hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-04 18:20:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
55,479 Commits 1,673 Branches 157 Tags
99d8ae720f72bcc8d1e5ab2ff01d5ee6f8ba466e
Commit Graph

365 Commits

Author SHA1 Message Date
Jeroen Ketema
272ced6ea5 Merge pull request #13374 from jketema/ptr-deref-min 
C++: Remove `cpp/invalid-pointer-deref` results duplicating ones with smaller `k`
 2023-06-05 19:31:24 +02:00
Jeroen Ketema
93215ba7e1 Merge pull request #13355 from jketema/ptr-deref-forward 
C++: Ensure that the sink instruction occurs last in `cpp/invalid-pointer-deref`
 2023-06-05 15:56:50 +02:00
Jeroen Ketema
4a27028768 C++: Remove cpp/invalid-pointer-deref results duplicating ones with smaller k 2023-06-05 15:03:58 +02:00
Jeroen Ketema
90f0209095 C++: Add cpp/invalid-pointer-deref test case with almost duplicated results 2023-06-05 15:03:57 +02:00
Jeroen Ketema
7f7b048f50 C++: Update expected test results 2023-06-05 15:00:11 +02:00
Mathias Vorreiter Pedersen
52fb00cac3 Merge pull request #12036 from nmouha/patch-1 
CPP: Add query for CVE-2022-37454: Integer addition may overflow inside if statement
 2023-06-05 12:13:27 +01:00
Jeroen Ketema
ac4933a9cc C++: Ensure that the sink instruction occurs last in cpp/invalid-pointer-deref 
This avoids some counter-intuitive paths where we would seemingly jump back
to an earlier instruction, which might actually have been in bounds.
 2023-06-02 12:36:34 +02:00
Jeroen Ketema
ace7b6b711 C++: Add cpp/invalid-pointer-deref FP test case 2023-05-31 11:54:53 +02:00
Jeroen Ketema
dd30acf1e3 C++: Add nodes query predicate to cpp/invalid-pointer-deref 2023-05-30 18:43:01 +02:00
Jeroen Ketema
f5ed02a433 C++: Take into account the delta at the final sink in cpp/invalid-pointer-deref 2023-05-30 18:33:20 +02:00
Jeroen Ketema
de974cc18a C++: Add cpp/invalid-pointer-deref test case that shows some duplicate results 2023-05-30 18:18:13 +02:00
Robert Marsh
b2fb2aa0d1 Merge pull request #13045 from rdmarsh2/rdmarsh2/cpp/improve-constant-off-by-one 
C++: stitch paths and ignore cast arrays in constant off-by-one query
 2023-05-26 12:47:08 -04:00
Jeroen Ketema
63657396c5 Merge pull request #13267 from MathiasVP/promote-overrun-write 
C++: Promote `cpp/overrun-write` out of experimental
 2023-05-26 11:34:26 +02:00
Mathias Vorreiter Pedersen
c3fdc83af6 C++: Also add an out barrier on all sinks. 2023-05-25 12:23:50 -07:00
Mathias Vorreiter Pedersen
ebc1d5feff Merge branch 'main' into rdmarsh2/cpp/improve-constant-off-by-one 2023-05-24 16:07:08 -07:00
Robert Marsh
7404bd9c4b Merge branch 'main' into rdmarsh2/cpp/cobo-neq-refinement 2023-05-24 14:13:38 -04:00
Jeroen Ketema
9a467f9d4e C++: Add cpp/invalid-pointer-deref FP test case 2023-05-24 13:52:19 +02:00
Jeroen Ketema
af378df712 C++: Add cpp/invalid-pointer-deref FP test case 2023-05-24 12:29:55 +02:00
Mathias Vorreiter Pedersen
0dfc9b996d C++: Promote 'cpp/overrun-write' out of experimental. 2023-05-23 14:57:42 -07:00
Robert Marsh
86ab9608cd C++: add test comments 2023-05-23 16:15:43 -04:00
Mathias Vorreiter Pedersen
b32d55a21d C++: Accept test changes. 2023-05-22 18:26:29 -07:00
Robert Marsh
6a997aba3b C++: fix equality refinement in new range analysis 2023-05-22 11:11:51 -04:00
Mathias Vorreiter Pedersen
e3a5805916 Merge pull request #13237 from jketema/pointer-deref-fp 
C++: Add `cpp/invalid-pointer-deref` false positives
 2023-05-22 14:27:14 +01:00
Jeroen Ketema
3f289b1c99 C++: Add cpp/invalid-pointer-deref false positives 2023-05-22 14:34:59 +02:00
Robert Marsh
bf07b0f97b C++: fix cxartesian product in constant off-by-one query 2023-05-19 18:32:09 -04:00
Mathias Vorreiter Pedersen
c15ebf83ee C++: Add testcase with FP (and also fix an incorrect test annotation). 2023-05-19 16:38:18 +01:00
Nicky Mouha
187299fcaf Update test.cpp 2023-05-17 15:20:54 -04:00
Nicky Mouha
ef57861789 Update IfStatementAdditionOverflow.expected 2023-05-17 15:19:52 -04:00
Jeroen Ketema
e3aecd3f1f Merge pull request #13200 from jketema/deref-subpath 
C++: Implement the `subpaths` query predicate for `cpp/invalid-pointer-deref`
 2023-05-17 17:13:28 +02:00
Jeroen Ketema
e143002ae5 Merge pull request #13197 from jketema/test-annotation 
C++: Add forgotten test annotation for `cpp/invalid-pointer-deref` test
 2023-05-17 12:32:58 +02:00
Jeroen Ketema
014eb255bb C++: Update expected test results 2023-05-17 12:09:22 +02:00
Jeroen Ketema
b1c1513a10 C++: Add forgotten test annotation in for cpp/invalid-pointer-deref test 2023-05-17 11:21:09 +02:00
Mathias Vorreiter Pedersen
a5632a21d1 Merge branch 'main' into precompute-states-in-overrun-write 2023-05-16 18:09:16 +01:00
Jeroen Ketema
e8423f858f Merge pull request #13149 from MathiasVP/barrier-out-on-phi-back-edges 
C++: Block flow through back-edges in `cpp/overrun-write`
 2023-05-16 14:22:55 +02:00
Jeroen Ketema
eb493a1981 C++: Add FP test case for cpp/invalid-pointer-deref 
Also add reduced range analysis test case that seems to expose the underlying
reason for the FP.
 2023-05-12 16:25:34 +02:00
Mathias Vorreiter Pedersen
de1f81a4b9 C++: Accept test changes. 2023-05-12 13:01:42 +01:00
Mathias Vorreiter Pedersen
0b7fc3cbf7 C++: Add a FP testcase involving flow through back-edges. 2023-05-12 13:00:39 +01:00
Mathias Vorreiter Pedersen
75e36e89de C++: Precompute the set of necessary states. 2023-05-12 10:47:23 +01:00
Mathias Vorreiter Pedersen
f7924bda0d Merge pull request #13099 from MathiasVP/heuristic-allocation-for-overrun-write 
C++: Use heuristic allocation functions in `cpp/overrun-write`
 2023-05-12 10:15:28 +01:00
Jeroen Ketema
c3a7f98b2f Merge branch 'main' into fix-fp-in-invalid-deref-2 2023-05-10 11:31:10 +02:00
Mathias Vorreiter Pedersen
363514e4ca C++: Expand heuristic to catch more sources. 2023-05-10 08:27:29 +01:00
Mathias Vorreiter Pedersen
9da7c9f696 C++: Use heuristic allocation in 'cpp/overrun-write'. 2023-05-10 08:22:56 +01:00
Mathias Vorreiter Pedersen
023b8e4f15 C++: Add a testcase that needs heuristic allocation. 2023-05-10 08:21:21 +01:00
Mathias Vorreiter Pedersen
cad02441f9 Merge branch 'main' into overrun-write-only-one-alert 2023-05-05 10:14:20 +01:00
Robert Marsh
b7653ec92d C++: ignore cast arrays in constant off-by-one query 2023-05-04 16:39:02 -04:00
Robert Marsh
d9665e1678 C++: add case test for constant off-by-one query 2023-05-04 16:34:29 -04:00
Robert Marsh
3abf5d1bd2 C++: stitch paths in array off-by-one query 2023-05-04 16:28:05 -04:00
Mathias Vorreiter Pedersen
de08ada0bc C++: Accept test changes. 2023-05-04 17:29:39 +01:00
Mathias Vorreiter Pedersen
a09a8dba95 C++: Add testcase with repeated TP alerts. 2023-05-04 16:59:54 +01:00
Mathias Vorreiter Pedersen
0d6fdc674b C++: Also account for setter-related flow and jump steps. 2023-05-03 15:47:12 +01:00