hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
81,788 Commits 1,671 Branches 157 Tags
57378ec4e4fea5949e18db35b4c84123ad950065
Commit Graph

13613 Commits

Author SHA1 Message Date
github-actions[bot]
fd82aeb1f8 Release preparation for version 2.22.3 2025-08-04 15:47:57 +00:00
Geoffrey White
6925d4e564 Merge pull request #20129 from codeqlhelper/main 
C++: Static variables are initialized to zero or null by compiler
 2025-08-04 13:23:45 +01:00
Mathias Vorreiter Pedersen
65b1b7f63e C++: Add change note. 2025-08-03 12:17:37 +01:00
Mathias Vorreiter Pedersen
851c498b37 C++: Accept test changes. This is a FP that's been present since we put the IR into production in #2851. 2025-08-03 12:17:36 +01:00
Mathias Vorreiter Pedersen
b807ee4718 C++: Accept test changes. 2025-08-03 12:17:34 +01:00
Mathias Vorreiter Pedersen
c726285cac C++: Sync identical files. 2025-08-03 12:17:31 +01:00
Mathias Vorreiter Pedersen
0d9e298250 C++: Specifier-only converting instructions preserve GVNs. 2025-08-03 12:17:19 +01:00
Mathias Vorreiter Pedersen
fca49dde92 C++: Accept test changes. 2025-08-02 16:43:19 +01:00
Mathias Vorreiter Pedersen
73e4bfdd3e C++: Fix missing flow by also generating final global uses for functions that have a post-update node for the global variable. 2025-08-02 16:41:23 +01:00
Mathias Vorreiter Pedersen
34c1ec73c2 C++: Add tests with missing flow through globals. 2025-08-02 16:38:32 +01:00
Mathias Vorreiter Pedersen
1aa8adb472 C++: Add test. 2025-08-02 13:00:26 +01:00
Mathias Vorreiter Pedersen
14345a8288 C++: Accept test changes. 2025-08-01 16:09:44 +01:00
Mathias Vorreiter Pedersen
7561190bd1 C++: Fix type errors in C code. 2025-08-01 16:09:42 +01:00
Mathias Vorreiter Pedersen
0e9286dd34 C++: Fix QLDoc. 2025-08-01 11:37:12 +01:00
Mathias Vorreiter Pedersen
b70836e241 C++: Modify the API to not expose dataflow nodes. 2025-08-01 11:34:49 +01:00
Mathias Vorreiter Pedersen
33d05984c8 C++: Stick the exposed SSA classes into a public SSA module. 2025-08-01 11:34:47 +01:00
Mathias Vorreiter Pedersen
32e6d0934e C++: Drive-by fix: These files imported both the public dataflow files and the internal ones. Let's only import the internal ones. 2025-08-01 11:34:45 +01:00
Mathias Vorreiter Pedersen
7ede3aa516 C++: Fix imports. 2025-08-01 10:35:34 +01:00
Mathias Vorreiter Pedersen
0d91622d18 C++: Rename SsaInternals to SsaImpl and SsaInternalsCommon to SsaImplCommon. 2025-08-01 10:34:14 +01:00
Mathias Vorreiter Pedersen
18289702ca C++: Add an example of double negation to the IR tests. 2025-07-31 15:49:05 +01:00
codeqlhelper
4323e6853f Update cpp/ql/src/change-notes/2025-07-27-avoid-reporting-static-global-variable.md 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2025-07-31 21:17:29 +08:00
Mathias Vorreiter Pedersen
c8f4b287d1 C++: Add a comment on the old SSA library. 2025-07-31 14:07:38 +01:00
Mathias Vorreiter Pedersen
7e93b99ff9 C++: Add change note. 2025-07-31 13:57:19 +01:00
Mathias Vorreiter Pedersen
8691075aae Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-07-31 13:52:21 +01:00
Mathias Vorreiter Pedersen
5a91aa2105 C++: Expose SSA definitions from dataflow. 2025-07-31 13:45:03 +01:00
Mathias Vorreiter Pedersen
1dae787605 C++: Drive-by fix suggested by Schack. This now matches the predicate in C#. 2025-07-31 12:58:05 +01:00
Geoffrey White
c0638a5fcb CPP: Update .expected for the changes here. 2025-07-30 11:24:57 +01:00
Geoffrey White
d6fddde6e0 CPP: Add .expected (results before query changes here). 2025-07-30 11:22:56 +01:00
Geoffrey White
43bca84310 CPP: Convert test to use a stub rather than a library include. 2025-07-30 11:22:53 +01:00
Anders Schack-Mulligen
3b8234ecec SSA: Update data flow integration and BarrierGuard interface to use GuardValue. 2025-07-28 11:29:12 +02:00
codeqlhelper
75e545a67f Create 2025-07-27-avoid-reporting-static-global-variable.md 2025-07-28 00:00:41 +08:00
codeqlhelper
cf21997c0f Reduce false alarms raised by static variables 
Static variables are initialized to zero or null by compiler, no need to get an initializer of them.
See https://stackoverflow.com/questions/13251083/the-initialization-of-static-variables-in-c
See 6.7.8/10 in the C99 Standard.

A relevant PR: https://github.com/github/codeql/pull/16527
 2025-07-27 23:46:53 +08:00
codeqlhelper
89dcad48f4 Create InitialisationNotRun.qlref 2025-07-27 23:42:50 +08:00
codeqlhelper
c2d0a12e1e Create test for InitialisationNotRun 2025-07-27 23:40:00 +08:00
Mathias Vorreiter Pedersen
5da7ae877b Merge pull request #20115 from MathiasVP/add-more-windows-memcpy-functions 
C++: Add some more Windows specific memory copy models
 2025-07-23 16:10:56 +01:00
Mathias Vorreiter Pedersen
cbe5561eb6 C++: Accept test changes. 2025-07-23 14:05:42 +01:00
Mathias Vorreiter Pedersen
9d736723fb C++: Add more Windows specific models for memcpy-like tings. 2025-07-23 13:45:20 +01:00
Mathias Vorreiter Pedersen
50785f7f21 C++: Add tests with missing flow. 2025-07-23 13:37:32 +01:00
Mathias Vorreiter Pedersen
3a977b86d4 Update cpp/ql/lib/semmle/code/cpp/security/ProductFlowUtils/ProductFlowUtils.qll 
Co-authored-by: Idriss Riouak <idrissrio@github.com>
 2025-07-23 12:27:38 +01:00
Mathias Vorreiter Pedersen
5d6c4a63bb Update cpp/ql/lib/semmle/code/cpp/security/ProductFlowUtils/ProductFlowUtils.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-07-23 11:53:55 +01:00
Mathias Vorreiter Pedersen
019447b681 C++: Add change note. 2025-07-23 11:49:07 +01:00
Mathias Vorreiter Pedersen
1189665970 C++: Add barriers to 'cpp/overrun-write'. 2025-07-22 18:35:56 +01:00
Mathias Vorreiter Pedersen
a502bb1ac2 C++: Add a copy of 'isSinkPairImpl' (named 'isSinkPairImpl0') with a few more columns that we'll need. 2025-07-22 18:35:50 +01:00
Mathias Vorreiter Pedersen
e0eadc75dd C++: Remove the ad-hoc code for keeping track of increments/decrements on pointers in the 'cpp/overrun-write' query. 2025-07-22 18:35:31 +01:00
Mathias Vorreiter Pedersen
a1f4246c5f C++: Extract the barriers from 'cpp/invalid-pointer-deref' into a library. 2025-07-22 18:35:29 +01:00
Mathias Vorreiter Pedersen
92a730c9ac C++: Add a false positive. 2025-07-22 18:35:21 +01:00
github-actions[bot]
37cc78255a Post-release preparation for codeql-cli-2.22.2 2025-07-22 14:22:20 +00:00
Nick Rolfe
43d14c28c2 Tweak changenotes 2025-07-22 15:06:09 +01:00
github-actions[bot]
997547b8ef Release preparation for version 2.22.2 2025-07-22 14:04:14 +00:00
Nick Rolfe
825c813095 Revert "Release preparation for version 2.22.2" 2025-07-22 14:33:45 +01:00