hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,235 Commits 1,672 Branches 157 Tags
75b13da4e422c6f00519b51a3d29017cebf40aab
Commit Graph

87 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
b82dfa9a21 C++: Fix failing test by allocating 'TFunctionInput's and 'TFunctionOutput's for more indirections. Note that we now mark two output nodes coming out of 'getaddrinfo' as a remote flow source (the first indirection and the second indirection). We'll fix that in the next commit. 2023-11-02 16:45:50 +00:00
Mathias Vorreiter Pedersen
5487b404ed C++: Add failing test. 2023-11-02 16:41:19 +00:00
Mathias Vorreiter Pedersen
08b528b5c4 C++: Add a taint-model for 'realloc' and accept test changes. 2023-10-30 17:08:01 +00:00
Mathias Vorreiter Pedersen
0837e400a2 C++: Add failing test. 2023-10-30 17:05:43 +00:00
Mathias Vorreiter Pedersen
33494fe9e1 C++: Extend the taint model and accept test changes. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen
e4683449cb C++: Add failing test. 2023-10-27 16:26:37 +01:00
Mathias Vorreiter Pedersen
032572b924 C++: Fix 'strtok' model. 2023-10-25 09:39:36 +01:00
Mathias Vorreiter Pedersen
f54379d096 C++: Add failing test. 2023-10-25 09:38:49 +01:00
Jeroen Ketema
a972d0943a C++: Accept test changes after changes in IR generation 2023-10-19 10:45:14 +02:00
Mathias Vorreiter Pedersen
20f501d1c7 C++: Change queries to use 'asExpr' instead of 'asConvertedExpr'. 2023-09-01 15:01:32 +01:00
Mathias Vorreiter Pedersen
f662cceb0b C++: Use value numbering to better detect whether a write is certain. 2023-08-15 11:07:14 +01:00
Mathias Vorreiter Pedersen
fe97572f70 C++: Fix strncpy model. 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
273e5bc21f C++: Add testcase demonstrating that the model for 'strncpy' is broken. 2023-06-22 10:59:12 +01:00
Mathias Vorreiter Pedersen
57ae1e9ff7 C++: Add a testcase that started to fail in #13326. 2023-06-08 12:49:08 +01:00
Robert Marsh
ad8e82ac65 C++: allow read steps at the sink in IR taint test 2023-02-03 11:38:49 -05:00
Mathias Vorreiter Pedersen
b12955e220 C++: Fix flow out of const member functions. 2022-11-16 22:46:21 +00:00
Jeroen Ketema
d8e96ef12a Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-10 12:09:43 +01:00
Jeroen Ketema
bd301768ea C++: Re-introduce the ast annotations in the taint tests 2022-11-09 14:30:56 +01:00
Jeroen Ketema
74f9b322a8 Merge branch 'main' into update-from-main 2022-11-08 17:01:02 +01:00
Jeroen Ketema
c61a9c5911 C++: Also taint the return value dereference in the strcat model 2022-11-08 12:08:44 +01:00
Mathias Vorreiter Pedersen
373c849b18 C++: Accept library-test changes 2022-10-14 10:14:52 +02:00
Robert Marsh
d28c39cd73 C++: update test expectations 2022-06-20 15:56:00 -04:00
Robert Marsh
048e5d8474 C++: IR data flow through global variables 2022-06-20 15:15:45 -04:00
Mathias Vorreiter Pedersen
21167f4b67 C++: Accept test changes. 2021-11-22 13:04:23 +00:00
Mathias Vorreiter Pedersen
dbcd4d6d5d C++: Remove 'ReferenceToInstruction' from the list of instructions we interpret as a load. This makes use lose a bunch of flow, and we'll restore this flow in the next commit. 2021-11-11 10:38:52 +00:00
Mathias Vorreiter Pedersen
2cd23e5ee0 Accept test changes. 2021-10-28 12:36:36 +01:00
Mathias Vorreiter Pedersen
3efe60fdd2 C++: Accept test changes. 2021-10-28 12:35:01 +01:00
Mathias Vorreiter Pedersen
0679142607 C++: Accept test changes. 2021-10-01 18:27:55 +02:00
Anders Fugmann
0b98b39f91 C++: Test dataflow tests for strdupa and strndupa functions 2021-08-18 15:22:14 +02:00
Mathias Vorreiter Pedersen
19d08d7b40 Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-09 12:35:44 +01:00
Mathias Vorreiter Pedersen
bd842403c8 C++: Add testcase 2021-03-05 08:06:22 +01:00
Mathias Vorreiter Pedersen
eb4f1e1ba0 C++: Restore some of the lost test results by doing operand -> instruction taint steps in IR TaintTracking. 2021-03-02 15:45:40 +01:00
Mathias Vorreiter Pedersen
ffc6af73b7 C++: Accept test changes. 2021-03-02 11:00:43 +01:00
Mathias Vorreiter Pedersen
908f24d23f C++: Fix missing AST flow. 2021-02-17 14:33:58 +01:00
Mathias Vorreiter Pedersen
1b148c4c90 C++: Add reduced testcase demonstrating the problem in codeql-c-analysis-team/issues/231. 2021-02-17 11:20:00 +01:00
Mathias Vorreiter Pedersen
ff58d5a7c0 C++: Address review comments. 2021-02-02 17:06:38 +01:00
Mathias Vorreiter Pedersen
9e75a4be34 C++: Implement a model for _strnextc and its variants. 2021-02-02 16:42:39 +01:00
Mathias Vorreiter Pedersen
b54f74a68a C++: Implement model for _strinc and related functions. 2021-02-02 12:20:02 +01:00
Mathias Vorreiter Pedersen
6e71c68f33 C++: Add strsep model implementation. 2021-02-02 10:29:23 +01:00
Mathias Vorreiter Pedersen
6c3f44bba8 C++: Add more memcpy, memset, strcat and strcpy models. Also refine which strcpy functions can live in the std namespace. 2021-02-01 08:44:10 +01:00
Mathias Vorreiter Pedersen
23eb4d2009 C++: Fix isParameterDeref typo. 2021-01-28 18:29:30 +01:00
Mathias Vorreiter Pedersen
7affbfc6cb C++: Add tests. 2021-01-28 10:57:39 +01:00
Cornelius Riemenschneider
feb05542d2 C++: Refactor common implementation of data/taint flow tests. 2020-12-02 15:42:52 +01:00
Cornelius Riemenschneider
b632ca40b4 C++: Port dataflow/taint-tests to inline expectations test. 2020-11-30 17:32:54 +01:00
Dave Bartolomeo
7a2c59c194 Merge from main 2020-10-28 15:35:46 -04:00
Geoffrey White
227bf91626 C++: Correct test annotation. 2020-10-22 09:45:09 +01:00
Dave Bartolomeo
3767a52e9a Fix ODR violations in test code 2020-10-15 17:54:48 -04:00
Mathias Vorreiter Pedersen
7b456d6162 Merge branch 'main' into mathiasvp/array-field-flow 2020-09-16 10:45:31 +02:00
Jonas Jensen
bdce24735c C++: Add flow through arrays 
This works by adding data-flow edges to skip over array expressions when
reading from arrays. On the post-update side, there was already code to
skip over array expressions when storing to arrays. That happens in
`valueToUpdate` in `AddressFlow.qll`, which needed just a small tweak to
support assignments with non-field expressions at the top-level LHS,
like `*a = ...` or `a[0] = ...`.

The new code in `AddressFlow.qll` is copy-pasted from `EscapesTree.qll`,
and there is already a note in these files saying that they share a lot
of code and must be maintained in sync.
 2020-09-15 14:46:11 +02:00
Mathias Vorreiter Pedersen
0c14e2b69a C++: Fix annotations in taint.cpp 2020-09-14 23:08:50 +02:00