codeql

mirror of https://github.com/github/codeql.git synced 2026-02-24 02:43:40 +01:00

Author	SHA1	Message	Date
$REDMOND\brodes$ REDMOND\brodes	938b47c2ad	Crypto: Debug missing hashes associated with HMAC. EVP_PKEY_get1_RSA is now just a passthrough, it is not a known implicit operation call. Some final operations generating null outputs are now removed from possible final operartions (typically used to determine buffer lenghth and not actually performing the operation). Misc. false positive/error fixes and code clean up, and added missing models.	2025-08-26 16:07:04 -04:00
$REDMOND\brodes$ REDMOND\brodes	5d29240f27	Crypto: OperationStep overhaul to account for errors and missing interproc flow.	2025-08-25 16:59:09 -04:00
$REDMOND\brodes$ REDMOND\brodes	b7ceeb399f	Crypto: nodes.expected update and removed dead code from Language.qll	2025-08-22 14:50:31 -04:00
$REDMOND\brodes$ REDMOND\brodes	ec7e41cb30	Crypto: Fixed issues in CBOM representations (gaps in the underlying model) and simplified unit tests in terms of the graph complexity to aid visual assessments of model correctness.	2025-08-21 15:05:45 -04:00
Ben Rodes	65ff72719e	Merge branch 'main' into signature_model_refactor	2025-08-20 12:34:06 -04:00
Mathias Vorreiter Pedersen	af00e46fc8	C++: Mark fprintf and friends as a partial write of the stream argument.	2025-08-18 18:15:14 +02:00
Mathias Vorreiter Pedersen	6a57da79de	C++: Add a test with missing flow.	2025-08-18 18:12:52 +02:00
Ian Lynagh	fd020b52e4	Merge pull request #20232 from igfoo/igfoo/SloppyGlobal C++: SloppyGlobal: Don't alert on template instantiations, only the template	2025-08-18 11:39:30 +01:00
Ian Lynagh	3157fcdf79	C++: Add some BAD annotations to SloppyGlobal test	2025-08-15 12:07:09 +01:00
Ian Lynagh	bfd4c41ed9	C++: SloppyGlobal: Accept test changes We no longer alert on template instantiations, just the template.	2025-08-15 11:24:19 +01:00
Ian Lynagh	0b68c1c974	C++: Add some more tests for SloppyGlobal	2025-08-15 11:20:31 +01:00
Nora Dimitrijević	43e99d0872	[TEST] C++: CleartextSqliteDatabase: add new test	2025-08-15 12:00:26 +02:00
Mathias Vorreiter Pedersen	39f5e33dea	C++: Accept more test changes.	2025-08-13 17:46:06 +02:00
Mathias Vorreiter Pedersen	e6cd27a992	C++: Skip non-Boolean instructions in the new inference step.	2025-08-13 16:20:21 +02:00
Mathias Vorreiter Pedersen	e67b6d6c9a	C++: Add another inference step.	2025-08-13 16:20:19 +02:00
Mathias Vorreiter Pedersen	a27135495c	C++: Add tests.	2025-08-13 12:54:23 +02:00
Mathias Vorreiter Pedersen	caa935d011	C++: Update the tests for guard conditions so that the tests print more detailed location information.	2025-08-13 09:41:28 +02:00
Jeroen Ketema	f9f99a043c	Merge pull request #20126 from MathiasVP/fix-missing-global-flow C++: Fix missing global variable flow	2025-08-11 11:54:35 +02:00
Mathias Vorreiter Pedersen	851cb04d36	Merge pull request #20193 from MathiasVP/fix-fp-in-overflow-buffer C++: Fix FP in `cpp/overflow-buffer`	2025-08-11 10:45:06 +02:00
Mathias Vorreiter Pedersen	ccfcd90f08	Merge pull request #20156 from MathiasVP/value-numbering-for-noop-casts C++: Value numbering for casts that only modify specifiers	2025-08-11 10:33:58 +02:00
Mathias Vorreiter Pedersen	56aacb1e55	Merge pull request #20145 from MathiasVP/fix-type-error-in-ir C++: Fix missing `bool` -> `int` conversions in C code	2025-08-11 10:26:54 +02:00
Mathias Vorreiter Pedersen	0c9d14f417	C++: Accept test changes.	2025-08-08 15:14:09 +01:00
Mathias Vorreiter Pedersen	26be9839df	C++: Add FP.	2025-08-08 15:10:40 +01:00
Mathias Vorreiter Pedersen	851c498b37	C++: Accept test changes. This is a FP that's been present since we put the IR into production in #2851 .	2025-08-03 12:17:36 +01:00
Mathias Vorreiter Pedersen	b807ee4718	C++: Accept test changes.	2025-08-03 12:17:34 +01:00
Mathias Vorreiter Pedersen	fca49dde92	C++: Accept test changes.	2025-08-02 16:43:19 +01:00
Mathias Vorreiter Pedersen	34c1ec73c2	C++: Add tests with missing flow through globals.	2025-08-02 16:38:32 +01:00
Mathias Vorreiter Pedersen	1aa8adb472	C++: Add test.	2025-08-02 13:00:26 +01:00
Mathias Vorreiter Pedersen	14345a8288	C++: Accept test changes.	2025-08-01 16:09:44 +01:00
Mathias Vorreiter Pedersen	18289702ca	C++: Add an example of double negation to the IR tests.	2025-07-31 15:49:05 +01:00
Geoffrey White	c0638a5fcb	CPP: Update .expected for the changes here.	2025-07-30 11:24:57 +01:00
Geoffrey White	d6fddde6e0	CPP: Add .expected (results before query changes here).	2025-07-30 11:22:56 +01:00
Geoffrey White	43bca84310	CPP: Convert test to use a stub rather than a library include.	2025-07-30 11:22:53 +01:00
codeqlhelper	89dcad48f4	Create InitialisationNotRun.qlref	2025-07-27 23:42:50 +08:00
codeqlhelper	c2d0a12e1e	Create test for InitialisationNotRun	2025-07-27 23:40:00 +08:00
Mathias Vorreiter Pedersen	5da7ae877b	Merge pull request #20115 from MathiasVP/add-more-windows-memcpy-functions C++: Add some more Windows specific memory copy models	2025-07-23 16:10:56 +01:00
Mathias Vorreiter Pedersen	cbe5561eb6	C++: Accept test changes.	2025-07-23 14:05:42 +01:00
Mathias Vorreiter Pedersen	50785f7f21	C++: Add tests with missing flow.	2025-07-23 13:37:32 +01:00
Mathias Vorreiter Pedersen	1189665970	C++: Add barriers to 'cpp/overrun-write'.	2025-07-22 18:35:56 +01:00
Mathias Vorreiter Pedersen	e0eadc75dd	C++: Remove the ad-hoc code for keeping track of increments/decrements on pointers in the 'cpp/overrun-write' query.	2025-07-22 18:35:31 +01:00
Mathias Vorreiter Pedersen	92a730c9ac	C++: Add a false positive.	2025-07-22 18:35:21 +01:00
Jeroen Ketema	f319381f27	C++: Support the spaceship operator in the IR	2025-07-16 17:53:55 +02:00
Jeroen Ketema	807ab986f4	C++: Update more exoected test results	2025-07-16 16:19:40 +02:00
Jeroen Ketema	2709bf0615	C++: Add test that shows that IR generation for `<=>` is broken	2025-07-16 15:54:18 +02:00
Jeroen Ketema	70bff4e726	C++: Fix typeid IR translation	2025-07-15 20:24:17 +02:00
Jeroen Ketema	477edd215c	C++: Add test showing that the IR translation for `typeid` is broken	2025-07-15 17:29:00 +02:00
Mathias Vorreiter Pedersen	1d36405084	C++: Accept path changes.	2025-07-14 15:47:06 +01:00
Mathias Vorreiter Pedersen	a825213c05	C++: Fix FP by not generating a global def entry node for variable 'v' in the 'IRfunction' for 'v' itself.	2025-07-14 15:22:52 +01:00
Mathias Vorreiter Pedersen	46627c677d	C++: Add FP in dataflow through global variables.	2025-07-14 15:20:08 +01:00
Mathias Vorreiter Pedersen	1da42cb590	Merge pull request #20023 from MathiasVP/dataflow-for-functors C++: Better dataflow for function objects	2025-07-11 15:14:27 +01:00

1 2 3 4 5 ...

5679 Commits