hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,320 Commits 1,671 Branches 157 Tags
7e3e10c34b855d5423007358780e96e02cb1577a
Commit Graph

8762 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
ddbcdcb4ba Merge pull request #11160 from RasmusWL/dataflow-consistency-read-store 
DataFlow: Add read/store stepIsLocal consistency checks
 2022-11-11 14:51:45 +01:00
Jeroen Ketema
612624d241 C++: Recognize basic_string::iterator as an iterator 2022-11-11 14:04:50 +01:00
Jeroen Ketema
ba00a0f370 C++: Share parameter logic in std::string model 2022-11-11 08:48:11 +01:00
Jeroen Ketema
23e29e993b C++: Split std::string::insert off in a separate class 
The `insert` function has two different return types: `iterator` and
`basic_string&`.
 2022-11-11 08:48:01 +01:00
Rasmus Wriedt Larsen
88f703af1f DataFlow: Accept changes to .expected 2022-11-10 22:13:34 +01:00
Jeroen Ketema
62f5d10d03 C++: Fix localTaint expected results 2022-11-10 16:08:07 +01:00
Jeroen Ketema
62a0bcddd9 C++: Fix the accept prototype in the dataflow taint tests 2022-11-10 14:23:26 +01:00
Jeroen Ketema
e7576fdd1a Merge pull request #11197 from jketema/simplify-taint-test 
C++: Simplify dataflow taint test query
 2022-11-10 11:58:50 +01:00
Jeroen Ketema
4d7aeced3f C++: Simplify dataflow taint test query 
The complexity seems a left-over from before these tests were turned into
inline expectation tests, where the aim seems to have been to have exactly
one sink node for each `sink` call. Multiple sink nodes for the same `sink`
call are not made visible in the inline expecation tests, and I am not
conviced this was very useful before, so remove the complexity.
 2022-11-10 10:38:22 +01:00
Anders Schack-Mulligen
b3b7711149 Dataflow: Sync. 2022-11-09 14:23:15 +01:00
Jeroen Ketema
6a5f37b1b7 Merge pull request #11149 from geoffw0/wrong-number-msg 
C++: Clearer messages for the format args queries
 2022-11-08 20:44:10 +01:00
Jeroen Ketema
2bef82babc Merge pull request #11163 from jketema/missing-return 
C++: Add dataflow test that deliberately omits the return of a non-void function
 2022-11-08 16:00:36 +01:00
Geoffrey White
c8426776fc Merge branch 'main' into wrong-number-msg 2022-11-08 14:47:19 +00:00
Jeroen Ketema
fa2d58adff C++: Add dataflow test that deliberately omits the return of a non-void function 2022-11-08 15:12:34 +01:00
Rasmus Wriedt Larsen
4895daba85 DataFlow: Add read/store stepIsLocal consistency checks 2022-11-08 13:32:49 +01:00
Jeroen Ketema
c61a9c5911 C++: Also taint the return value dereference in the strcat model 2022-11-08 12:08:44 +01:00
Jeroen Ketema
0d4a2239fc C++: Fix wrong return types and missing statement in dataflow test 2022-11-08 09:55:10 +01:00
Geoffrey White
d72ea52f68 C++: More accurate test tags. 2022-11-07 16:32:46 +00:00
Geoffrey White
55a7adff20 C++: Make the message clearer. 2022-11-07 16:32:45 +00:00
Geoffrey White
b911556896 C++: Add a test showing the motivation. 2022-11-07 16:17:32 +00:00
Jeroen Ketema
d62e3f6bc2 Merge pull request #11137 from jketema/dataflow-test-fixes 
C++: Small fixes for the dataflow tests
 2022-11-07 11:07:09 +01:00
Anders Schack-Mulligen
99ca28ea9b Merge pull request #10886 from aschackmull/dataflow/joinorders 
Dataflow: Fix a couple of join-orders.
 2022-11-07 11:05:29 +01:00
Jeroen Ketema
291027ad82 C++: Fix return type in dataflow test 2022-11-07 09:42:54 +01:00
Jeroen Ketema
3b1feeef6d C++: Remove unneeded isAdditionalFlowStep from dataflow test 
Since the introduction of flow through global variables these additional
steps are no longer needed.
 2022-11-07 09:40:57 +01:00
github-actions[bot]
fca754bddd Post-release preparation for codeql-cli-2.11.3 2022-11-05 14:30:48 +00:00
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Tom Hvitved
05bf86acb6 Merge pull request #11126 from hvitved/cpp/position-overrides 
C++: Let `(Indirect|Direct)Position` be sub classes of `Position`
 2022-11-04 15:35:27 +01:00
Tom Hvitved
95835b8297 C++: Let (Indirect|Direct)Position be sub classes of Position 2022-11-04 14:31:18 +01:00
Anders Schack-Mulligen
a1dba82360 Dataflow: Sync. 2022-11-04 12:41:55 +01:00
Tom Hvitved
a533c95640 C++: Update expected test output 2022-11-03 15:52:30 +01:00
Tom Hvitved
d3488da0c2 Data flow: Sync files 2022-11-03 15:52:30 +01:00
Mathias Vorreiter Pedersen
1ca7c5b97d Merge pull request #11091 from JarLob/assign 
Fix AV Rule 76
 2022-11-03 13:06:10 +00:00
Mathias Vorreiter Pedersen
ad0b36a0c9 C++: Add change note. 2022-11-03 11:41:38 +00:00
JarLob
3317223e19 Fix AV Rule 76 2022-11-02 22:50:25 +01:00
Dave Bartolomeo
9d5e5e3ee7 ${workspace} all the things 2022-11-01 13:29:05 -04:00
Dave Bartolomeo
49c4c554c4 Merge from main 2022-11-01 13:22:40 -04:00
Jeroen Ketema
b43cbf7f95 Update cpp/ql/test/query-tests/Likely Bugs/Format/NonConstantFormat/test.cpp 
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
 2022-10-31 17:03:29 +01:00
Jeroen Ketema
abe9258943 C++: Add strcpy test for cpp/non-constant-format 2022-10-31 15:29:17 +01:00
Jeroen Ketema
83afc2a0ad C++: Add strcpy prototype to test 2022-10-31 15:25:35 +01:00
Rasmus Wriedt Larsen
8628ff5e52 Merge pull request #10999 from RasmusWL/inline-fail-tag 
InlineExpectationsTest: Fail if missing `getARelevantTag`
 2022-10-28 10:35:49 +02:00
Mathias Vorreiter Pedersen
22cdeec3fb Merge branch 'main' into printfprecision 2022-10-28 09:29:29 +02:00
Rasmus Wriedt Larsen
adf109b624 Merge branch 'main' into inline-fail-tag 2022-10-27 13:42:32 +02:00
Rasmus Wriedt Larsen
fc7eb5b4fc InlineExpectationsTest: sync 2022-10-27 09:02:28 +02:00
Dave Bartolomeo
23b572e9b7 Use ${workspace} for intra-workspace dependencies 
Now that the released CLI supports replacement variables in dependency version ranges, we can now mark our published library packs as depending on whatever version of their dependency is in our workspace, without having to manually bump the dependency version every release.

Note that when the packs are published, the dependencies in the published pack file are rewritten to have the correct specific version.
 2022-10-26 16:40:01 -04:00
Rasmus Wriedt Larsen
5e9897d150 InlineExpectationsTest: sync 2022-10-26 18:21:13 +02:00
Mathias Vorreiter Pedersen
58b6c45d27 Merge pull request #10958 from geoffw0/comma 
C++: Fix performance issue on cpp/comma-before-misleading-indentation
 2022-10-26 08:29:18 +02:00
Geoffrey White
257748d82b C++: Rename predicate. 2022-10-25 14:52:22 +01:00
Mathias Vorreiter Pedersen
6a7bcd384a Merge pull request #10939 from rdmarsh2/rdmarsh2/cpp/modulus-analysis-comments 
C++: additional comments for modulus analysis
 2022-10-25 14:29:54 +02:00
Geoffrey White
6f77e14aef C++: Fix rare performance issue on cpp/comma-before-misleading-indentation. 2022-10-24 18:21:10 +01:00
Paolo Tranquilli
15e5faf5b6 Merge branch 'main' into templ-func-prototype 2022-10-24 09:19:46 +02:00