hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
51,348 Commits 1,703 Branches 162 Tags
5391b13db9970e24f43226a0335a2e7077a53f1a
Commit Graph

663 Commits

Author SHA1 Message Date
Jeroen Ketema
5391b13db9 C++: Make dataflow configuration modules private in qll files 2023-03-08 09:18:09 +01:00
Jeroen Ketema
13bdd9c0c6 C++: Fix query compliation 
Apparently some queries we skipped in the testing I did locally.
 2023-03-07 19:16:10 +01:00
Jeroen Ketema
57c5d5f2c7 C++: Add QLDoc on configuration modules where the original class had one 2023-03-07 19:01:05 +01:00
Jeroen Ketema
0c39d1e5ca C++: Fix query formatting 2023-03-07 18:55:58 +01:00
Jeroen Ketema
2eb2e11ef7 C++: Fix query compilation 2023-03-07 18:53:07 +01:00
Jeroen Ketema
fb57914751 C++: Convert a number of data flow based queries to use ConfigSig 2023-03-07 18:21:52 +01:00
Mathias Vorreiter Pedersen
ce02de48a0 C++: Fix Code Scanning error. 2023-03-07 14:40:36 +00:00
Mathias Vorreiter Pedersen
b054b9c5cd Merge pull request #12408 from jketema/merge-main 
C++: use-use dataflow merge main
 2023-03-07 13:05:30 +00:00
Jeroen Ketema
9ec479a2a0 C++: Update queries to use DataFlow::ConfigSig 2023-03-07 10:15:11 +01:00
Jeroen Ketema
47930f94e2 Merge remote-tracking branch 'upstream/main' into merge-main 2023-03-06 15:20:39 +01:00
Mathias Vorreiter Pedersen
8836cbae5b C++: Make sure we use an indirect sink only for the sinks that receive a 
pointer to the data. Also fix a bug where we used 'asExpr' instead
of 'asIndirectExpr'.
 2023-03-06 11:22:58 +00:00
Mathias Vorreiter Pedersen
907e6299a4 C++: Convert 'ExecTainted' to use the new refactored dataflow library. 2023-03-03 14:41:29 +00:00
Mathias Vorreiter Pedersen
075a83c987 Stage stats before on 'ExecTainted.ql' before: 
```
1	10	1 Fwd	609968	1398	-1	94	769936	ExecTaintConfiguration
2	15	1 Rev	239464	774	-1	52	320663	ExecTaintConfiguration
3	20	2 Fwd	205794	511	650	39	18576546	ExecTaintConfiguration
4	25	2 Rev	161966	351	428	39	13639502	ExecTaintConfiguration
5	30	3 Fwd	31889	322	791	39	5982574	ExecTaintConfiguration
6	35	3 Rev	30068	303	661	39	4181421	ExecTaintConfiguration
7	40	4 Fwd	24031	232	1432	39	14725618	ExecTaintConfiguration
8	45	4 Rev	21506	219	907	39	5962780	ExecTaintConfiguration
9	50	5 Fwd	20149	204	1527	38	8350094	ExecTaintConfiguration
10	55	5 Rev	20102	204	1472	38	7515307	ExecTaintConfiguration
11	60	6 Fwd	19950	200	904	33	9673369	ExecTaintConfiguration
12	65	6 Rev	18431	200	901	33	7030957	ExecTaintConfiguration
```

Stage stats after:
```
1	10	1 Fwd	368610	699	-1	65	445199	ExecTaintConfiguration
2	15	1 Rev	112848	336	-1	23	150522	ExecTaintConfiguration
3	20	2 Fwd	91528	219	270	22	4120713	ExecTaintConfiguration
4	25	2 Rev	66017	141	159	22	2657398	ExecTaintConfiguration
5	30	3 Fwd	12161	119	208	22	792468	ExecTaintConfiguration
6	35	3 Rev	11640	111	167	22	569193	ExecTaintConfiguration
7	40	4 Fwd	11423	109	331	22	1203871	ExecTaintConfiguration
8	45	4 Rev	10851	107	323	22	904017	ExecTaintConfiguration
9	50	5 Fwd	10694	107	763	22	2428404	ExecTaintConfiguration
10	55	5 Rev	10332	104	735	22	2355698	ExecTaintConfiguration
11	60	6 Fwd	10302	104	729	22	5772762	ExecTaintConfiguration
12	65	6 Rev	9482	102	725	22	4020951	ExecTaintConfiguration
```
 2023-02-28 15:05:29 +00:00
Mathias Vorreiter Pedersen
8dd0bdbdb0 C++: Rename 'fst' and 'snd' to 'incoming' and 'outgoing'. 2023-02-28 15:05:18 +00:00
Mathias Vorreiter Pedersen
354a12c906 C++: Fix queries. Since there's no longer indirect -> direct flow in 
taint-tracking we need to make sure the affected sink definitions also
handle indirect flow.
 2023-02-27 14:57:36 +00:00
Jeroen Ketema
ecdeb9a970 C++: Revert semmle.code.cpp.dataflow to its old state 
While here make sure all queries and tests use IR dataflow when appropriate.
 2023-02-10 14:21:44 +01:00
Mathias Vorreiter Pedersen
79b77b01fd Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-01-23 15:49:36 +00:00
Geoffrey White
d628cc5ab8 Update cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-01-17 14:37:19 +00:00
Jeroen Ketema
a892ae8764 C++: Fix spurious results in default taint tracking 2023-01-16 19:10:10 +01:00
Geoffrey White
1a416884d4 C++: Do something similar with the other three cases. 2023-01-14 00:09:01 +00:00
Geoffrey White
316117f5c9 C++: Reduce number of regexps. 2023-01-13 18:50:41 +00:00
Geoffrey White
2f09f0e2c1 C++: Turn the huge list into a predicate. 2023-01-13 18:47:18 +00:00
Mathias Vorreiter Pedersen
8b01dfe696 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-01-10 17:30:29 +00:00
Tony Torralba
3fcc99e5cb C++: Remove omittable exists variables 2023-01-10 13:36:01 +01:00
Geoffrey White
bb451f3911 C++: Fix result duplication. 2023-01-06 11:05:47 +00:00
Geoffrey White
2023abdc60 C++: Update the queries. 2023-01-05 11:33:58 +00:00
Mathias Vorreiter Pedersen
273af3cbf1 C++: Fix 'allowImplicitRead' override in 'cpp/cleartext-storage-database'. 2022-12-21 09:43:00 +00:00
Jeroen Ketema
0addae81cd Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-12-20 11:34:41 +01:00
Jeroen Ketema
949b61c635 Merge pull request #11729 from MathiasVP/fix-cleartext-sqlite-database 
C++: Prepare `cpp/cleartext-storage-database` for use-use flow
 2022-12-19 14:01:34 +01:00
Jeroen Ketema
ed33b905a6 C++: Simplify cpp/path-injection now argv sources are parameters 2022-12-19 12:54:16 +01:00
Mathias Vorreiter Pedersen
1d80e94bb4 C++: Prepare 'CleartextSqliteDatabase.ql' for use-use flow. 2022-12-16 17:10:10 +00:00
Mathias Vorreiter Pedersen
4ace171447 C++: Don't track indirection expressions in 'cpp/cleartext-transmission'. Instead, just track the direct expression. 2022-12-16 13:26:53 +00:00
Jeroen Ketema
4075f693bd C++: Make cpp/path-injection work with use-use dataflow 2022-12-14 13:38:55 +01:00
Jeroen Ketema
b2091e8632 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-12-12 11:40:36 +01:00
Jeroen Ketema
beb66d027e C++: Use FlowSource in cpp/path-injection 2022-12-10 20:27:56 +01:00
Jeroen Ketema
9dc2614012 C++: Make all flow source descriptions start with a lower case letter 
In every context where we use the description a lower case letter makes more
sense.
 2022-12-09 23:18:58 +01:00
Geoffrey White
f373b7fe7c Merge pull request #11596 from geoffw0/cleartextbufferwrite 
C++: Performance fix for cpp/cleartext-storage-buffer
 2022-12-08 17:18:10 +00:00
Mathias Vorreiter Pedersen
4fd6ac5657 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-12-08 13:10:18 +00:00
Geoffrey White
a8b8b54f8d Update cpp/ql/src/Security/CWE/CWE-311/CleartextBufferWrite.ql 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-12-07 16:44:33 +00:00
Geoffrey White
4b8575bfc3 C++: Simplify the query slightly. 2022-12-07 15:35:45 +00:00
Geoffrey White
b3d838d678 C++: Define the sources more clearly and consistently (fixes performance issue). 2022-12-07 14:45:39 +00:00
Jeroen Ketema
b5147bbfb0 C++: Deprecate DefaultTaintTracking and TaintTrackingImpl 2022-12-06 17:45:16 +01:00
Jeroen Ketema
995efef5da C++: Add explanatory comment to hasFilteredFlowPath 2022-12-06 09:03:21 +01:00
Jeroen Ketema
6dbc59d5b5 C++: Simplify isSink based on reviewer comments 2022-12-05 23:23:08 +01:00
Jeroen Ketema
3dfe18b565 C++: Introduce the coarse upper bound check from default taint tracking 2022-12-01 09:13:48 +01:00
Jeroen Ketema
d3cccca7f1 C++: Filter duplicate (source, sink)-pairs 2022-11-29 11:17:39 +01:00
Jeroen Ketema
378206ae7d C++: Stop taint from flowing to arithmetic types 
These are not likely to give the user much control over what can be accessed.
 2022-11-29 11:15:28 +01:00
Jeroen Ketema
718663415b C++: Stop flow from going through another source 
Without this we get confusing results:
```
    char *userAndFile = argv[2];
    char *fileName = argv[1];
    fopen(fileName, "wb+"); // Both argv[1] and argv[2] marked as source without
                            // this change.
```

While here add some more test cases.
 2022-11-29 10:52:57 +01:00
Jeroen Ketema
63334764d7 C++: Rewrite cpp/path-injection to not use DefaultTaintTracking 2022-11-29 10:52:57 +01:00
Jeroen Ketema
223eeb6921 C++: Fix upper bound detection in default taint flow 2022-11-24 14:38:36 +01:00