hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-27 14:16:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,107 Commits 1,673 Branches 157 Tags
7cc7ec962e8f12e2869871fb878895894008bbd8
Commit Graph

5357 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
3468593d3a Merge pull request #4915 from geoffw0/sqltaint 
C++: Fix FPs in cpp/sql-injection
 2021-01-14 11:20:08 +01:00
Jonas Jensen
5eafe63a82 Merge pull request #4941 from geoffw0/cpp409 
C++: Test of taint through ConstructorDelegationInit.
 2021-01-13 15:06:37 +01:00
Geoffrey White
69664535b0 Merge pull request #4881 from ihsinme/main 
CPP: Add query for CWE-401 memory leak on unsuccessful call to realloc function
 2021-01-13 10:58:09 +00:00
Geoffrey White
3f09a047ae C++: Test comments. 2021-01-12 14:52:52 +00:00
ihsinme
bbd3f7631e Delete test.c 
sorry i was in a hurry
 2021-01-11 23:52:26 +03:00
ihsinme
b92d63d5df Delete CompilerRemovalOfCodeToClearBuffers.qlref 
sorry i was in a hurry
 2021-01-11 23:51:37 +03:00
ihsinme
05f866e912 Delete CompilerRemovalOfCodeToClearBuffers.expected 
sorry i was in a hurry
 2021-01-11 23:51:18 +03:00
ihsinme
d7a5e61f8e Delete CompilerRemovalOfCodeToClearBuffers.qhelp 
sorry i was in a hurry
 2021-01-11 23:50:47 +03:00
ihsinme
c38cfcb735 Delete CompilerRemovalOfCodeToClearBuffers.ql 
sorry i was in a hurry
 2021-01-11 23:50:19 +03:00
ihsinme
65ff526eef Delete CompilerRemovalOfCodeToClearBuffers.c 
sorry i was in a hurry
 2021-01-11 23:49:53 +03:00
ihsinme
ed6d8e3d18 Add files via upload 2021-01-11 23:40:38 +03:00
ihsinme
b185a33157 Add files via upload 2021-01-11 23:39:02 +03:00
Geoffrey White
7409dd015e C++: Autoformat. 2021-01-11 18:58:32 +00:00
ihsinme
b28444b55c Update MemoryLeakOnFailedCallToRealloc.ql 
I thought since there is no work on this PR, I will delete the residual import.
 2021-01-11 21:17:49 +03:00
Geoffrey White
1cde5e1828 C++: Test of taint through ConstructorDelegationInit. 2021-01-11 17:35:50 +00:00
Geoffrey White
cf1d1dc5c0 C++: Remove old tags. 2021-01-11 09:31:06 +00:00
Geoffrey White
70ce5fde75 C++: Improve metadata for GlobalNamespaceClasses.ql. 2021-01-08 18:27:06 +00:00
Geoffrey White
a6937beee3 Merge branch 'main' into sqltaint 2021-01-08 17:27:43 +00:00
Mathias Vorreiter Pedersen
13a67c906e Merge pull request #4810 from geoffw0/multtoalloc 
C++: Query for multiplications used in allocations.
 2021-01-07 13:48:58 +01:00
ihsinme
2d6dafc6be Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-07 15:44:50 +03:00
ihsinme
f378c14659 Update MemoryLeakOnFailedCallToRealloc.expected 2021-01-07 15:43:58 +03:00
ihsinme
592cd284e8 Update test.c 2021-01-07 15:41:31 +03:00
ihsinme
abdeaabd77 Update MemoryLeakOnFailedCallToRealloc.ql 2021-01-06 22:46:03 +03:00
ihsinme
2b8227e04d Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-01-06 22:23:46 +03:00
ihsinme
f7eb328f76 Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-01-06 22:18:14 +03:00
ihsinme
d7f31ca1a0 Update cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.qhelp 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2021-01-06 22:17:26 +03:00
Geoffrey White
b5bcbd303e C++: Cleaner solution. 2021-01-06 18:22:31 +00:00
Geoffrey White
f69ceb3dbb Merge pull request #4904 from MathiasVP/conflated-dataflow-testcases 
C++: Add dataflow testcases that need flow through conflated memory
 2021-01-06 17:48:18 +00:00
Geoffrey White
81205f37c5 C++: Fix test annotation. 2021-01-06 11:45:17 +00:00
Geoffrey White
18890c4a77 C++: Use isAdditionalBarrier in the SqlTainted query. 2021-01-05 11:33:39 +00:00
Geoffrey White
69efe7a72a C++: Add isAdditionalBarrier to DefaultTaintTracking. 2021-01-05 11:32:43 +00:00
Geoffrey White
01b204ea30 C++: Add a test case with a tainted integer. 2021-01-04 15:35:18 +00:00
Geoffrey White
7a3f9c7895 C++: Add a test (cleaned up) that was previously in the internal repo. 2021-01-04 15:35:18 +00:00
Mathias Vorreiter Pedersen
bb158f1857 C++: Add dataflow testcases that need flow through conflated memory. 2021-01-04 11:43:23 +01:00
Mathias Vorreiter Pedersen
134982c5a9 C++: Respond to review comments. 2021-01-04 09:06:58 +01:00
Mathias Vorreiter Pedersen
454605b7b1 C++: Fix join order in getAnOverload. 2020-12-30 10:34:26 +01:00
ihsinme
0c7381a3b0 Add files via upload 2020-12-26 20:45:11 +03:00
ihsinme
cd7c47ea39 Add files via upload 2020-12-26 20:43:25 +03:00
Mathias Vorreiter Pedersen
4f07474b62 C++: Also allow custom sources in taintedWithoutGlobals 2020-12-21 19:55:47 +01:00
Mathias Vorreiter Pedersen
f4f96fe257 C++: Use isSource in queries. These were the only queries that restrict the source after dataflow terminates. 2020-12-21 16:35:35 +01:00
Mathias Vorreiter Pedersen
0e84c638b6 C++: Add isSource to AdjustedConfiguration 2020-12-21 16:34:22 +01:00
Jonas Jensen
4308381057 Merge pull request #4846 from MathiasVP/default-taint-tracking-operand-instruction-interleaving 
C++: Instruction -> Operand interleaving for DefaultTaintTracking
 2020-12-21 12:44:06 +01:00
Jonas Jensen
3236cbd83e C++: Test the AST wrapper for IR GVN 
Out of our 3 GVN libraries, the one we actually use in production didn't
have tests -- except indirectly through `diff_ir_expr.ql`.
 2020-12-21 08:21:02 +01:00
Mathias Vorreiter Pedersen
b5102043b1 Fix comments. 2020-12-18 14:19:02 +01:00
Mathias Vorreiter Pedersen
f5e4725642 C++: Propagate flow from instruction's to non-exact operands for arrays and unions, and accept test changes. 2020-12-18 13:54:34 +01:00
Mathias Vorreiter Pedersen
2bf8e47932 Merge branch 'main' into default-taint-tracking-operand-instruction-interleaving 2020-12-18 11:59:10 +01:00
Mathias Vorreiter Pedersen
7ccd48e53c Make DefaultTaintTracking do operand->instruction->operand interleaving like DataFlowUtil. 2020-12-18 11:57:16 +01:00
Geoffrey White
dc4ca9b1b9 C++: Add qhelp and example. 2020-12-18 10:10:05 +00:00
Jonas Jensen
fd7dec7f20 Merge pull request #4824 from geoffw0/modelchanges5 
C++: Add cases in the Allocation model.
 2020-12-18 09:16:01 +01:00
Geoffrey White
fda531da49 C++: Add query precision. 2020-12-17 14:31:43 +00:00