codeql

mirror of https://github.com/github/codeql.git synced 2026-03-02 05:43:54 +01:00

Author	SHA1	Message	Date
$REDMOND\brodes$ REDMOND\brodes	74ce7cd188	Crypto: Moving all data flow analyses to taint tracking.	2025-08-28 20:40:05 -04:00
$REDMOND\brodes$ REDMOND\brodes	7c8177de97	Crypto: Added missing ArtifactPassthrough.qll (forgot to add to merged in branch). Acronym casing fix.	2025-08-26 17:12:21 -04:00
$REDMOND\brodes$ REDMOND\brodes	938b47c2ad	Crypto: Debug missing hashes associated with HMAC. EVP_PKEY_get1_RSA is now just a passthrough, it is not a known implicit operation call. Some final operations generating null outputs are now removed from possible final operartions (typically used to determine buffer lenghth and not actually performing the operation). Misc. false positive/error fixes and code clean up, and added missing models.	2025-08-26 16:07:04 -04:00
$REDMOND\brodes$ REDMOND\brodes	422352c632	Crypto: Continued refactoring of operation steps and bug fixes.	2025-08-26 11:49:26 -04:00
$REDMOND\brodes$ REDMOND\brodes	48dc280e6c	Crypto: Fix issue with OAEP padding edges regressing.	2025-08-26 08:51:52 -04:00
$REDMOND\brodes$ REDMOND\brodes	5d29240f27	Crypto: OperationStep overhaul to account for errors and missing interproc flow.	2025-08-25 16:59:09 -04:00
$REDMOND\brodes$ REDMOND\brodes	b7ceeb399f	Crypto: nodes.expected update and removed dead code from Language.qll	2025-08-22 14:50:31 -04:00
$REDMOND\brodes$ REDMOND\brodes	ec7e41cb30	Crypto: Fixed issues in CBOM representations (gaps in the underlying model) and simplified unit tests in terms of the graph complexity to aid visual assessments of model correctness.	2025-08-21 15:05:45 -04:00
Ben Rodes	65ff72719e	Merge branch 'main' into signature_model_refactor	2025-08-20 12:34:06 -04:00
Mathias Vorreiter Pedersen	af00e46fc8	C++: Mark fprintf and friends as a partial write of the stream argument.	2025-08-18 18:15:14 +02:00
Mathias Vorreiter Pedersen	4551875e2e	C++: Drive-by improvement: Use 'partialFlowFunc' since it is in scope anyway.	2025-08-18 18:10:35 +02:00
Mathias Vorreiter Pedersen	9c3bb87b89	C++: Add change note.	2025-08-13 16:42:39 +02:00
Mathias Vorreiter Pedersen	9ee313ff0a	C++: Remove code that is now subsumed.	2025-08-13 16:29:49 +02:00
Mathias Vorreiter Pedersen	bf4a84ba8f	C++: Drive-by: Add forgotten disjuncts involving '__builtin_expect'.	2025-08-13 16:29:42 +02:00
Mathias Vorreiter Pedersen	e6cd27a992	C++: Skip non-Boolean instructions in the new inference step.	2025-08-13 16:20:21 +02:00
Mathias Vorreiter Pedersen	e67b6d6c9a	C++: Add another inference step.	2025-08-13 16:20:19 +02:00
Jeroen Ketema	f9f99a043c	Merge pull request #20126 from MathiasVP/fix-missing-global-flow C++: Fix missing global variable flow	2025-08-11 11:54:35 +02:00
Mathias Vorreiter Pedersen	c8eb1cf826	C++: Add change note.	2025-08-11 11:28:53 +02:00
Mathias Vorreiter Pedersen	851cb04d36	Merge pull request #20193 from MathiasVP/fix-fp-in-overflow-buffer C++: Fix FP in `cpp/overflow-buffer`	2025-08-11 10:45:06 +02:00
Mathias Vorreiter Pedersen	ccfcd90f08	Merge pull request #20156 from MathiasVP/value-numbering-for-noop-casts C++: Value numbering for casts that only modify specifiers	2025-08-11 10:33:58 +02:00
Mathias Vorreiter Pedersen	56aacb1e55	Merge pull request #20145 from MathiasVP/fix-type-error-in-ir C++: Fix missing `bool` -> `int` conversions in C code	2025-08-11 10:26:54 +02:00
Mathias Vorreiter Pedersen	d76ce4fb69	C++: Also handle reference types when computing 'trueSize'.	2025-08-08 15:12:45 +01:00
github-actions[bot]	fb4b0aac53	Post-release preparation for codeql-cli-2.22.3	2025-08-04 17:18:08 +00:00
github-actions[bot]	fd82aeb1f8	Release preparation for version 2.22.3	2025-08-04 15:47:57 +00:00
Mathias Vorreiter Pedersen	65b1b7f63e	C++: Add change note.	2025-08-03 12:17:37 +01:00
Mathias Vorreiter Pedersen	c726285cac	C++: Sync identical files.	2025-08-03 12:17:31 +01:00
Mathias Vorreiter Pedersen	0d9e298250	C++: Specifier-only converting instructions preserve GVNs.	2025-08-03 12:17:19 +01:00
Mathias Vorreiter Pedersen	73e4bfdd3e	C++: Fix missing flow by also generating final global uses for functions that have a post-update node for the global variable.	2025-08-02 16:41:23 +01:00
Mathias Vorreiter Pedersen	7561190bd1	C++: Fix type errors in C code.	2025-08-01 16:09:42 +01:00
Mathias Vorreiter Pedersen	0e9286dd34	C++: Fix QLDoc.	2025-08-01 11:37:12 +01:00
Mathias Vorreiter Pedersen	b70836e241	C++: Modify the API to not expose dataflow nodes.	2025-08-01 11:34:49 +01:00
Mathias Vorreiter Pedersen	33d05984c8	C++: Stick the exposed SSA classes into a public SSA module.	2025-08-01 11:34:47 +01:00
Mathias Vorreiter Pedersen	32e6d0934e	C++: Drive-by fix: These files imported both the public dataflow files and the internal ones. Let's only import the internal ones.	2025-08-01 11:34:45 +01:00
Mathias Vorreiter Pedersen	7ede3aa516	C++: Fix imports.	2025-08-01 10:35:34 +01:00
Mathias Vorreiter Pedersen	0d91622d18	C++: Rename SsaInternals to SsaImpl and SsaInternalsCommon to SsaImplCommon.	2025-08-01 10:34:14 +01:00
Mathias Vorreiter Pedersen	c8f4b287d1	C++: Add a comment on the old SSA library.	2025-07-31 14:07:38 +01:00
Mathias Vorreiter Pedersen	7e93b99ff9	C++: Add change note.	2025-07-31 13:57:19 +01:00
Mathias Vorreiter Pedersen	8691075aae	Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-07-31 13:52:21 +01:00
Mathias Vorreiter Pedersen	5a91aa2105	C++: Expose SSA definitions from dataflow.	2025-07-31 13:45:03 +01:00
Mathias Vorreiter Pedersen	1dae787605	C++: Drive-by fix suggested by Schack. This now matches the predicate in C#.	2025-07-31 12:58:05 +01:00
Anders Schack-Mulligen	3b8234ecec	SSA: Update data flow integration and BarrierGuard interface to use GuardValue.	2025-07-28 11:29:12 +02:00
Mathias Vorreiter Pedersen	5da7ae877b	Merge pull request #20115 from MathiasVP/add-more-windows-memcpy-functions C++: Add some more Windows specific memory copy models	2025-07-23 16:10:56 +01:00
Mathias Vorreiter Pedersen	9d736723fb	C++: Add more Windows specific models for memcpy-like tings.	2025-07-23 13:45:20 +01:00
Mathias Vorreiter Pedersen	3a977b86d4	Update cpp/ql/lib/semmle/code/cpp/security/ProductFlowUtils/ProductFlowUtils.qll Co-authored-by: Idriss Riouak <idrissrio@github.com>	2025-07-23 12:27:38 +01:00
Mathias Vorreiter Pedersen	5d6c4a63bb	Update cpp/ql/lib/semmle/code/cpp/security/ProductFlowUtils/ProductFlowUtils.qll Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-07-23 11:53:55 +01:00
Mathias Vorreiter Pedersen	019447b681	C++: Add change note.	2025-07-23 11:49:07 +01:00
Mathias Vorreiter Pedersen	a1f4246c5f	C++: Extract the barriers from 'cpp/invalid-pointer-deref' into a library.	2025-07-22 18:35:29 +01:00
github-actions[bot]	37cc78255a	Post-release preparation for codeql-cli-2.22.2	2025-07-22 14:22:20 +00:00
Nick Rolfe	43d14c28c2	Tweak changenotes	2025-07-22 15:06:09 +01:00
github-actions[bot]	997547b8ef	Release preparation for version 2.22.2	2025-07-22 14:04:14 +00:00

1 2 3 4 5 ...

3748 Commits