hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 20:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
47,631 Commits 1,673 Branches 157 Tags
7c1bfdbf41697cd21e13a8331ec47cdc4cf15421
Commit Graph

3606 Commits

Author SHA1 Message Date
Jeroen Ketema
4607f5990e C++: Add more tests that exercise the default taint barrier implementation 2022-11-25 10:19:45 +01:00
Mathias Vorreiter Pedersen
c2ac60fc34 Merge pull request #11311 from MathiasVP/repair-mustflow 
C++: Repair `MustFlow` library for use-use flow
 2022-11-21 19:13:10 +00:00
Jeroen Ketema
78ad9ba60f Merge pull request #11262 from rdmarsh2/rdmarsh2/cpp/deprecate-ast-gvn 
C++: deprecate AST-based GVN
 2022-11-21 13:38:54 +01:00
Jeroen Ketema
752bc2e980 C++: Accept test changes after AST-based GVN deprecation 2022-11-21 11:45:09 +01:00
Mathias Vorreiter Pedersen
ef6b85fa77 C++: Accept test changes. 2022-11-18 16:43:30 +00:00
Jeroen Ketema
98176007d8 C++: Fix type in dataflow test comment 2022-11-15 17:18:08 +01:00
Rasmus Wriedt Larsen
ddbcdcb4ba Merge pull request #11160 from RasmusWL/dataflow-consistency-read-store 
DataFlow: Add read/store stepIsLocal consistency checks
 2022-11-11 14:51:45 +01:00
Rasmus Wriedt Larsen
88f703af1f DataFlow: Accept changes to .expected 2022-11-10 22:13:34 +01:00
Jeroen Ketema
62f5d10d03 C++: Fix localTaint expected results 2022-11-10 16:08:07 +01:00
Jeroen Ketema
62a0bcddd9 C++: Fix the accept prototype in the dataflow taint tests 2022-11-10 14:23:26 +01:00
Jeroen Ketema
e7576fdd1a Merge pull request #11197 from jketema/simplify-taint-test 
C++: Simplify dataflow taint test query
 2022-11-10 11:58:50 +01:00
Jeroen Ketema
4d7aeced3f C++: Simplify dataflow taint test query 
The complexity seems a left-over from before these tests were turned into
inline expectation tests, where the aim seems to have been to have exactly
one sink node for each `sink` call. Multiple sink nodes for the same `sink`
call are not made visible in the inline expecation tests, and I am not
conviced this was very useful before, so remove the complexity.
 2022-11-10 10:38:22 +01:00
Jeroen Ketema
6a5f37b1b7 Merge pull request #11149 from geoffw0/wrong-number-msg 
C++: Clearer messages for the format args queries
 2022-11-08 20:44:10 +01:00
Jeroen Ketema
2bef82babc Merge pull request #11163 from jketema/missing-return 
C++: Add dataflow test that deliberately omits the return of a non-void function
 2022-11-08 16:00:36 +01:00
Geoffrey White
c8426776fc Merge branch 'main' into wrong-number-msg 2022-11-08 14:47:19 +00:00
Jeroen Ketema
fa2d58adff C++: Add dataflow test that deliberately omits the return of a non-void function 2022-11-08 15:12:34 +01:00
Jeroen Ketema
c61a9c5911 C++: Also taint the return value dereference in the strcat model 2022-11-08 12:08:44 +01:00
Jeroen Ketema
0d4a2239fc C++: Fix wrong return types and missing statement in dataflow test 2022-11-08 09:55:10 +01:00
Geoffrey White
d72ea52f68 C++: More accurate test tags. 2022-11-07 16:32:46 +00:00
Geoffrey White
55a7adff20 C++: Make the message clearer. 2022-11-07 16:32:45 +00:00
Geoffrey White
b911556896 C++: Add a test showing the motivation. 2022-11-07 16:17:32 +00:00
Jeroen Ketema
d62e3f6bc2 Merge pull request #11137 from jketema/dataflow-test-fixes 
C++: Small fixes for the dataflow tests
 2022-11-07 11:07:09 +01:00
Jeroen Ketema
291027ad82 C++: Fix return type in dataflow test 2022-11-07 09:42:54 +01:00
Jeroen Ketema
3b1feeef6d C++: Remove unneeded isAdditionalFlowStep from dataflow test 
Since the introduction of flow through global variables these additional
steps are no longer needed.
 2022-11-07 09:40:57 +01:00
Tom Hvitved
a533c95640 C++: Update expected test output 2022-11-03 15:52:30 +01:00
Mathias Vorreiter Pedersen
1ca7c5b97d Merge pull request #11091 from JarLob/assign 
Fix AV Rule 76
 2022-11-03 13:06:10 +00:00
JarLob
3317223e19 Fix AV Rule 76 2022-11-02 22:50:25 +01:00
Dave Bartolomeo
9d5e5e3ee7 ${workspace} all the things 2022-11-01 13:29:05 -04:00
Jeroen Ketema
b43cbf7f95 Update cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-10-31 17:03:29 +01:00
Jeroen Ketema
abe9258943 C++: Add strcpy test for cpp/non-constant-format 2022-10-31 15:29:17 +01:00
Jeroen Ketema
83afc2a0ad C++: Add strcpy prototype to test 2022-10-31 15:25:35 +01:00
Rasmus Wriedt Larsen
8628ff5e52 Merge pull request #10999 from RasmusWL/inline-fail-tag 
InlineExpectationsTest: Fail if missing `getARelevantTag`
 2022-10-28 10:35:49 +02:00
Mathias Vorreiter Pedersen
22cdeec3fb Merge branch 'main' into printfprecision 2022-10-28 09:29:29 +02:00
Rasmus Wriedt Larsen
fc7eb5b4fc InlineExpectationsTest: sync 2022-10-27 09:02:28 +02:00
Rasmus Wriedt Larsen
5e9897d150 InlineExpectationsTest: sync 2022-10-26 18:21:13 +02:00
Geoffrey White
dfe336cd33 C++: Autoformat tests. 2022-10-21 18:36:12 +01:00
Geoffrey White
0d030d2b13 C++: Fix FormatLiteral.getMaxConvertedLength bug. 2022-10-21 17:29:55 +01:00
Geoffrey White
06e86accac C++: Add a few cases to the formatLiteral test. 2022-10-21 17:29:28 +01:00
Geoffrey White
c8bf0d03a5 C++: Add formatAttribute test. 2022-10-21 17:29:27 +01:00
Geoffrey White
1376385abb C++: Add formatLiteral test. 2022-10-21 17:29:26 +01:00
Jeroen Ketema
4b5674af32 C++: Update test result after extractor changes 2022-10-20 22:18:32 +02:00
Geoffrey White
73f977c98c Merge pull request #10510 from geoffw0/staticfn 
C++: Fix FPs for cpp/unused-static-function in files that were not extracted completely
 2022-10-18 14:53:49 +01:00
Geoffrey White
2b3ab180fa Merge pull request #10077 from intrigus-lgtm/cpp/wexpand-commmand-injection 
Add query for tainted `wordexp` calls.
 2022-10-17 11:18:38 +01:00
Jeroen Ketema
45a0b66f73 C++: Fix test after spelling fixes 2022-10-15 14:23:08 +02:00
Nora Dimitrijević
949d3e13fe Merge branch 'main' into cpp/comma-before-misleading-indentation 2022-10-12 13:25:22 +02:00
Nora Dimitrijević
93c01371c3 C++: no parens in select message 
Debatable; see comment thread in PR.
 2022-10-12 13:01:37 +02:00
Geoffrey White
fd571538fb Merge pull request #10706 from geoffw0/vaheuristic 
C++: Tune cpp/unterminated-variadic-call
 2022-10-10 13:39:40 +01:00
erik-krogh
66c9705502 fix some more style-guide violations in the alert-messages 2022-10-07 11:19:46 +02:00
Mathias Vorreiter Pedersen
a856bc8678 Merge pull request #10562 from rdmarsh2/rdmarsh2/cpp/field-off-by-one 
C++: prototype for off-by-one in array-typed field
 2022-10-06 11:04:12 +01:00
Geoffrey White
3f78a244b9 C++: Make the tests use more repetitions. 2022-10-06 09:14:24 +01:00