hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-16 18:31:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
23,316 Commits 1,782 Branches 169 Tags
75d5fe67ea0cf9b60ad33b3d2edeffcbb475af38
Commit Graph

3351 Commits

Author SHA1 Message Date
John L. Singleton
8c6c011be2 Formatting fixes, comment moving. 2021-06-11 10:17:05 -04:00
John L. Singleton
cd61fb4753 this should be abstract 2021-06-10 19:54:58 -04:00
John L. Singleton
2a01324172 more maintainable pattern for class abstractions 2021-06-10 17:09:32 -04:00
John L. Singleton
bd7c416356 comment change 2021-06-10 11:21:11 -04:00
John L. Singleton
0d3f53b013 Changes to structure per feedback of @jbj 2021-06-10 11:16:58 -04:00
John L. Singleton
f174d7a0e0 Comment changes 2021-06-10 09:52:22 -04:00
John L. Singleton
14c419a75f autoformatting 2021-06-10 09:39:43 -04:00
John L. Singleton
28e2cdb54e adding standard C/C++ fixed width, minimum width, and maximum width types 2021-06-09 16:12:58 -04:00
Mathias Vorreiter Pedersen
879bfbbd4e C++: Match the join order from before #5522. 2021-06-09 15:02:31 +02:00
Mathias Vorreiter Pedersen
025043afca Merge pull request #6010 from geoffw0/charloc 
C++: Test and fix maxCols / charLoc
 2021-06-08 11:15:04 +02:00
Geoffrey White
6f05fd4839 C++: Autoformat. 2021-06-07 11:01:00 +01:00
Mathias Vorreiter Pedersen
27586d77f8 C++: Copy isDeeplyConst{Below} into SideEffects and modify it so that it works for smart pointers. 2021-06-04 18:46:52 +02:00
Geoffrey White
3c6a1f165b Update cpp/ql/src/semmle/code/cpp/Location.qll 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2021-06-04 16:19:11 +01:00
Geoffrey White
a93246d28b C++: Fix maxCols. 2021-06-04 13:05:13 +01:00
Jonas Jensen
7282ad90d0 Merge pull request #5854 from dbartol/dbartol/smart-pointers/side-effects 
C++: Generate side effect instructions for smart pointer indirections
 2021-06-01 16:57:05 +02:00
Dave Bartolomeo
da14647e5a Merge pull request #5522 from github/rdmarsh2/cpp/ssa-reuse 
C++: reuse unaliased SSA results when computing aliased SSA
 2021-06-01 10:17:54 -04:00
Anders Schack-Mulligen
ce509eb7e1 Merge pull request #5927 from aschackmull/dataflow/flowthrough-dispatch-perf 
Dataflow: Improve performance in flow-through pruning
 2021-06-01 11:46:22 +02:00
Anders Schack-Mulligen
5d21c64247 Dataflow: qldoc fix. 2021-06-01 10:49:47 +02:00
Anders Schack-Mulligen
4f9a6c151b Dataflow: Code review fixes. 2021-06-01 10:29:17 +02:00
Anders Schack-Mulligen
683f853fa5 Dataflow: Fix another bad join order. 2021-05-31 15:14:13 +02:00
Mathias Vorreiter Pedersen
6d7b95c15d Merge pull request #5966 from erik-krogh/overrideConsistency 
CPP/C#: make some parameter names consistent with the names used in the super class
 2021-05-31 11:57:10 +02:00
Jonas Jensen
4e502d10d6 Merge pull request #5951 from MathiasVP/optimize-switcCase-getAStmt 
C++: Remove large antijoin in `SwitchCase.getAStmt`
 2021-05-31 11:50:32 +02:00
Mathias Vorreiter Pedersen
b4e4c12d0f C++: Use a rank aggregate for a much better implementation. 2021-05-31 11:17:09 +02:00
Erik Krogh Kristensen
b947334eea CPP: make some parameter names consistent with the names used in the super class 2021-05-28 16:48:47 +02:00
Erik Krogh Kristensen
79989cc3f4 CPP/Java: Fix getAPrimaryQlClass implementations 2021-05-27 21:36:27 +02:00
Mathias Vorreiter Pedersen
b2bdf95a9d C++: Remove large antijoin in SwitchCase.getAStmt(). 2021-05-25 17:25:42 +02:00
Anders Schack-Mulligen
017bf68906 Dataflow: Fix bad join order. 2021-05-25 11:40:53 +02:00
Alex Denisov
ab23507e3f C++: Add ref qualifiers 2021-05-20 10:03:54 +02:00
Anders Schack-Mulligen
4406b8e339 Dataflow: Sync. 2021-05-19 19:22:36 +02:00
Geoffrey White
aaae717328 Merge branch 'main' into weak_crypto 2021-05-19 11:19:08 +01:00
Mathias Vorreiter Pedersen
4d00513606 C++: Use the isParameterDerefOrQualifierObject predicate to remove a disjunction. 2021-05-19 10:47:04 +02:00
Robert Marsh
db85a215ab C++: fix alias model for smart pointer setters 2021-05-18 13:16:22 -07:00
Robert Marsh
e590a7bc33 C++: Handle alias models for this/qualifiers 2021-05-18 13:15:38 -07:00
Geoffrey White
3d8513c1e0 C++: Add 'MAC' as additional evidence. 2021-05-18 13:24:51 +01:00
Geoffrey White
930b9fe3e5 C++: Add triple-DES to the bad algorithms list. 2021-05-17 15:51:17 +01:00
Geoffrey White
57354def9e C++: Real world diffs suggest that 'Cipher' should be an encryption word as well. 2021-05-17 15:36:27 +01:00
Geoffrey White
9e75f53798 C++: Prefer matches to regexpMatch. 2021-05-17 15:35:19 +01:00
Geoffrey White
a9d57450c8 C++: Autoformat. 2021-05-13 16:19:09 +01:00
Geoffrey White
e4d2c7cfc4 C++: Rewrite so that we look for additional evidence. 2021-05-13 13:19:39 +01:00
Geoffrey White
123889a671 C++: Fix 'triple DES' false positives. 2021-05-13 10:21:06 +01:00
Geoffrey White
40cf29b625 C++: Rearrange the library. 2021-05-13 08:39:37 +01:00
Geoffrey White
b6d5f7c315 C++: Fix FPs caused by substring regexp. 2021-05-12 19:23:49 +01:00
Geoffrey White
8f152b7380 Merge pull request #5877 from MathiasVP/detect-more-abs-in-overflow-library 
C++: Detect more uses of `abs`
 2021-05-12 10:02:12 +01:00
Anders Schack-Mulligen
74ae2e0857 Merge pull request #5773 from hvitved/dataflow/aggressive-caching 
Data flow: Cache most language-dependent predicates
 2021-05-12 09:41:55 +02:00
Tom Hvitved
d66506b0a3 Data flow: Rename {Argument,Parameter}NodeExt to {Arg,Param}Node 2021-05-11 14:40:10 +02:00
Mathias Vorreiter Pedersen
48e783184c C++: Fix false positive by recognizing more absolute value functions in Overflow.qll 2021-05-11 14:30:28 +02:00
Dave Bartolomeo
773e5f2e2e Merge remote-tracking branch 'upstream/main' into side-effects 2021-05-07 16:50:48 -04:00
Dave Bartolomeo
187e136ecc C++: Generate IR side effects for smart pointer indirections 
When inserting side effect instructions for argument indirections, we now insert side effects for smart pointers as we would for raw pointers. The address operand of the side effect instruction is  the smart pointer object, which is a bit odd. However, I'd like to think through the design of a more principled solution before doing additional work.

A few new tests are added to the existing IR tests. In addition, the IR tests now `#include` some of the shared STL headers. I've disabled IR dumps for functions from those headers, since they only get in the way of the test cases we intended.
 2021-05-07 16:50:03 -04:00
Dave Bartolomeo
f0a994a570 C++: Fix pointer flow modeling for smart pointer setters 2021-05-07 16:33:15 -04:00
Dave Bartolomeo
653ef9d257 C++: Improve consistency failure message for multiple MemoryLocations on a memory access. 2021-05-07 16:04:01 -04:00