hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-21 09:23:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,537 Commits 1,693 Branches 161 Tags
76067cb12d88fdd761ac4dbfbd85eada52415977
Commit Graph

786 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
40b6e1624f Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:23 +01:00
Mathias Vorreiter Pedersen
22e843abc6 Update cpp/ql/src/Security/CWE/CWE-416/IteratorToExpiredContainer.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2024-05-01 11:41:16 +01:00
Mathias Vorreiter Pedersen
708d12624f C++: Update documentation on 'cpp/iterator-to-expired-container'. 2024-04-30 16:32:32 +01:00
Mathias Vorreiter Pedersen
61ce7252e6 C++: Update the alert message in 'cpp/iterator-to-expired-container'. 2024-04-30 16:12:54 +01:00
Mathias Vorreiter Pedersen
c04e59611b Merge pull request #16355 from MathiasVP/promote-iterator-to-expired-container-out-of-experimental 
C++: Promote `cpp/iterator-to-expired-container` out of experimental
 2024-04-30 15:45:56 +01:00
Mathias Vorreiter Pedersen
94364f724e C++: Remove CP between all sinks and all states in 'cpp/iterator-to-expired-container'. 2024-04-29 16:46:00 +01:00
Mathias Vorreiter Pedersen
5c454bdd8c C++: Compute and add severity. 2024-04-29 11:09:42 +01:00
Mathias Vorreiter Pedersen
f194c70e8a C++: Set precision to medium. 2024-04-29 11:08:08 +01:00
Mathias Vorreiter Pedersen
179270ffc1 C++: Move 'cpp/iterator-to-expired-container' out of experimental. 2024-04-29 11:07:55 +01:00
Geoffrey White
15123a7b40 C++: Reduce duplication. 2024-04-25 16:49:22 +01:00
Geoffrey White
e29ce5f5d5 Merge branch 'main' into mad 2024-04-12 14:30:44 +01:00
Anders Schack-Mulligen
f202661912 C++: Add alert provenance plumbing. 2024-04-12 09:20:06 +02:00
Geoffrey White
36db493723 C++: Autoformat. 2024-04-10 15:02:19 +01:00
Geoffrey White
a8742ea111 C++: PascalCase and US spelling fixes. 2024-04-03 14:17:55 +01:00
Geoffrey White
fa26b55452 C++: Add models-as-data models for ZMQ networking library + wiring. 2024-03-28 21:50:07 +00:00
Mathias Vorreiter Pedersen
7b0df57d7a C++: Remove the two configurations that depend on flow state to speed up performance on ChakraCore. 2024-03-11 13:56:22 +00:00
Mathias Vorreiter Pedersen
761f6d3a7e C++: Disable field flow from the 'cpp/type-confusion' query to fix performance on ChakraCore. 2024-03-07 15:24:04 -08:00
Mathias Vorreiter Pedersen
4f9bdca4f0 C++: Optimize. 2024-03-07 13:08:26 -08:00
Mathias Vorreiter Pedersen
cedbfbe7ea C++: Use a more generous definition of compatible types. 2024-03-07 10:50:20 -08:00
Mathias Vorreiter Pedersen
9e77b89885 Update TypeConfusion.qhelp 
Co-authored-by: hubwriter <hubwriter@github.com>
 2024-03-07 08:33:49 -08:00
Mathias Vorreiter Pedersen
b876117ecc C++: Add more QLDoc. 2024-03-06 22:25:04 -08:00
Mathias Vorreiter Pedersen
3295d5cb9f C++: Add more QLDoc. 2024-03-06 21:17:57 -08:00
Mathias Vorreiter Pedersen
cd57cd0d8a C++: Add qhelp reference. 2024-03-06 21:15:27 -08:00
Mathias Vorreiter Pedersen
8ae6fa5366 C++: Add a new query 'cpp/type-confusion' for detecting type confusion vulnerabilities. 2024-03-06 21:11:32 -08:00
Ben Rodes
f79846467e Update cpp/ql/src/Security/CWE/CWE-704/WcharCharConversion.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2024-01-26 15:25:08 -05:00
Benjamin Rodes
562221f48e False positive fix. 2024-01-26 13:27:14 -05:00
erik-krogh
8be7eadace delete outdated deprecations 2024-01-22 09:11:35 +01:00
Mathias Vorreiter Pedersen
44124158c4 Merge pull request #15078 from alexet/unique-pointer-temporary 
CPP: Add query for detecting invalid uses of temporary unique pointers.
 2023-12-20 11:16:01 +01:00
Mathias Vorreiter Pedersen
57e0804cef Update cpp/ql/src/Security/CWE/CWE-416/UseOfUniquePointerAfterLifetimeEnds.ql 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-12-20 10:52:42 +01:00
Alex Eyers-Taylor
8e92fcc08f CPP: Format Temporaries 2023-12-15 12:00:44 +00:00
Alexander Eyers-Taylor
c68d3c5983 Update cpp/ql/src/Security/CWE/CWE-416/Temporaries.qll 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-15 11:23:11 +00:00
Alex Eyers-Taylor
49e1467581 CPP: Fix handling of ternary operators in tempory queries and add tests. 2023-12-15 11:03:23 +00:00
Jeroen Ketema
2065ecff66 C++: Only consider the maximum buffer size for badly bounded write 2023-12-15 10:46:13 +01:00
Alexander Eyers-Taylor
236a6a1bce CPP: Apply suggestions from code review 
Fix spelling in query id

Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2023-12-12 17:22:46 +00:00
Alex Eyers-Taylor
e9bc5a54ea CPP: Add query for detecting invalid uses of temporary unique pointers. 2023-12-12 16:22:20 +00:00
Mathias Vorreiter Pedersen
03b77dbf2a C++: Make 'node.asExpr()' behave as 'node.asDefinition()' in void contexts. 2023-12-04 16:38:13 +00:00
Mathias Vorreiter Pedersen
c1561e8675 Merge branch 'main' into reduce-duplication-from-operators 2023-11-30 14:30:50 +00:00
Mathias Vorreiter Pedersen
351caaccfe C++: Add GOOD and BAD comments to qhelp examples. 2023-11-29 09:44:54 +00:00
Mathias Vorreiter Pedersen
8afd9288cb Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-11-29 09:36:29 +00:00
Mathias Vorreiter Pedersen
2b36ba33f0 C++: Add support for 'data' in the query. 2023-11-28 12:57:59 +00:00
Mathias Vorreiter Pedersen
71ad7696c3 C++: Add qhelp. 2023-11-28 09:06:24 +00:00
Mathias Vorreiter Pedersen
204acbacc5 C++: Add a new query for detecting calls to 'c_str' on temporary objects. 2023-11-28 09:06:24 +00:00
Mathias Vorreiter Pedersen
73138f1913 C++: No need to exclude ExprNodes as sources now that #14903 is merged. 2023-11-24 16:58:30 +00:00
Mathias Vorreiter Pedersen
a7d820ce62 C++: Remove workaround for negated conditions in 'cpp/user-controlled-bypass'. 2023-11-24 15:17:45 +00:00
Mathias Vorreiter Pedersen
e438671846 Merge pull request #14896 from MathiasVP/no-dtt-in-user-controlled-bypass 
C++: Rewrite `cpp/user-controlled-bypass` away from `DefaultTaintTracking`
 2023-11-24 14:43:10 +00:00
Mathias Vorreiter Pedersen
2681617f28 C++: Undo the workaround in 'cpp/tainted-permissions-check'. 2023-11-24 10:56:11 +00:00
Mathias Vorreiter Pedersen
5604fd7d80 C++: Rewrite 'cpp/user-controlled-bypass' away from 'DefaultTaintTracking'. 2023-11-23 17:35:54 +00:00
Mathias Vorreiter Pedersen
257d94be20 Merge pull request #14886 from jketema/rewrite-tainted-condition 
C++: Rewrite `cpp/tainted-permissions-check` to not use `DefaultTaintTracking`
 2023-11-23 16:18:03 +00:00
Mathias Vorreiter Pedersen
149fb7bbc2 Merge pull request #14881 from MathiasVP/no-dtt-in-user-controlled-null-termination-tainted 
C++: Rewrite `cpp/user-controlled-null-termination-tainted` away from `DefaultTaintTracking`
 2023-11-23 14:41:33 +00:00
Mathias Vorreiter Pedersen
b774ae07c8 Update cpp/ql/src/Security/CWE/CWE-170/ImproperNullTerminationTainted.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-11-23 14:10:57 +00:00