathias Vorreiter Pedersen
50b77761f1 C++: Port the 'predictable' barrier from 'DefaultTaintTracking' to 'cpp/unclear-array-index-validation' to prevent an explosion of new results. 2022-03-14 13:14:07 +00:00
Mathias Vorreiter Pedersen
0bf4ce7cf1 Merge pull request #8427 from MathiasVP/fix-bad-join-in-return-stack-allocated-memory 
C++: Fix join in `cpp/return-stack-allocated-memory`
 2022-03-14 12:49:30 +00:00
Erik Krogh Kristensen
3bf5e06d53 delete all dead code 2022-03-14 13:03:31 +01:00
Mathias Vorreiter Pedersen
7c411b4bad C++: Respond to review comments 2022-03-14 11:57:28 +00:00
Mathias Vorreiter Pedersen
0da5d91955 Merge branch 'main' into use-taint-configuration-in-three-more-queries 2022-03-14 11:12:23 +00:00
Jeroen Ketema
4c2081b7fc Merge pull request #8401 from jketema/taint-flow 
Extend taint tracking interface with flow states
 2022-03-14 12:06:10 +01:00
Mathias Vorreiter Pedersen
31b1e4079f C++: Prevent join-on-enclosing-callable in 'cpp/return-stack-allocated-memory'. 2022-03-14 11:01:07 +00:00
Erik Krogh Kristensen
bbb2847ec1 Merge pull request #8323 from erik-krogh/acronyms 
Enforcing consistent casing of acronyms
 2022-03-14 11:38:25 +01:00
Jeroen Ketema
c832b21fbe Add change notes for changes to the taint tracking library 2022-03-14 10:38:48 +01:00
ihsinme
62381d0762 Update test.cpp 2022-03-14 09:36:28 +03:00
ihsinme
de92356c88 Update InsecureTemporaryFile.expected 2022-03-14 09:35:03 +03:00
ihsinme
1db759cc4d Update InsecureTemporaryFile.ql 2022-03-14 09:33:08 +03:00
4B5F5F4B
597603a3a6 Create cve-2017-5123.ql 
Add query to detect CVE-2017-5123
 2022-03-14 09:44:30 +08:00
4B5F5F4B
4030561eb7 Delete CVE 2022-03-14 09:43:04 +08:00
4B5F5F4B
880c12bd34 Create CVE 2022-03-14 09:42:40 +08:00
Robert Marsh
5c04516179 Merge pull request #8390 from redsun82/remove-unique-from-uuid 
C++: Remove uniqueness constraint from uuid
 2022-03-11 11:08:34 -05:00
Erik Krogh Kristensen
1e365611fc fix all other implicit-this warnings introduced by the acronym patch 2022-03-11 13:22:07 +01:00
Erik Krogh Kristensen
2e2970128e fix typo in change-note 2022-03-11 13:16:34 +01:00
Jeroen Ketema
a8b2805aeb Merge pull request #8246 from ihsinme/ihsinme-patch-82 
CPP: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf
 2022-03-11 12:54:49 +01:00
Jeroen Ketema
cd28f09ae0 Extend taint tracking interface with flow states 2022-03-11 11:50:35 +01:00
Jeroen Ketema
80c6253a57 C++: Remove private imports unused after deprecated cleanup 2022-03-11 11:47:44 +01:00
Erik Krogh Kristensen
1a275a32f7 add change-notes 2022-03-11 11:18:14 +01:00
Erik Krogh Kristensen
69353bb014 patch upper-case acronyms to be PascalCase 2022-03-11 11:10:33 +01:00
Erik Krogh Kristensen
122ab6e6d8 C#: fix some ql/non-doc-block warnings 2022-03-11 11:02:58 +01:00
Mathias Vorreiter Pedersen
3c17d90e3b C++: Accept test changes. 2022-03-11 09:30:44 +00:00
Mathias Vorreiter Pedersen
272e096190 Merge branch 'main' into use-taint-configuration-in-three-more-queries 2022-03-11 09:24:03 +00:00
github-actions[bot]
3a5ebbb861 Post-release preparation for codeql-cli-2.8.3 2022-03-11 09:23:34 +00:00
Erik Krogh Kristensen
df9533f46e Merge pull request #8347 from erik-krogh/depBeGone 
remove all deprecations that are over a year old
 2022-03-11 10:01:07 +01:00
Jeroen Ketema
007e33ad46 Fix C++ changelog heading and itemization 2022-03-10 23:11:07 +01:00
Robert Marsh
1e2cc4fca8 C++: change note for template implicit copy ops 2022-03-10 15:26:24 -05:00
github-actions[bot]
6b194bc55f Release preparation for version 2.8.3 2022-03-10 19:43:58 +00:00
ihsinme
ac8adeabf5 Update ImproperCheckReturnValueScanf.expected 2022-03-10 21:12:23 +03:00
ihsinme
623f3fbe21 Update test.cpp 2022-03-10 21:10:41 +03:00
Erik Krogh Kristensen
9466043169 CPP: remove remaining ObjectiveC references 2022-03-10 19:00:49 +01:00
ihsinme
a094e6f63b Update test.cpp 2022-03-10 17:56:34 +03:00
ihsinme
fa3ce61369 Update test.cpp 2022-03-10 17:54:03 +03:00
Mathias Vorreiter Pedersen
bff10e8ea1 C++: Add change note. 2022-03-10 10:59:04 +00:00
Mathias Vorreiter Pedersen
0d3e47bcae C++: Pick the offset expression as the sink in 'cpp/unclear-array-index-validation' (and not the array expression). 2022-03-10 10:57:51 +00:00
Mathias Vorreiter Pedersen
693eca2179 C++: Give 'cpp/unclear-array-index-validation' precision low. 2022-03-10 10:17:08 +00:00
Paolo Tranquilli
34829e92b1 C++: Remove uniqueness constraint from uuid 
Different class definitions can have the same uuid. This happens for
example when using `#import <msxml6.dll>` there will be several C++
classes generated in `msxml6.tlh` which will share uuids with
`extern "C"` struct declarations in the system header `msxml.h`.

Notice that as far as the standard cpp QL library and queries go, we
expose `getUuid()` on `UserType` and we never try to invert it, so we
only rely on uniqueness of the `id` column in the `usertype_uuid` table,
not the `uuid` column.

Closes github/codeql-c-team#893
 2022-03-10 10:33:37 +01:00
Erik Krogh Kristensen
fa766126e5 CPP: remove import of deleted deprecation 2022-03-10 10:25:03 +01:00
Erik Krogh Kristensen
53d557c037 CPP: delete file that that had been deprecated for over a year 2022-03-10 10:24:57 +01:00
Geoffrey White
9e3156dd1c Merge branch 'main' into cwe497c 2022-03-10 09:05:58 +00:00