hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-31 07:12:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,861 Commits 1,684 Branches 159 Tags
81e4f9165e404770af0ed8e9dfaba29b2960f4ab
Commit Graph

7617 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
faaa2cedcd Merge pull request #8849 from JohnMcSandwich/main 
C++: add new Windows pool allocation functions in `Allocation.qll`
 2022-04-25 12:46:31 +01:00
Tom Hvitved
bffa8fa7cb Merge pull request #8641 from hvitved/dataflow/interpret-read-store 
Data flow: Introduce `ContentSet`
 2022-04-25 12:17:34 +02:00
Mathias Vorreiter Pedersen
516ef8d27a Update cpp/ql/lib/change-notes/2022-04-25-windows-pool-allocation-functions.md 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2022-04-25 10:54:12 +01:00
Mathias Vorreiter Pedersen
12c8d9c60e C++: Add change note. 2022-04-25 10:51:49 +01:00
JohnMcSandwich
b3dff77d1a C++: add new Windows pool allocation functions in Allocation.qll 
Add:
 - ExAllocatePool2
 - ExAllocatePool3
 - ExAllocatePoolZero
 2022-04-25 10:21:42 +02:00
Mathias Vorreiter Pedersen
e8b6bfbe0e Merge pull request #8813 from jketema/buffer 
C++: Cover variable sized member arrays without a size in `Buffer.qll`
 2022-04-25 09:20:31 +01:00
Tom Hvitved
2466288656 Data flow: Simplify revFlowStore 2022-04-25 10:11:54 +02:00
Tom Hvitved
cf0a1e748a Add change notes 2022-04-25 09:17:40 +02:00
Mathias Vorreiter Pedersen
1e61fdde8b Merge pull request #8815 from jketema/unreachable-test-case 
C++: Add non-returning function test case using `__builtin_expect`
 2022-04-22 16:47:44 +01:00
Jeroen Ketema
97d4a12fb2 C++: Add non-returning function test case using __builtin_expect 2022-04-22 17:10:54 +02:00
Jeroen Ketema
dee0f09197 C++: Cover variable sized member arrays without a size in Buffer.qll 
Currently the extractor incorrectly emits 0 for the array `data` below:
```
struct myStruct { // c
   ...
   char data[]; // v
};
```
This will change in the future, and  no size will be emitted anymore.
This commit makes sure `Buffer.qll` handles arrays without sizes.
 2022-04-22 16:57:24 +02:00
Robert Marsh
ebdf553621 Merge pull request #8806 from dbartol/dbartol/typedefs/work 
C++: Work around missing size for typedef
 2022-04-22 10:09:24 -04:00
Tom Hvitved
bc6ee10583 Data flow: Sync files 2022-04-22 15:10:00 +02:00
Tom Hvitved
b033f107df Merge remote-tracking branch 'upstream/main' into dataflow/interpret-read-store 2022-04-22 14:35:02 +02:00
Mathias Vorreiter Pedersen
52dc016a7a Merge pull request #8798 from jketema/using 
C++: Fix tests after extractor changes that improve `using` position accuracy
 2022-04-22 08:15:34 +01:00
Dave Bartolomeo
83fdff54c4 Work around missing size for typedef 
See #8805 for the underlying issue. The symptom was bad IR generation on a large number of functions because we never generated an `IRVariable` for a parameter with the affected type.
 2022-04-21 16:16:09 -04:00
Jeroen Ketema
a09fd8c35e C++: Fix the layout of comments in getBufferSize 2022-04-21 17:42:10 +02:00
Jeroen Ketema
8139e1a2a8 C++: Fix tests after extractor changes that improve using position accuracy 2022-04-21 17:36:11 +02:00
Mathias Vorreiter Pedersen
966c6f108b Merge pull request #8720 from MathiasVP/smaller-join-in-get-root-cause 
C++: Remove TC from `Element.getRootCause`
 2022-04-21 08:23:05 +01:00
Mathias Vorreiter Pedersen
3388196c27 Merge branch 'main' into smaller-join-in-get-root-cause 2022-04-20 11:16:00 +01:00
Anders Schack-Mulligen
48fbbf2531 Dataflow: Add change notes. 2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
b521d64156 Dataflow: Sync. 2022-04-19 15:29:35 +02:00
Anders Schack-Mulligen
82463c9290 Merge pull request #8774 from MathiasVP/nomagic-revPartialPathStep 
Add `nomagic` to `revPartialPathStep`
 2022-04-19 14:02:04 +02:00
Geoffrey White
0aa1945f30 C++: Comments. 2022-04-19 10:04:15 +01:00
Mathias Vorreiter Pedersen
91b413d59f Dataflow: Sync identical files. 2022-04-19 09:57:21 +01:00
Mathias Vorreiter Pedersen
d5722ffa61 C++: Add 'nomagic' to 'revPartialPathStep'. 2022-04-19 09:56:41 +01:00
Geoffrey White
8a32c17c56 C++: Fix the issue. 2022-04-14 17:03:28 +01:00
Geoffrey White
cb211f8844 Merge pull request #8599 from 4B5F5F4B/main 
C++: refactor some code, and add access_ok cases
 2022-04-11 15:57:27 +01:00
Mathias Vorreiter Pedersen
e86b6b182f C++: Remove TC from 'Element.getRootCause'. 2022-04-11 15:27:10 +01:00
Jeroen Ketema
4cfe04567f Merge pull request #8702 from jketema/command-line-sanitizer 
C++: Use `isSanitizerOut(DataFlow::Node node)` in `cpp/command-line-injection`
 2022-04-08 23:42:35 +02:00
Edoardo Pirovano
f25618eed6 Bump minor version of all packs 2022-04-08 15:38:58 +01:00
Edoardo Pirovano
ce82c54b94 Merge branch 'main' into edoardo/3.5-mergeback 2022-04-08 15:30:58 +01:00
Jeroen Ketema
83d35a9a96 C++: Use isSanitizerOut(DataFlow::Node node) in cpp/command-line-injection 2022-04-08 11:28:17 +02:00
Anders Schack-Mulligen
4eaec3953a Merge pull request #8694 from aschackmull/dataflow/cleanup-unused 
Dataflow: Cleanup unused column
 2022-04-07 15:16:27 +02:00
Anders Schack-Mulligen
7beed570f2 Dataflow: Sync. 2022-04-07 13:53:48 +02:00
Jeroen Ketema
bfe9fb1721 Revert "Revert "Merge pull request #8592 from jketema/implied-cctor-source"" 
This reverts commit b1d9a070f4.
 2022-04-07 12:29:43 +02:00
Jeroen Ketema
b1d9a070f4 Revert "Merge pull request #8592 from jketema/implied-cctor-source" 
This reverts commit d4834cb7ff, reversing
changes made to 268a3fd1c5.
 2022-04-07 12:02:37 +02:00
Mathias Vorreiter Pedersen
d4834cb7ff Merge pull request #8592 from jketema/implied-cctor-source 
C++: Add tests for copy constructor calls with implied source
 2022-04-07 11:00:40 +01:00
Tom Hvitved
4099d1318f Data flow: Tweak two join-orders 
Before
```
[2022-04-06 13:19:29] (96s) Tuple counts for DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff/2@i14#aa10f2wi after 4.4s:
                      10681    ~0%     {2} r1 = SCAN DataFlowImpl2::Stage1::revFlow#7ad53399#fff#prev_delta OUTPUT In.0, In.2 'config'
                      982      ~1%     {3} r2 = JOIN r1 WITH DataFlowImpl2::readSet#7ad53399#ffff_2301#join_rhs ON FIRST 2 OUTPUT Rhs.3, Lhs.1 'config', Rhs.2
                      83691528 ~2%     {3} r3 = JOIN r2 WITH DataFlowPublic::ContentSet::getAReadContent#dispred#f0820431#ff ON FIRST 1 OUTPUT Lhs.1 'config', Lhs.2, Rhs.1 'c'
                      83581763 ~2%     {3} r4 = r3 AND NOT DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff#prev(Lhs.2 'c', Lhs.0 'config')
                      83581763 ~0%     {3} r5 = SCAN r4 OUTPUT In.2 'c', In.0 'config', In.1
                      0        ~0%     {3} r6 = JOIN r5 WITH DataFlowImpl2::Stage1::fwdFlowConsCand#7ad53399#ff ON FIRST 2 OUTPUT Lhs.2, Lhs.1 'config', Lhs.0 'c'
                      0        ~0%     {2} r7 = JOIN r6 WITH DataFlowImpl2::Stage1::fwdFlow#7ad53399#2#fff_02#join_rhs ON FIRST 2 OUTPUT Lhs.2 'c', Lhs.1 'config'
                                       return r7
```

After
```
[2022-04-06 13:44:38] (6s) Tuple counts for DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff/2@i14#5abbf2wn after 6ms:
                      10681  ~0%     {2} r1 = SCAN DataFlowImpl2::Stage1::revFlow#7ad53399#fff#prev_delta OUTPUT In.0, In.2 'config'
                      982    ~1%     {3} r2 = JOIN r1 WITH DataFlowImpl2::readSet#7ad53399#ffff_2301#join_rhs ON FIRST 2 OUTPUT Rhs.3, Lhs.1 'config', Rhs.2
                      109765 ~0%     {3} r3 = JOIN r2 WITH DataFlowImpl2::Stage1::fwdFlowConsCandSet#7ad53399#fff#reorder_0_2_1 ON FIRST 2 OUTPUT Lhs.1 'config', Lhs.2, Rhs.2 'c'
                      0      ~0%     {3} r4 = r3 AND NOT DataFlowImpl2::Stage1::revFlowConsCand#7ad53399#ff#prev(Lhs.2 'c', Lhs.0 'config')
                      0      ~0%     {3} r5 = SCAN r4 OUTPUT In.1, In.0 'config', In.2 'c'
                      0      ~0%     {2} r6 = JOIN r5 WITH DataFlowImpl2::Stage1::fwdFlow#7ad53399#2#fff_02#join_rhs ON FIRST 2 OUTPUT Lhs.2 'c', Lhs.1 'config'
                                     return r6
```
 2022-04-06 13:52:30 +02:00
4B5F5F4B
04538d0599 Autoformated to make CodeQL happy 2022-04-06 11:59:26 +08:00
Jeroen Ketema
d19504fca2 C++: Add cpp/unused-local-variable test case with switch initializer 
This is similar to the test case with the `if` initializer, and we should
not forget about it once we support `if` initialization.
 2022-04-05 18:27:53 +02:00
Geoffrey White
04b8306f06 C++: Add some more patterns. 2022-04-04 16:57:00 +01:00
Geoffrey White
d2e7f22d1b C++: Group all phone number related exprs together. 2022-04-04 16:48:03 +01:00
Geoffrey White
d42ee7d279 C++: Extend tests. 2022-04-04 16:46:56 +01:00
Tom Hvitved
d99bb65ea9 C++: Implement ContentSet 2022-04-04 13:51:44 +02:00
Tom Hvitved
c4fbc618a9 Data flow: Sync files 2022-04-04 13:51:44 +02:00
Jeroen Ketema
e91c04234e C++: Update tests for copy constructor calls with implied source 2022-04-04 12:48:02 +02:00
Jeroen Ketema
e710cf7921 C++: Add tests for copy constructor direct initializations 2022-04-04 12:48:01 +02:00
Jeroen Ketema
e1fa58a6f2 C++: Update tests after generating reference conversion 2022-04-01 18:32:46 +02:00
Jeroen Ketema
1d51b618d1 C++: Update tests for handling op bitwise copy in lambda captures 2022-04-01 18:32:46 +02:00