hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,235 Commits 1,672 Branches 157 Tags
75b13da4e422c6f00519b51a3d29017cebf40aab
Commit Graph

10804 Commits

Author SHA1 Message Date
Ben Rodes
66f725dd05 Update cpp/ql/lib/semmle/code/cpp/commons/StringConcatenation.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-19 08:47:48 -05:00
Mathias Vorreiter Pedersen
95cd31fce3 C++: Silence warnings. 2023-12-19 12:29:16 +01:00
Mathias Vorreiter Pedersen
4844c43f06 C++: Cleanup now that we're back to an abstract class. 2023-12-19 12:11:38 +01:00
Mathias Vorreiter Pedersen
937e0ee8d2 C++: Go back to abstract classes. 2023-12-19 12:10:57 +01:00
Mathias Vorreiter Pedersen
b6974d674c Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DebugPrinting.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-12-19 11:47:46 +01:00
github-actions[bot]
8f72b0e4f7 Post-release preparation for codeql-cli-2.15.5 2023-12-19 10:32:57 +00:00
Mathias Vorreiter Pedersen
8230a90db6 C++: No need for another 'stars' predicate in 'PrintIRUtilities'. 2023-12-19 11:22:27 +01:00
Mathias Vorreiter Pedersen
9b25834771 C++: Use parameterized modules instead of abstract classes and predicates to handle debug printing. 2023-12-19 11:08:41 +01:00
Mathias Vorreiter Pedersen
501645920f C++: Move private stuff from 'DataFlowUtil' to public stuff 'DataFlowPrivate'. Also make 'PostUpdateNodeImpl' public in 'DataFlowUtil'. Sadly, this means that it's visible at the query level (as DataFlow::PostUpdateNodeImpl), but I've added a big INTERNAL QLDoc on it to make sure people don't use it. 2023-12-19 10:41:35 +01:00
Jeroen Ketema
180e752a23 C++: Update test after extractor changes 
Also remove incorrect FP comment. clang does not support `#pragma hdrstop` in
its non-cl-emulation mode.
 2023-12-18 23:30:13 +01:00
github-actions[bot]
19af35b29a Release preparation for version 2.15.5 2023-12-18 21:22:44 +00:00
Mathias Vorreiter Pedersen
41c49ae05b Merge pull request #15136 from MathiasVP/fix-joins-in-use-after-free 2023-12-18 17:18:06 +01:00
Mathias Vorreiter Pedersen
d308bb40a0 Merge pull request #15132 from MathiasVP/fix-joins-in-isModifiableAtImpl 
C++: Fix joins in `isModifiableAtImpl`
 2023-12-18 15:01:36 +01:00
Mathias Vorreiter Pedersen
aafde4d18d C++: Fix joins in 'cpp/use-after-free'. 2023-12-18 14:49:09 +01:00
Mathias Vorreiter Pedersen
50b754b6c1 Merge pull request #15129 from MathiasVP/fix-joins-in-wrong-type-format-argument 
C++: Fix joins in `cpp/wrong-type-format-argument`
 2023-12-18 12:17:17 +01:00
Mathias Vorreiter Pedersen
f5c52ac496 C++: Fix joins in 'isModifiableAtImpl'. 2023-12-18 12:02:33 +01:00
Mathias Vorreiter Pedersen
8ed9fbb295 Merge pull request #15123 from MathiasVP/fix-fps-in-double-free 
C++: Fix FPs in `cpp/double-free` and `cpp/use-after-free`
 2023-12-18 10:44:18 +01:00
Mathias Vorreiter Pedersen
e88c6888bc Merge pull request #15121 from MathiasVP/fix-joins-in-av-rule-145 
C++: Fix joins in `AV Rule 145`
 2023-12-18 10:42:46 +01:00
Mathias Vorreiter Pedersen
3897befbe2 C++: Fix joins in 'cpp/wrong-type-format-argument'. 2023-12-18 09:49:34 +01:00
Mathias Vorreiter Pedersen
ef916f0ba0 C++: Mitigate ODR violations. 2023-12-15 17:16:04 +00:00
Mathias Vorreiter Pedersen
82b9f1b31c C++: Accept test changes. 2023-12-15 14:57:31 +00:00
Mathias Vorreiter Pedersen
0543ed115e C++: Add barrier for array lookups in 'cpp/double-free' and 'cpp/use-after-free'. 2023-12-15 14:57:17 +00:00
Mathias Vorreiter Pedersen
dc9c538fcc Merge pull request #15120 from MathiasVP/fix-joins-in-av-rule-79 
C++: Fix joins in `cpp/resource-not-released-in-destructor`
 2023-12-15 14:06:53 +00:00
Mathias Vorreiter Pedersen
1cbe01923d C++: Fix joins in 'AV Rule 145'. 2023-12-15 13:08:13 +00:00
Jeroen Ketema
3977689808 Merge pull request #15117 from jketema/buffer 
C++: Only consider the maximum buffer size for badly bounded write
 2023-12-15 13:46:09 +01:00
Alex Eyers-Taylor
8e92fcc08f CPP: Format Temporaries 2023-12-15 12:00:44 +00:00
Mathias Vorreiter Pedersen
2c5f65a241 C++: Drive-by cleanup: This case is redundant since a 'DestructorCall' is also a 'FunctionCall'. 2023-12-15 11:38:52 +00:00
Mathias Vorreiter Pedersen
ce326a0f79 C++: Fix joins. 2023-12-15 11:37:28 +00:00
Alexander Eyers-Taylor
c68d3c5983 Update cpp/ql/src/Security/CWE/CWE-416/Temporaries.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-15 11:23:11 +00:00
Alex Eyers-Taylor
49e1467581 CPP: Fix handling of ternary operators in tempory queries and add tests. 2023-12-15 11:03:23 +00:00
Anders Schack-Mulligen
1ea1130271 Merge pull request #15062 from aschackmull/dataflow/deprecate-flowstatestring 
Dataflow: Deprecate FlowStateString.
 2023-12-15 11:59:04 +01:00
Jeroen Ketema
0b1b1be356 C++: Add change note 2023-12-15 11:13:52 +01:00
Jeroen Ketema
2065ecff66 C++: Only consider the maximum buffer size for badly bounded write 2023-12-15 10:46:13 +01:00
Mathias Vorreiter Pedersen
7af6496a71 C++: Add change note. 2023-12-14 17:13:23 +00:00
Mathias Vorreiter Pedersen
61e30b9ff8 C++: Accept more test changes. 2023-12-14 15:25:29 +00:00
Mathias Vorreiter Pedersen
368f438754 C++: Add more QLDoc. 2023-12-14 14:49:48 +00:00
Mathias Vorreiter Pedersen
0c100eb122 C++: Accept test changes. 2023-12-14 14:44:58 +00:00
Mathias Vorreiter Pedersen
8a52565395 C++: Improve 'toString' on the most common dataflow nodes. 2023-12-14 14:44:42 +00:00
Anders Schack-Mulligen
a1068ce2f9 Dataflow: deprecate references 2023-12-14 15:05:33 +01:00
Jeroen Ketema
4d922ddb0c Merge pull request #15092 from jketema/mb12 
Merge back `rc/3.12` into main
 2023-12-13 17:45:58 +01:00
Jeroen Ketema
99e65df6ce Merge remote-tracking branch 'upstream/rc/3.12' into mb12 2023-12-13 15:43:39 +01:00
Mathias Vorreiter Pedersen
401ab3b035 C++: Fix 'isDebugMode'. It was computing 'isNotDebugMode' (oops). 2023-12-13 14:31:45 +00:00
Mathias Vorreiter Pedersen
fcc3113bfc C++: Privately import 'Node0ToString'. 2023-12-13 14:31:02 +00:00
Mathias Vorreiter Pedersen
45080ec9f0 C++: Create an abstract class to control debug 'toString' output for dataflow nodes. 2023-12-13 12:05:04 +00:00
Alexander Eyers-Taylor
236a6a1bce CPP: Apply suggestions from code review 
Fix spelling in query id

Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-12 17:22:46 +00:00
Alex Eyers-Taylor
136a77b86e CPP: Add change note for cpp/use-of-uniwue-pointer-after-lifetime-ends 2023-12-12 16:47:55 +00:00
Alex Eyers-Taylor
e9bc5a54ea CPP: Add query for detecting invalid uses of temporary unique pointers. 2023-12-12 16:22:20 +00:00
Mathias Vorreiter Pedersen
3dea467dcc Merge pull request #15047 from MathiasVP/add-puns-for-addresses-of-arguments 
C++: Add `PostUpdateNode`s for addresses of outgoing arguments
 2023-12-12 13:55:13 +00:00
Mathias Vorreiter Pedersen
97f2be9b82 C++: Fix QLDoc. 2023-12-12 13:45:18 +00:00
Mathias Vorreiter Pedersen
1ad0e6524e Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintDataFlowRelevantIR.qll 2023-12-12 13:15:36 +00:00