hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,235 Commits 1,672 Branches 157 Tags
75b13da4e422c6f00519b51a3d29017cebf40aab
Commit Graph

10804 Commits

Author SHA1 Message Date
Jeroen Ketema
ac4933a9cc C++: Ensure that the sink instruction occurs last in cpp/invalid-pointer-deref 
This avoids some counter-intuitive paths where we would seemingly jump back
to an earlier instruction, which might actually have been in bounds.
 2023-06-02 12:36:34 +02:00
Mathias Vorreiter Pedersen
05e5ebe4f4 Merge pull request #13331 from aibaars/use-shortest-distances-to-count-indirections 
C++: Use the shortestDistances HOP to count indirections (rebased copy of #13323)
 2023-06-02 11:22:59 +01:00
erik-krogh
5cbe6db37d C++: sync files from C# 2023-06-02 11:58:08 +02:00
Mathias Vorreiter Pedersen
cc8aac5435 C++: Use the 'shortestDistances' HOP to count indirections instead of manual recursion. This avoids cyclic problems when we have invalid types. 2023-06-02 11:17:08 +02:00
Robert Marsh
c9c93ca701 C++: test for strncmp false positives 2023-06-01 12:52:17 -04:00
Robert Marsh
df4d156a36 C++: remove unneeded exists variables 2023-06-01 11:28:12 -04:00
Mathias Vorreiter Pedersen
4497aa5eb1 Merge pull request #13333 from geoffw0/macroname 
C++: Make Macro.getName() more efficient.
 2023-05-31 13:56:58 -07:00
Alexandre Boulgakov
67cd6b7fa6 Merge pull request #13337 from MathiasVP/revert-13207 
Revert #13207
 2023-05-31 19:41:01 +01:00
Mathias Vorreiter Pedersen
52eb7aee5e Revert "Merge pull request #13207 from MathiasVP/use-equiv-class-in-getInstruction" 
This reverts commit 5bc844c4c6, reversing
changes made to b2fb2aa0d1.
 2023-05-31 11:26:09 -07:00
Mathias Vorreiter Pedersen
3d9c282f48 Merge pull request #13320 from jketema/ptr-deref-dedup 2023-05-31 10:12:05 -07:00
Arthur Baars
c211b704f3 Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Jeroen Ketema
ace7b6b711 C++: Add cpp/invalid-pointer-deref FP test case 2023-05-31 11:54:53 +02:00
Geoffrey White
a9811fe2c3 Swift: Make Macro.getName() more efficient. 2023-05-31 10:53:02 +01:00
Arthur Baars
490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Jeroen Ketema
dd30acf1e3 C++: Add nodes query predicate to cpp/invalid-pointer-deref 2023-05-30 18:43:01 +02:00
Jeroen Ketema
f5ed02a433 C++: Take into account the delta at the final sink in cpp/invalid-pointer-deref 2023-05-30 18:33:20 +02:00
Jeroen Ketema
de974cc18a C++: Add cpp/invalid-pointer-deref test case that shows some duplicate results 2023-05-30 18:18:13 +02:00
Jeroen Ketema
a8c76388c0 C++: Fix configuration names in comments in cpp/invalid-pointer-deref 2023-05-30 18:15:37 +02:00
Mathias Vorreiter Pedersen
f00b29d3d2 C++: The small-string optimization commonly used inside 'std::string' is causing a lot of FPs. Let's exclude this for now to reduce the number of results for this query. 2023-05-30 07:33:07 -07:00
Robert Marsh
2afda5f3f1 Merge pull request #13305 from MathiasVP/fix-join-of-pointerArithOverflow0 
C++: Fix join in `pointerArithOverflow0`
 2023-05-30 10:24:35 -04:00
Jeroen Ketema
16bc584bd1 Merge pull request #13294 from MathiasVP/better-test-for-range-analysis 
C++: Change range-analysis test to not use `getAst`
 2023-05-30 10:49:58 +02:00
Mathias Vorreiter Pedersen
9828af45a1 C++: Change separator from ':' to '|'. 2023-05-26 15:23:48 -07:00
Mathias Vorreiter Pedersen
0f08642653 C++: Fix join in 'pointerArithOverflow0'. 2023-05-26 11:16:44 -07:00
Robert Marsh
d18fb646d1 C++: handle cast arrays properly in off-by-one query 2023-05-26 13:16:21 -04:00
Robert Marsh
5bc844c4c6 Merge pull request #13207 from MathiasVP/use-equiv-class-in-getInstruction 
C++: Reduce memory pressure from `getInstruction`
 2023-05-26 13:13:57 -04:00
Robert Marsh
6e230e10f8 C++: include stack-allocated arrays in off-by-one query 2023-05-26 13:04:51 -04:00
Robert Marsh
b2fb2aa0d1 Merge pull request #13045 from rdmarsh2/rdmarsh2/cpp/improve-constant-off-by-one 
C++: stitch paths and ignore cast arrays in constant off-by-one query
 2023-05-26 12:47:08 -04:00
Jeroen Ketema
63657396c5 Merge pull request #13267 from MathiasVP/promote-overrun-write 
C++: Promote `cpp/overrun-write` out of experimental
 2023-05-26 11:34:26 +02:00
Mathias Vorreiter Pedersen
0d1d20c75b C++: Change range-analysis test to not use 'getAst'. This was creating confusing test expectation annotations. 2023-05-25 15:50:29 -07:00
Mathias Vorreiter Pedersen
960e6521a4 Revert "C++: Whitespace commit to make qhelp show up in diff." 
This reverts commit ec192d621c.
 2023-05-25 15:21:09 -07:00
Mathias Vorreiter Pedersen
e7f82a3571 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-05-25 13:56:01 -07:00
Mathias Vorreiter Pedersen
384ca0c31f C++: Respond to review comments. 2023-05-25 13:50:35 -07:00
Mathias Vorreiter Pedersen
c3fdc83af6 C++: Also add an out barrier on all sinks. 2023-05-25 12:23:50 -07:00
Mathias Vorreiter Pedersen
a7252e625e C++: Fix result duplication on 'cpp/unbounded-write' on 'kirxkirx/vast'. 2023-05-25 11:12:01 -07:00
Mathias Vorreiter Pedersen
ec192d621c C++: Whitespace commit to make qhelp show up in diff. 2023-05-24 16:13:42 -07:00
Mathias Vorreiter Pedersen
ebc1d5feff Merge branch 'main' into rdmarsh2/cpp/improve-constant-off-by-one 2023-05-24 16:07:08 -07:00
Mathias Vorreiter Pedersen
298013a57e C++: Add in-barrier on sources to reduce duplication. 2023-05-24 16:02:27 -07:00
Mathias Vorreiter Pedersen
64d7b4923d C++: Prune flow states based on 'PointerArithmeticToDerefConfig'. 2023-05-24 16:02:17 -07:00
Mathias Vorreiter Pedersen
90824d01b4 C++: Add change note. 2023-05-24 14:39:05 -07:00
Robert Marsh
7404bd9c4b Merge branch 'main' into rdmarsh2/cpp/cobo-neq-refinement 2023-05-24 14:13:38 -04:00
Mathias Vorreiter Pedersen
fca5fb6177 Merge pull request #13269 from jketema/inline-module 
C++/Swift: Rewrite inline expectation tests to use the parameterized module
 2023-05-24 08:10:42 -07:00
Mathias Vorreiter Pedersen
4496fd58ae Merge pull request #13271 from jketema/invalid-pointer-deref-fp-2 
C++: Add `cpp/invalid-pointer-deref` FP test case
 2023-05-24 08:05:58 -07:00
Jeroen Ketema
9a467f9d4e C++: Add cpp/invalid-pointer-deref FP test case 2023-05-24 13:52:19 +02:00
github-actions[bot]
d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Jeroen Ketema
af378df712 C++: Add cpp/invalid-pointer-deref FP test case 2023-05-24 12:29:55 +02:00
Jeroen Ketema
2276890cec C++: Rewrite inline expectation tests to use the parameterized module 2023-05-24 11:10:05 +02:00
Jeroen Ketema
5dc3789df2 Merge pull request #13266 from MathiasVP/modernize-print-ir-local-flow 
C++: Modernize `PrintIR` for local dataflow
 2023-05-24 10:54:10 +02:00
Mathias Vorreiter Pedersen
e1223d0b21 C++: Add security severity. 2023-05-23 15:01:33 -07:00
Mathias Vorreiter Pedersen
0dfc9b996d C++: Promote 'cpp/overrun-write' out of experimental. 2023-05-23 14:57:42 -07:00
Robert Marsh
bad72c42c5 Merge pull request #13244 from MathiasVP/promote-product-flow 
C++: Promote the product-dataflow library out of experimental
 2023-05-23 16:23:59 -04:00