hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 22:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,537 Commits 1,673 Branches 157 Tags
74fd2c1c3880ce5a5cdeb46d40a1bb0254791697
Commit Graph

4250 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
61125b4bf2 C++: Address review comments. 2021-02-01 12:15:57 +01:00
Mathias Vorreiter Pedersen
6c3f44bba8 C++: Add more memcpy, memset, strcat and strcpy models. Also refine which strcpy functions can live in the std namespace. 2021-02-01 08:44:10 +01:00
Geoffrey White
064d89735b Merge pull request #5046 from MathiasVP/model-more-pure-functions 
C++: Model more pure functions
 2021-01-29 22:05:48 +00:00
Geoffrey White
50f2557dd2 Merge pull request #5043 from MathiasVP/uniform-treatment-of-params-and-qualifiers-in-model-dataflow 
C++: Uniform treatment of parameters and qualifiers in model dataflow
 2021-01-29 09:48:07 +00:00
Mathias Vorreiter Pedersen
339c4c6ce0 C++: Model more pure functions. 2021-01-28 19:37:53 +01:00
Geoffrey White
7d9ebaf9d8 Merge pull request #5040 from MathiasVP/strset-and-strtok-models 
C++: Strset and strtok model implementations
 2021-01-28 18:34:06 +00:00
Geoffrey White
768be9ec2c Merge pull request #5041 from ihsinme/ihsinme-patch-198 
CPP: Improve cpp/memory-leak-on-failed-call-to-realloc
 2021-01-28 18:29:24 +00:00
Mathias Vorreiter Pedersen
23eb4d2009 C++: Fix isParameterDeref typo. 2021-01-28 18:29:30 +01:00
Mathias Vorreiter Pedersen
75aa1e8a3b C++: Respond to review comments. 2021-01-28 16:39:11 +01:00
Geoffrey White
02d60a26eb Merge pull request #5037 from github/igfoo/decltype 
C++: decltypes may have multiple expressions
 2021-01-28 14:44:53 +00:00
ihsinme
f94a7fc2f0 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 15:47:38 +03:00
Mathias Vorreiter Pedersen
5a420f2bae C++: Use the new predicates for uniform treatment of parameters and qualifiers in model dataflow. 2021-01-28 13:33:08 +01:00
ihsinme
2b4296feb1 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-28 13:38:26 +03:00
Mathias Vorreiter Pedersen
2c70106d2d Merge pull request #5009 from ihsinme/ihsinme-patch-219 
CPP: add query for CWE-788 Access of memory location after the end of a buffer using strncat.
 2021-01-28 11:10:30 +01:00
Mathias Vorreiter Pedersen
6255662114 C++: Add two new model implementation classes. 2021-01-28 10:57:30 +01:00
Jonas Jensen
69ce24d4b8 Merge pull request #5035 from MathiasVP/implied-deref-flow 
C++: Implied dataflow models
 2021-01-28 09:35:58 +01:00
Mathias Vorreiter Pedersen
c90dc62cc4 C++: Autoformat. 2021-01-27 18:57:09 +01:00
Mathias Vorreiter Pedersen
aec18e7123 C++: Add mempcpy to MemcpyFunction model class. 2021-01-27 18:12:32 +01:00
Mathias Vorreiter Pedersen
5aff5c3254 C++: Add AliasFunction model to MemcpyFunction. 2021-01-27 18:12:02 +01:00
Mathias Vorreiter Pedersen
066f83630d C++: bcopy can never be in the std namespace. 2021-01-27 18:07:14 +01:00
Ian Lynagh
307bef0ec3 C++: decltypes may have multiple expressions 2021-01-27 16:06:42 +00:00
Mathias Vorreiter Pedersen
32b5c7fe06 C++: Model implied dataflow 2021-01-27 16:53:21 +01:00
Geoffrey White
a4d7bfbb2b Merge pull request #5031 from MathiasVP/remove-linear-scan-of-functions-2 
C++: Remove more linear scans
 2021-01-27 14:29:27 +00:00
Mathias Vorreiter Pedersen
c61dec1dff C++: Remove more linear scans. 2021-01-27 13:17:47 +01:00
Mathias Vorreiter Pedersen
3604557e62 C++: Remove linear scan in isSVariant. 2021-01-27 11:47:45 +01:00
ihsinme
68eba11dbf Update AccessOfMemoryLocationAfterEndOfBufferUsingStrncat.ql 2021-01-27 13:16:56 +03:00
ihsinme
5d5cd4fde5 Update AccessOfMemoryLocationAfterEndOfBufferUsingStrncat.ql 2021-01-27 00:10:04 +03:00
ihsinme
f074564dc1 Apply suggestions from code review 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-27 00:00:18 +03:00
Mathias Vorreiter Pedersen
04a3c3d29c Merge pull request #4953 from ihsinme/ihsinme-patch-207 
CPP: Add query for CWE-14 compiler removal of code to clear buffers.
 2021-01-26 18:13:18 +01:00
Mathias Vorreiter Pedersen
416aa49d99 C++: Capitalize alert message. 2021-01-26 17:24:03 +01:00
Remco Vermeulen
1834403148 Replace HTTP entity 
The code formatting operator correctly translate to HTTP entities.
 2021-01-26 14:14:42 +01:00
Remco Vermeulen
8c09032d1d Correct access specifier 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2021-01-26 13:23:43 +01:00
Remco Vermeulen
932ee968e0 Correct pointer to data member example 
The class `PointerToMemberType` is preceded by an example that doesn't define the variable `c` used to access a data member.
 2021-01-26 13:08:28 +01:00
Tom Hvitved
1c84455a6d Merge pull request #5003 from hvitved/csharp/remove-getaqlclass 
C#: Remove uses of `getAQlClass()`
 2021-01-25 10:57:04 +01:00
Jonas Jensen
1b3d69d617 Merge pull request #4784 from MathiasVP/mathiasvp/reverse-read-take-3 
C++: Support longer access paths in IR field flow
 2021-01-25 10:36:03 +01:00
Tom Hvitved
c235462f7d C++: Sync IRType.qll 2021-01-25 09:43:57 +01:00
ihsinme
20d1b24e9c Add files via upload 2021-01-24 22:35:11 +03:00
Mathias Vorreiter Pedersen
b4f9b1590d C++: Restore lost result on git/git. We lost the result in a00bd7ae02 because the added check for type T to type T* conversion didn't handle const qualifiers. 2021-01-22 14:20:18 +01:00
Mathias Vorreiter Pedersen
682b246441 C++: Fix path-problem format. 2021-01-22 13:40:44 +01:00
ihsinme
9c53e39394 Update CompilerRemovalOfCodeToClearBuffers.ql 2021-01-21 16:52:00 +03:00
Geoffrey White
d5d8b48218 C++: More accurate solution using Guards library. 2021-01-20 17:15:42 +00:00
Mathias Vorreiter Pedersen
b0e255eb16 C++: Encapsulate skipSkippableInstructions in a module. 2021-01-20 15:45:37 +01:00
Mathias Vorreiter Pedersen
f12ebe88e6 Revert "C++: Replace SkippableInstruction with local flow steps." 
This reverts commit 258d04178f. This
change caused a ~20% performance regression.
 2021-01-20 15:43:24 +01:00
ihsinme
4c9de4574a Update CompilerRemovalOfCodeToClearBuffers.ql 2021-01-20 16:24:43 +03:00
Geoffrey White
fe4ae7e975 C++: General solution for functions that may exit. 2021-01-19 16:56:19 +00:00
Jonas Jensen
24947f27b4 Merge pull request #4750 from geoffw0/modelclasses 
C++: Model classes in StdString.qll.
 2021-01-19 12:51:30 +01:00
Geoffrey White
cff56350e0 C++: Fix getClassAndName parameter name. 2021-01-19 10:34:25 +00:00
Geoffrey White
b4a5346dc3 C++: It turns out .getTemplate() is not necessary. 2021-01-19 08:46:53 +00:00
Geoffrey White
f8a1fb1c35 C++: Apply the new pattern where it doesn't matter for performance as well, for consistency. 2021-01-19 08:46:53 +00:00
Geoffrey White
bfef1a200e C++: Apply the new pattern in other parts of StdString.qll where it matters. 2021-01-19 08:46:53 +00:00