hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,467 Commits 1,671 Branches 157 Tags
803e9fcb8825fd3134f3f6a686eebfd0a9ec6eda
Commit Graph

13710 Commits

Author SHA1 Message Date
Geoffrey White
803e9fcb88 Merge branch 'main' into fix-CWE-119-tests 2025-11-27 09:57:23 +00:00
Mingjie Shen
25a46a82ba C++: Use appropriate sizeof in CWE-119 memcpy tests 
Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2025-11-27 05:15:51 +00:00
Jeroen Ketema
4a8fbba521 Merge branch 'main' into felicity-fix-query-names 2025-11-26 16:01:34 +01:00
Felicity Chapman
caf6b950ac Remove trailing periods from @name metadata in query files 
Fixed 73 .ql query files where the @name metadata contained an ending period.
This ensures consistency with the CodeQL query metadata style guidelines.
 2025-11-26 14:29:51 +00:00
Mathias Vorreiter Pedersen
d869b00672 Merge pull request #20899 from MathiasVP/ignore-non-type-template-params 
C++: Ignore non-type template parameters when matching signatures in MaD
 2025-11-26 14:26:45 +00:00
Jeroen Ketema
adc13e374e Merge pull request #20920 from jketema/feature-incorrect 
C++: Remove incorrect tests
 2025-11-26 15:01:50 +01:00
Jeroen Ketema
33c7057066 C++: Remove incorrect tests 
`__has_feature` is not available in GCC versions before GCC 14.

Our frontend was exposing `__has_feature` when emulating earlier versions of
GCC. This will be fixed with the latest major frontend update though.
 2025-11-26 13:42:43 +01:00
Mathias Vorreiter Pedersen
295dc6971f Merge branch 'main' into ignore-non-type-template-params 2025-11-25 15:37:25 +00:00
Mathias Vorreiter Pedersen
73b6fa69a9 C++: Fix Code Scanning alert. 2025-11-25 15:03:26 +00:00
Mathias Vorreiter Pedersen
0deac833e4 C++: Accept test changes. 2025-11-25 14:59:09 +00:00
Mathias Vorreiter Pedersen
05737af165 C++: Only support non-type template parameters in tail position. 2025-11-25 14:55:44 +00:00
Mathias Vorreiter Pedersen
faa55f50e7 C++: Add another test with a template function whose non-type template parameter is in tail position. 2025-11-25 14:55:18 +00:00
Jeroen Ketema
861ca7526e Merge branch 'main' into canonical-content 2025-11-25 14:08:42 +01:00
Mathias Vorreiter Pedersen
2024f32e81 C++: Add an example with missing flow. 2025-11-25 12:36:29 +00:00
Mathias Vorreiter Pedersen
47ab307410 C++: Respond to review comments. 2025-11-25 12:06:58 +00:00
Mathias Vorreiter Pedersen
eb6b08591d Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-24 15:01:09 +00:00
Mathias Vorreiter Pedersen
2e53370716 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-24 15:01:00 +00:00
Ian Lynagh
555301cec7 Merge pull request #20874 from igfoo/igfoo/overlay 
C++: Add the beginnings of overlay support
 2025-11-24 14:11:09 +00:00
Mathias Vorreiter Pedersen
0487e0622a C++: Accept test changes from tests that use getAQlClass. 2025-11-24 14:04:35 +00:00
Mathias Vorreiter Pedersen
6bae58e29c C++: Accept more test changes. 2025-11-24 12:35:19 +00:00
Mathias Vorreiter Pedersen
ecb80cb4fc C++: Represent field content using a column that is shared by all template instantiations. 2025-11-24 12:29:49 +00:00
Mathias Vorreiter Pedersen
fd566780a6 Update cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-24 12:17:06 +00:00
Mathias Vorreiter Pedersen
98879d0f1a C++: Accept test changes. 2025-11-24 12:06:38 +00:00
Mathias Vorreiter Pedersen
732e55df11 C++: Ignore template non-type parameters in MaD signature matching. 2025-11-24 12:06:24 +00:00
Mathias Vorreiter Pedersen
c9e9322143 C++: Add an example of missing MaD supporrt for non-type template parameters. 2025-11-24 12:02:54 +00:00
Ian Lynagh
6c7370ea95 C++: Add up/downgrade scripts 2025-11-21 11:30:58 +00:00
Ian Lynagh
c2f96b94e3 C++: Update stats 2025-11-21 11:30:40 +00:00
Ian Lynagh
d5399300e9 C++: Add databaseMetadata and overlayChangedFiles tables to dbscheme 2025-11-21 11:30:40 +00:00
Mingjie Shen
b293dfe3a6 C++: Fix CWE-119 memcpy tests 
sizeof(pointer) only gives the pointer size, not the buffer
size, so use explicit 10/20 lengths in tests.cpp and update
OverflowBuffer.expected to accept the resulting memcpy diagnostics.

Signed-off-by: Mingjie Shen <shen497@purdue.edu>
 2025-11-19 22:06:06 +00:00
Ian Lynagh
42f0ce74ca C++: Enable overlay compilation 2025-11-19 17:34:06 +00:00
Mathias Vorreiter Pedersen
6c4def13b4 C++: Add change note. 2025-11-19 17:24:30 +00:00
Mathias Vorreiter Pedersen
4c09e554fc Merge branch 'main' into union-content-field-content-common-base-class 2025-11-19 17:17:45 +00:00
Jeroen Ketema
fe3f90e041 C++: Make getExpandedArgument more robust 
This make the predicate give back sensible results on (upgraded) databases
where we do not have expanded arguments, and avoid having to write case
distinctions in places where we would want to use `getExpandedArgument`.
 2025-11-19 12:49:54 +01:00
Jeroen Ketema
e235e0473a C++: Fix getAnExpandedArgument 
The fix was accidentially lost when rebasing the branch that introduced this
predicate.
 2025-11-19 12:49:02 +01:00
Mathias Vorreiter Pedersen
9bfe847fda C++: Fix awful joins on bochs: 
```
Evaluated relational algebra for predicate DataFlowPrivate::storeStepImpl/4#b2c79f9a@13be12rc with tuple counts:
           9   ~0%    {3} r1 = JOIN `FlowSummaryImpl::Private::Steps::summaryStoreStep/3#5c2d4899` WITH DataFlowUtil::TFlowSummaryNode#40da8361 ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Rhs.1
           9   ~0%    {4}    | JOIN WITH DataFlowUtil::TFlowSummaryNode#40da8361 ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Rhs.1, _
           9  ~12%    {4}    | REWRITE WITH Out.3 := true

     1853420   ~0%    {3} r2 = SCAN `DataFlowPrivate::nodeHasInstruction/3#f469bb06` OUTPUT In.1, In.0, In.2
      100282   ~0%    {3}    | JOIN WITH `Instruction::StoreInstruction.getDestinationAddressOperand/0#dispred#596a4aba` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2
      127910   ~0%    {6}    | JOIN WITH `DataFlowPrivate::numberOfLoadsFromOperand/4#7e555666_1023#join_rhs` ON FIRST 1 OUTPUT _, Lhs.1, Rhs.1, Rhs.3, Lhs.2, Rhs.2
      127910   ~0%    {4}    | REWRITE WITH Tmp.0 := 1, Out.0 := (Tmp.0 + In.4 + In.5) KEEPING 4
  4178182721   ~1%    {4}    | JOIN WITH `DataFlowUtil::FieldContent.getIndirectionIndex/0#dispred#cc69866f_10#join_rhs` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3
  4290552803   ~0%    {5}    | JOIN WITH `DataFlowUtil::FieldContent.getAField/0#dispred#ba1c91e5` ON FIRST 1 OUTPUT Lhs.2, Lhs.1, Lhs.3, Lhs.0, Rhs.1
  3033745816   ~5%    {7}    | JOIN WITH DataFlowUtil::PostFieldUpdateNode#b86f3a84_1023#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3, Lhs.4, Rhs.2, Rhs.3
  3033745816   ~3%    {9}    | JOIN WITH DataFlowUtil::TPostUpdateNodeImpl#f5e76b7a_21#join_rhs ON FIRST 1 OUTPUT Lhs.1, Lhs.2, Lhs.3, Lhs.4, Lhs.0, Lhs.5, Lhs.6, Rhs.1, _
                      {8}    | REWRITE WITH Tmp.8 := 1, TEST InOut.7 = Tmp.8 KEEPING 8
  1516872908   ~0%    {7}    | SCAN OUTPUT In.4, In.5, In.6, In.0, In.1, In.2, In.3
  2409090286   ~1%    {6}    | JOIN WITH DataFlowUtil::PostFieldUpdateNode#b86f3a84_0231#join_rhs ON FIRST 3 OUTPUT Rhs.3, Lhs.6, Lhs.3, Lhs.4, Lhs.5, Lhs.0
       66016  ~45%    {4}    | JOIN WITH `DataFlowUtil::FieldAddress.getField/0#dispred#bdd01c1a` ON FIRST 2 OUTPUT Lhs.2, Lhs.4, Lhs.5, Lhs.3

       66025  ~45%    {4} r3 = r1 UNION r2
                      return r3
```
 2025-11-19 10:08:09 +00:00
Mathias Vorreiter Pedersen
4279a970fa C++: Remove unnecessary cast. 2025-11-18 20:03:24 +00:00
Mathias Vorreiter Pedersen
a27ac9d59d C++: Updated expected after Copilot change. 2025-11-18 20:03:10 +00:00
Mathias Vorreiter Pedersen
6b136e3a53 Update cpp/ql/test/library-tests/types/sizeof/sizeof.ql 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-18 20:00:32 +00:00
Mathias Vorreiter Pedersen
d4a8dbb5f3 C++: Slightly modify a test so that we can see the effect of this change. 2025-11-18 19:52:30 +00:00
Mathias Vorreiter Pedersen
a5601ce734 C++: Lift 'getTypeOperand' to the superclass. 2025-11-18 19:52:05 +00:00
Mathias Vorreiter Pedersen
7f0fcb0c46 C++: Create a common base class for 'NonUnionContent' and 'UnionContent' called 'FieldContent'. 2025-11-18 18:53:37 +00:00
Mathias Vorreiter Pedersen
7527d88762 C++: Get rid of abstract'ness from these public predicates. We are not supposed to have abstract public stuff. Oops ... 2025-11-18 18:52:20 +00:00
Mathias Vorreiter Pedersen
2af6db6320 C++: Rename 'FieldContent' to 'NonUnionContent'. 2025-11-18 18:51:33 +00:00
Paolo Tranquilli
48ee9dd149 Merge branch 'main' into post-release-prep/codeql-cli-2.23.6 2025-11-18 12:18:09 +01:00
github-actions[bot]
5ee45af3aa Post-release preparation for codeql-cli-2.23.6 2025-11-18 09:53:12 +00:00
Mathias Vorreiter Pedersen
47ac4dd1dc C++: Add 'nomagic' to 'getParameter'. 2025-11-17 19:21:37 +00:00
github-actions[bot]
18fa6799ce Release preparation for version 2.23.6 2025-11-17 16:38:07 +00:00
Jeroen Ketema
1671805598 Merge pull request #20831 from jketema/expanded 
C++: Extract the expanded compiler arguments
 2025-11-17 13:58:24 +01:00
Jeroen Ketema
1df47cc747 C++: Fix QL-for-QL warning 2025-11-17 11:17:57 +01:00
Jeroen Ketema
15393ae621 C++: Add change note 2025-11-17 11:17:56 +01:00