hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,935 Commits 1,741 Branches 165 Tags
715f2333609c65fae9920fa038ed9650c4167ecd
Commit Graph

175 Commits

Author SHA1 Message Date
Geoffrey White
d198b56b3a CPP: Move VirtualDispatch.qll into the controlflow directory (I don't see the point in having a subdirectory for one file, when we don't anticipate any other files ever being added there). 2019-11-12 09:55:23 +00:00
Jonas Jensen
d9bdb2cd4e Merge pull request #2274 from geoffw0/oddsends 
CPP: Clean up new queries and libraries
 2019-11-11 16:05:20 +01:00
Felicity Chapman
c4f958d396 Merge pull request #2263 from sauyon/master 
Update links to OWASP cheat sheet
 2019-11-11 08:51:52 +00:00
Robert Marsh
7e8a67a046 Merge branch 'master' into rdmarsh/cpp/hasGlobalOrStdName 2019-11-08 11:33:35 -08:00
Sauyon Lee
0040c9fb4c Update links to OWASP cheat sheet 2019-11-06 20:21:47 -08:00
Geoffrey White
0c3f4e530f CPP: Make some library predicates private. 2019-11-06 16:07:28 +00:00
Geoffrey White
399ac1f112 CPP: Rename 'getAssertedFalseCondition' to something less misleading. 2019-11-06 15:57:44 +00:00
Jonas Jensen
8ffd7c1055 Merge pull request #2222 from geoffw0/libraryperf 
CPP: Improvements for ConditionallyInitializedVariable.ql
 2019-11-06 15:54:16 +01:00
Geoffrey White
7456a92d6d CPP: Autoformat. 2019-11-05 13:10:19 +00:00
Geoffrey White
5106626bd0 CPP: QLDoc helper predicates. 2019-11-05 13:06:43 +00:00
alistair
27d0b51c6b CPP & C#: Review of qhelp 
PR #2151 got merged without a review of the qhelp
by a technical writer.
The current PR makes changes I would have suggested on that PR.
 2019-10-30 16:10:03 +00:00
Geoffrey White
3584c0b2e5 CPP: Speed up InitializationFunctions.qll's getTarget. 2019-10-28 19:54:10 +00:00
Geoffrey White
d693eb8c20 CPP: Correct the ConditionallyUninitializedVariable examples. 2019-10-28 17:39:45 +00:00
Jonas Jensen
d63cc3d287 Merge remote-tracking branch 'upstream/master' into infinite-loops-visible 
Moved the change note to 1.23.
 2019-10-25 15:44:03 +02:00
Geoffrey White
ae20e9ace1 CPP: Fix autoformat. 2019-10-22 16:28:53 +01:00
Geoffrey White
63003894c3 CPP: Fixes. 2019-10-22 14:51:17 +01:00
Geoffrey White
31dd3cae84 CPP: Autoformat. 2019-10-22 09:55:48 +01:00
Raul Garcia (MSFT)
cb8dcf7db2 Publishing queries to the OSS Semmle repository 2019-10-22 09:55:39 +01:00
Robert Marsh
5c084f8b39 C++: respond to more PR comments 2019-10-07 14:17:56 -07:00
Robert Marsh
4018ed67a6 C++: respond to PR comments 2019-10-02 11:38:20 -07:00
Robert Marsh
03f72d207c C++: use Declaration.hasGlobalOrStdName 2019-10-02 11:37:37 -07:00
Jonas Jensen
4ef5c9af62 C++: Autoformat everything 
Some files that will change in #1736 have been spared.

    ./build -j4 target/jars/qlformat
    find ql/cpp/ql -name "*.ql"  -print0 | xargs -0 target/jars/qlformat --input
    find ql/cpp/ql -name "*.qll" -print0 | xargs -0 target/jars/qlformat --input
    (cd ql && git checkout 'cpp/ql/src/semmle/code/cpp/ir/implementation/**/*SSA*.qll')
    buildutils-internal/scripts/pr-checks/sync-identical-files.py --latest
 2019-09-09 11:25:53 +02:00
Jonas Jensen
95f53639b1 C++: Fixes to avoid confusing autoformat 
These issues were found by Geoffrey in PR review.
 2019-09-09 11:04:04 +02:00
Robert Marsh
a3290503ec Merge pull request #1806 from jbj/localExprFlow 
C++: Add localExprFlow and localExprTaint
 2019-09-04 10:38:46 -07:00
Geoffrey White
707f95c829 CPP: Alignment. 2019-09-04 09:59:21 +01:00
Jonas Jensen
f1d7fde49d C++: Use localExprFlow in existing queries 
This shortens the queries a bit and ensures test coverage of the new
predicate.
 2019-09-02 09:29:12 +02:00
Jonas Jensen
83e618d49e C++: Make cpp/comparison-with-wider-type visible 
The results from this query look good on real-world projects, so let's
make it visible by default.
 2019-07-09 14:48:36 +02:00
Geoffrey White
73c7bc1db9 CPP: Generalize a little. 2019-07-04 17:27:40 +01:00
Geoffrey White
7fc31f263a CPP: Basic fix. 2019-07-04 17:27:40 +01:00
Jonas Jensen
cf96035d8c C++: Suspicious pointer scaling: @precision medium 
This query is not producing good enough results to justify `@precision
high`. It's fundamentally looking for a pattern that should correlate
with memory management errors, but it doesn't look for the errors
themselves.
 2019-06-06 21:08:20 -07:00
Nick Rolfe
8e7521d6b8 C++: add missing close-paragraph tag to qhelp 2019-06-04 11:27:34 +01:00
Max Schaefer
5f32e1f637 CPP: Fix name of example file in qhelp. 
This seems to have been missed in https://github.com/Semmle/ql/pull/1315.
 2019-06-03 08:54:54 +01:00
Geoffrey White
6c267f4957 CPP: Fix qhelp. 2019-05-29 10:35:49 +01:00
Geoffrey White
76d18b42b8 CPP: Repair getQualifiedName changes from elsewhere. 2019-05-29 10:35:49 +01:00
Geoffrey White
eb880c3f9f CPP: Reference URLs. 2019-05-29 10:35:49 +01:00
Geoffrey White
dc44d686d4 CPP: Update CWE tag. 2019-05-29 10:35:49 +01:00
Geoffrey White
34444ace8b CPP: Update the query name and description. 2019-05-29 10:35:49 +01:00
Geoffrey White
2ae38a54af CPP: Adjust query tags. 2019-05-29 10:35:49 +01:00
Geoffrey White
88f363d564 CPP: Update the ql, qhelp and example. 2019-05-29 10:35:48 +01:00
Geoffrey White
1f80dea375 CPP: Clone PotentiallyDangerousFunction query as DangerousUseOfGets. 2019-05-29 10:35:48 +01:00
Robert Marsh
2dd1c06409 C++: fix use of getUnspecifiedType on Node 2019-05-21 11:06:15 +01:00
Robert Marsh
e899120270 C++: replace getType().getUnspecifiedType() 2019-05-20 15:08:28 +01:00
Jonas Jensen
5e789901df C++: Remove all uses of hasQualifiedName/1 2019-05-03 10:37:48 +02:00
Jonas Jensen
64a87a863c C++: Remove uses of getQualifiedName 
This removes all uses of `Declaration.getQualifiedName` that I think can
be removed without changing any behaviour. The following uses in the
LGTM default suite remain:

* `cpp/ql/src/Security/CWE/CWE-121/UnterminatedVarargsCall.ql` (in `select`).
* `cpp/ql/src/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll` (needs template args).
* `cpp/ql/src/semmle/code/cpp/security/FunctionWithWrappers.qll` (used for alert messages).
 2019-05-03 10:37:48 +02:00
Geoffrey White
ca6ba36d87 CPP: Unify and improve the MallocCall classes. 2019-04-18 10:30:18 +01:00
Jonas Jensen
fedd652de8 Merge remote-tracking branch 'upstream/rc/1.20' into mergeback-20190408 2019-04-08 08:39:44 +02:00
Jonas Jensen
f7dda1b3a4 Merge pull request #1213 from geoffw0/pointerscaling2 
CPP: De-duplicate the PointerScaling queries.
 2019-04-05 14:42:28 +02:00
Geoffrey White
f040755b3b CPP: Remove unnecessary imports. 2019-04-05 11:44:50 +01:00
Geoffrey White
44d68a761d CPP: Move 'baseType' into IncorrectPointerScalingCommon.qll. 2019-04-05 11:43:47 +01:00
Geoffrey White
695df232e3 CPP: Equalize the definitions of 'baseType'. 2019-04-05 11:28:11 +01:00