hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
24,227 Commits 1,741 Branches 165 Tags
9b2b593cb4f2e8c7ffced7bbecf4ff9da3e174ee
Commit Graph

3371 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
4d00513606 C++: Use the isParameterDerefOrQualifierObject predicate to remove a disjunction. 2021-05-19 10:47:04 +02:00
Robert Marsh
db85a215ab C++: fix alias model for smart pointer setters 2021-05-18 13:16:22 -07:00
Robert Marsh
e590a7bc33 C++: Handle alias models for this/qualifiers 2021-05-18 13:15:38 -07:00
Geoffrey White
3d8513c1e0 C++: Add 'MAC' as additional evidence. 2021-05-18 13:24:51 +01:00
Geoffrey White
930b9fe3e5 C++: Add triple-DES to the bad algorithms list. 2021-05-17 15:51:17 +01:00
Geoffrey White
57354def9e C++: Real world diffs suggest that 'Cipher' should be an encryption word as well. 2021-05-17 15:36:27 +01:00
Geoffrey White
9e75f53798 C++: Prefer matches to regexpMatch. 2021-05-17 15:35:19 +01:00
Geoffrey White
a9d57450c8 C++: Autoformat. 2021-05-13 16:19:09 +01:00
Geoffrey White
e4d2c7cfc4 C++: Rewrite so that we look for additional evidence. 2021-05-13 13:19:39 +01:00
Geoffrey White
123889a671 C++: Fix 'triple DES' false positives. 2021-05-13 10:21:06 +01:00
Geoffrey White
40cf29b625 C++: Rearrange the library. 2021-05-13 08:39:37 +01:00
Geoffrey White
b6d5f7c315 C++: Fix FPs caused by substring regexp. 2021-05-12 19:23:49 +01:00
Geoffrey White
8f152b7380 Merge pull request #5877 from MathiasVP/detect-more-abs-in-overflow-library 
C++: Detect more uses of `abs`
 2021-05-12 10:02:12 +01:00
Anders Schack-Mulligen
74ae2e0857 Merge pull request #5773 from hvitved/dataflow/aggressive-caching 
Data flow: Cache most language-dependent predicates
 2021-05-12 09:41:55 +02:00
Tom Hvitved
d66506b0a3 Data flow: Rename {Argument,Parameter}NodeExt to {Arg,Param}Node 2021-05-11 14:40:10 +02:00
Mathias Vorreiter Pedersen
48e783184c C++: Fix false positive by recognizing more absolute value functions in Overflow.qll 2021-05-11 14:30:28 +02:00
Dave Bartolomeo
773e5f2e2e Merge remote-tracking branch 'upstream/main' into side-effects 2021-05-07 16:50:48 -04:00
Dave Bartolomeo
187e136ecc C++: Generate IR side effects for smart pointer indirections 
When inserting side effect instructions for argument indirections, we now insert side effects for smart pointers as we would for raw pointers. The address operand of the side effect instruction is  the smart pointer object, which is a bit odd. However, I'd like to think through the design of a more principled solution before doing additional work.

A few new tests are added to the existing IR tests. In addition, the IR tests now `#include` some of the shared STL headers. I've disabled IR dumps for functions from those headers, since they only get in the way of the test cases we intended.
 2021-05-07 16:50:03 -04:00
Dave Bartolomeo
f0a994a570 C++: Fix pointer flow modeling for smart pointer setters 2021-05-07 16:33:15 -04:00
Dave Bartolomeo
653ef9d257 C++: Improve consistency failure message for multiple MemoryLocations on a memory access. 2021-05-07 16:04:01 -04:00
Dave Bartolomeo
54b9f2175d C++: Allow annotating IR dumps with Alias Analysis info 
This commit adds a `PrintAliasAnalysis.qll` module, which can be imported alongside `PrintIR.qll` to annotate those dumps with alias analysis results.
 2021-05-07 16:03:11 -04:00
Robert Marsh
9ac55aff0e C++: One more join order fix 2021-05-06 17:43:28 -07:00
Robert Marsh
b3e598c1a7 C++/C#: fix another join order in SSA construction 2021-05-06 08:14:49 -07:00
Robert Marsh
5318aa8ead C++: autoformat 2021-05-06 08:14:48 -07:00
Robert Marsh
35594eac22 C++: fix bad join order in phi node sharing 2021-05-06 08:14:47 -07:00
Robert Marsh
5406783e9c C++: autoformat 2021-05-06 08:14:46 -07:00
Robert Marsh
5d7d26bed1 C++: fixups and file sync for SSA sharing 2021-05-06 08:14:44 -07:00
Robert Marsh
195b811422 C++: handle phi operands from unreachable blocks 2021-05-06 08:14:42 -07:00
Robert Marsh
6600436dd9 C++: handle degenerate phi nodes 2021-05-06 08:14:41 -07:00
Dave Bartolomeo
922cf640f4 C++/C#: Add combineOverlap() predicate 2021-05-06 08:14:40 -07:00
Robert Marsh
8bc7e5993e autoformat and sync C++ files 2021-05-06 08:14:36 -07:00
Robert Marsh
deff5c3af1 C++: Reuse SSA from earlier stages 
This refactors the SSA stages of the IR so that instructions which have
a modeled memory result in the unaliased SSA stage do not have SSA
recomputed in the aliased SSA stage.
 2021-05-06 08:14:34 -07:00
Robert Marsh
a9d7990596 C++: make unaliased_ssa IR stage sound 2021-05-06 08:14:33 -07:00
Mathias Vorreiter Pedersen
4463293dc4 C++: Move common code from NewExpr and NewArrayExpr into the NewOrNewArrayExpr class. 2021-05-06 16:35:41 +02:00
Mathias Vorreiter Pedersen
066cdb55d7 C++: Add qldoc explaining column order. 2021-05-05 09:30:12 +02:00
Mathias Vorreiter Pedersen
ded377bcd2 C++: Reorder getInstructionOpcode to produce better RA. 2021-05-04 12:13:34 +02:00
Jonas Jensen
c05ef1225c Merge pull request #5803 from MathiasVP/no-magic-in-getUnspecifiedType 
C++: Add nomagic to getUnspecifiedType
 2021-05-03 09:03:58 +02:00
intrigus
08731fc6cf Fix typo. 2021-04-29 20:26:34 +02:00
Mathias Vorreiter Pedersen
39c7816ede C++: Dont allow magic in getUnspecifiedType. 2021-04-29 10:09:46 +02:00
Tom Hvitved
058925cca9 C++: Do not inline Dominance::hasMultiScopeNode 2021-04-28 16:50:08 +02:00
Tom Hvitved
e8347c2c20 C++: Update data-flow caching 2021-04-28 14:49:05 +02:00
Mathias Vorreiter Pedersen
0f141edbc3 Merge pull request #5737 from dbartol/dbartol/smart-pointers/work 
C++: IR Alias Analysis for smart pointers
 2021-04-27 21:40:14 +02:00
Tom Hvitved
914184f3dd Data flow: Sync files 2021-04-27 19:06:39 +02:00
Mathias Vorreiter Pedersen
a41e9055c5 C++: Delete the fix that was introduced in bb447d7174. This is no longer needed after #5678. 2021-04-27 09:43:02 +02:00
Mathias Vorreiter Pedersen
05d693e3bb C++: Also include the assignment versions in exprThatCanOverflow. 2021-04-27 09:41:13 +02:00
Geoffrey White
0e7eeb3051 Merge pull request #5678 from MathiasVP/sound-expr-might-overflow-predicate 
C++: Make exprMightOverflowPositively sound for unanalyzable expressions
 2021-04-26 17:38:23 +01:00
Jonas Jensen
9b5bb95766 Merge pull request #5696 from jbj/reapply-inconsistency-workaround 
Revert "Revert "C++: Work around extractor issue CPP-383""
 2021-04-23 14:49:32 +02:00
Mathias Vorreiter Pedersen
e6077127be C++: Only unary and binary arithmetic operations and left shifts are now 
reported as overflowing when we cannot analyze them.
 2021-04-23 11:13:34 +02:00
Jonas Jensen
6de5b3021e C++: Replace Jira ticket reference with GH issue 2021-04-23 09:58:39 +02:00
Jonas Jensen
6e059ea002 C++: Remove reference to obsolete issue CPP-383 2021-04-23 09:58:15 +02:00