hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,348 Commits 1,747 Branches 166 Tags
81d06e2ce6256507ba5e2e8109bcbe69280fc47e
Commit Graph

8348 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonas Jensen
81d06e2ce6 C++: Update annotation in test file 2019-11-13 16:58:25 +01:00
Jonas Jensen
4ddac749af C++: Add change note 
Also fix discrepancies between `SignedOverflowCheck.ql` and its change
note.
 2019-11-13 14:43:30 +01:00
Jonas Jensen
2d72a9cdec C++: Rename query 
This new name is similar to its sister query "Signed overflow check".
 2019-11-13 14:40:27 +01:00
Jonas Jensen
1b849dbf0e C++: More principled macro exclusion 
We no longer exclude macros based on their name, which means we can now
find results inside arguments to the `likely` macro in Linux (except
that Linux is compiled with `-fno-strict-overflow`).
 2019-11-13 14:22:38 +01:00
Jonas Jensen
db33053422 C++: Add test for macro exclusions 2019-11-13 14:21:29 +01:00
Jonas Jensen
8d79634f8c C++: Factor out isFromMacroDefinition predicate 
This trick for excluding elements from macro bodies but not macro
arguments looks promising and should probably be used much more. With
this commit, it's now easy to use from any query.

Performance is still good because the new predicate gets appropriately
magiced.
 2019-11-13 14:07:33 +01:00
Jonas Jensen
d2009c53dc C++: Support GCC flags making ptr overflow defined 2019-11-13 14:07:33 +01:00
Jonas Jensen
463bf964a9 C++: Test showing FP with -fno-strict-overflow 2019-11-13 14:07:33 +01:00
Jonas Jensen
8ed991759c C++: Rename PointerWrapAround to PointerOverflow 
Overflow was the terminology I found for this in the C standard (C11
6.5.6-8).
 2019-11-13 14:06:58 +01:00
Jonas Jensen
bd08c64933 C++: Apply my own review comments from #2218 2019-11-13 14:05:23 +01:00
Jonas Jensen
18cc539c8d Merge branch 'master' into pointer-wraparound-query 2019-11-12 10:22:46 +01:00
Jonas Jensen
c36b73f09c Merge pull request #2232 from geoffw0/formatsymbols 
CPP: Fully support n$ in format strings
 2019-11-12 09:43:20 +01:00
Dave Bartolomeo
303bab61b5 Merge pull request #2289 from jbj/ConvertToNonVirtualBaseInstruction 
C++ IR: clearly distinguish between virtual and non-virtual base conversions
 2019-11-11 13:37:07 -07:00
Jonas Jensen
ec79bfacf8 Merge pull request #2249 from geoffw0/tlsperf 
CPP: TlsSettingsMisconfiguration.ql performance and cleanup
 2019-11-11 16:47:53 +01:00
Geoffrey White
a4250be72f CPP: Un-deprecate getNumArgNeeded(n). Turns out I missed a place where it's used. 2019-11-11 15:28:09 +00:00
Geoffrey White
ed87f25886 CPP: Performance improvement. 2019-11-11 15:28:09 +00:00
Geoffrey White
695d4ff511 CPP: Change note. 2019-11-11 15:28:08 +00:00
Geoffrey White
a9fbe221ba CPP: Try to make the predicate names and qldoc a bit more consistent. 2019-11-11 15:27:23 +00:00
Geoffrey White
dff21e02db CPP: Fully support positional arguments. 2019-11-11 15:27:23 +00:00
Geoffrey White
2430bf4c83 CPP: Deprecate helper version of getNumArgNeeded. 2019-11-11 15:27:23 +00:00
Geoffrey White
27478640f2 CPP: Bring the logic for argument indices together in getFormatArgumentIndexFor. 2019-11-11 15:27:22 +00:00
Geoffrey White
760884051c CPP: Add test cases using various combinations of width and precision specifiers, positional arguments, and flags. 2019-11-11 15:27:22 +00:00
Jonas Jensen
f2a9876c2a Merge pull request #2003 from geoffw0/formatarg 
CPP: WrongTypeFormatArguments.ql Fix
 2019-11-11 16:07:37 +01:00
Jonas Jensen
d9bdb2cd4e Merge pull request #2274 from geoffw0/oddsends 
CPP: Clean up new queries and libraries
 2019-11-11 16:05:20 +01:00
Taus
e576395c90 Merge pull request #2241 from RasmusWL/python-always-legacy-conf 
Python: Always enable legacy taint tracking configuration
 2019-11-11 16:00:04 +01:00
Jonas Jensen
eb55d964a8 C++: Fix semantic merge conflict 
This test output must have been wrong because I produced it with an
extractor that didn't have #2153 applied.
 2019-11-11 15:39:53 +01:00
James Fletcher
c33d28542e Merge pull request #2294 from felicitymay/1.22-mergeback-master 
1.22 mergeback master
 2019-11-11 14:14:09 +00:00
Geoffrey White
e77fefaf9e Merge pull request #2295 from jbj/self-comparison-templates 
C++: Suppress PointlessSelfComparison.ql on templates
 2019-11-11 14:12:55 +00:00
Felicity Chapman
37c78bf1ea Fix poor conflict resolution in training slides 2019-11-11 13:11:28 +00:00
Jonas Jensen
97cc0ebc8c C++: Suppress PointlessSelfComparison on templates 
It's a bit crude to suppress all results in instantiations, but we're
already using this kind of suppression in `PointlessComparison.ql`
(without the `Self`) because there is no convenient alternative. It
means we lose some good results but also suppress a new false positive
in Boost that surfaced after we added support for non-type template
parameters.
 2019-11-11 14:00:00 +01:00
Jonas Jensen
281d512178 C++: Add tests for self-comparison template FP 2019-11-11 13:52:22 +01:00
Felicity Chapman
b3c3677cbf Merge branch 'rc/1.22' into 1.22-mergeback-master 
Conflicts resolved in favour of master:
	docs/language/learn-ql/cpp/conversions-classes.rst
	docs/language/learn-ql/cpp/function-classes.rst
	docs/language/learn-ql/cpp/introduce-libraries-cpp.rst
	docs/language/learn-ql/csharp/ql-for-csharp.rst
	docs/language/learn-ql/javascript/introduce-libraries-ts.rst
	docs/language/learn-ql/python/introduce-libraries-python.rst
	docs/language/ql-training/cpp/bad-overflow-guard.rst
	docs/language/ql-training/cpp/control-flow-cpp.rst
	docs/language/ql-training/cpp/global-data-flow-cpp.rst
	docs/language/ql-training/cpp/intro-ql-cpp.rst
	docs/language/ql-training/cpp/program-representation-cpp.rst
	docs/language/ql-training/cpp/snprintf.rst
	docs/language/ql-training/index.rst
	docs/language/ql-training/java/global-data-flow-java.rst
	docs/language/ql-training/java/intro-ql-java.rst
	docs/language/ql-training/java/program-representation-java.rst
	docs/language/ql-training/java/query-injection-java.rst
 2019-11-11 10:18:43 +00:00
Rasmus Wriedt Larsen
9151a7e433 Python: Always enable legacy taint tracking configuration 
If the legacy configuration is only enabled if there are no other
configurations, defining a configuration in an imported library can lead to
unwanted results. For example, code that uses `any(MyTaintKind t).taints(node)`
would *stop* working, if it did not define its own configuration. (this actually
happened to us)

We performed a dist-compare to ensure there is not a performance deg ration by
doing this. Results at https://git.semmle.com/gist/rasmuswl/a1eca07f3a92f5f65ee78d733e5d260e

Tests that were affected by this:

- RockPaperScissors + Simple: new edges because no configuration was defined for
  SqlInjectionTaint or CommandInjectionTaint
- CleartextLogging + CleartextStorage: new edges because no configuration was
  defined before, AND duplicate deges.
- TestNode: new edges because no configuration was defined before

- PathInjection: Duplicate edges
- TarSlip: Duplicate edges
- CommandInjection: Duplicate edges
- ReflectedXss: Duplicate edges
- SqlInjection: Duplicate edges
- CodeInjection: Duplicate edges
- StackTraceExposure: Duplicate edges
- UnsafeDeserialization: Duplicate edges
- UrlRedirect: Duplicate edges
 2019-11-11 11:17:21 +01:00
Anders Schack-Mulligen
b0fecbce28 Merge pull request #2230 from yh-semmle/java-move-cwe502-lib 
Java: move `UnsafeDeserialization.qll` to standard library location
 2019-11-11 10:44:52 +01:00
Felicity Chapman
c4f958d396 Merge pull request #2263 from sauyon/master 
Update links to OWASP cheat sheet
 2019-11-11 08:51:52 +00:00
Jonas Jensen
751263db91 C++: Use ConvertToBaseInstruction in IR data flow 
This should make virtual dispatch work also for virtual bases.
 2019-11-10 11:17:35 +01:00
Jonas Jensen
7758b43e34 C++: Add ConvertToBase{Opcode,Instruction} classes 
These should make it easy to match base-class conversions when it's not
important whether the base class is virtual.
 2019-11-10 11:09:54 +01:00
Jonas Jensen
279fc16b60 C++: ConvertToBase -> ConvertToNonVirtualBase 
This rename was done with

    perl -p -i -e's/ConvertToBase/ConvertToNonVirtualBase/g' **/*.ql* **/*.expected

followed by re-running the affected tests.
 2019-11-10 10:35:53 +01:00
James Fletcher
aa05908d19 Merge pull request #2287 from felicitymay/1.22/support-codeql 
1.22: Update for support info for CodeQL term change
 2019-11-09 22:07:34 +00:00
Felicity Chapman
25eb1d0cc9 Update for CodeQL term change and port nav changes 2019-11-09 14:36:35 +00:00
Jonas Jensen
f3e691b5ec Merge pull request #2075 from zlaski-semmle/zlaski/cpp434 
[CPP-434] Detect signed overflow checks
 2019-11-09 09:57:23 +01:00
Ziemowit Laski
7a4c4b62f6 [zlaski/pointer-overflow-check] Rename PointerOverflowCheck -> PointerWrapAround. 2019-11-08 14:54:20 -08:00
Ziemowit Laski
f2105867a8 [zlaski/pointer-overflow-check] Enhance qhelp and test case. 2019-11-08 14:36:33 -08:00
Robert Marsh
b812a0338d Merge pull request #2268 from dave-bartolomeo/dbartol/StringLiteralAlias 
C++/C#: Treat string literals like read-only global variables for alias purposes
 2019-11-08 12:43:57 -08:00
Dave Bartolomeo
c365b2f2f0 Merge from master 
Resolve conflicts in test output
 2019-11-08 10:42:29 -07:00
Dave Bartolomeo
2b89139d5f Merge pull request #2269 from rdmarsh2/rdmarsh/cpp/uninit-string-initializers 
C++: uninit instr for string literal initializers
 2019-11-08 10:33:57 -07:00
Geoffrey White
58b6fc6bbf CPP: Autoformat. 2019-11-08 16:06:23 +00:00
Taus
7527f13443 Merge pull request #2283 from RasmusWL/python-fix-python2-specific-tests 
Python: fix python2 specific tests
 2019-11-08 17:03:54 +01:00
Geoffrey White
983a970c36 CPP: Autoformat. 2019-11-08 15:59:04 +00:00
Geoffrey White
d434f909a5 CPP: Correct change note. 2019-11-08 15:10:44 +00:00