hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-30 12:18:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,773 Commits 1,723 Branches 164 Tags
9f0499cce95a7618ef9c8d70ae10de2594dece08
Commit Graph

33 Commits

Author SHA1 Message Date
Jonas Jensen
4ef5c9af62 C++: Autoformat everything 
Some files that will change in #1736 have been spared.

    ./build -j4 target/jars/qlformat
    find ql/cpp/ql -name "*.ql"  -print0 | xargs -0 target/jars/qlformat --input
    find ql/cpp/ql -name "*.qll" -print0 | xargs -0 target/jars/qlformat --input
    (cd ql && git checkout 'cpp/ql/src/semmle/code/cpp/ir/implementation/**/*SSA*.qll')
    buildutils-internal/scripts/pr-checks/sync-identical-files.py --latest
 2019-09-09 11:25:53 +02:00
Matthew Gretton-Dann
0e50a143af C++: Improve ReturnStackAllocatedMemory query 
Update the ReturnStackAllocatedMmeory query to not give a false positive
for thread_local variables.
 2019-08-06 11:22:32 +01:00
Geoffrey White
cf194219b9 CPP: Fix FPs. 2019-07-15 14:58:35 +01:00
Geoffrey White
5362fef81c CPP: Additional AllocaInLoop test cases. 2019-07-15 14:50:02 +01:00
Geoffrey White
8ce6822d6f CPP: Fix format literal. 2019-07-04 16:31:35 +01:00
Geoffrey White
95ab8cc706 CPP: Add a test of More64BitWaste.ql. 2019-06-27 17:14:46 +01:00
Geoffrey White
5e328908a0 CPP: Modify violation message of NonPortablePrintf.ql for consistency with WrongTypeFormatArguments.ql. 2019-06-27 17:11:37 +01:00
Geoffrey White
5cef0e21c6 CPP: Add a test of NonPortablePrintf.ql. 2019-06-27 16:51:07 +01:00
Robert Marsh
e899120270 C++: replace getType().getUnspecifiedType() 2019-05-20 15:08:28 +01:00
Jonas Jensen
40aea2f76d C++: Shorten alert message 
We don't write the reason for the alert in the alert message.
 2019-05-01 08:33:36 +02:00
Jonas Jensen
e38ac9f88a C++: suppress alerts in tightly bounded loops 2019-05-01 08:33:35 +02:00
zlaski-semmle
241994d1f8 Merge pull request #1107 from zlaski-semmle/cpp355 
Updated query to look for Microsoft-specific '_alloca' and '_malloca'
Merge to Semmle/ql:master.
 2019-03-19 13:40:27 -07:00
Ziemowit Laski
09e729ff59 Turns out that '__builtin_alloca' takes 'unsigned long', not 'unsigned long long'; rename some parameters to align with C11 standard. 2019-03-19 13:27:14 -07:00
Ziemowit Laski
11ed4f3312 Change __builtin_alloca declaration to use an unsigned long long parameter. 2019-03-19 13:12:29 -07:00
Ziemowit Laski
ff3430d8d0 Use '// GOOD' and '// BAD' annotations for query diagnostics. 2019-03-19 12:29:38 -07:00
Jonas Jensen
111a462d16 C++: Recover some of the good results we lost 
My recent changes to suppress FPs in `ReturnStackAllocatedMemory.ql`
caused us to lose all results where there was a `Conversion` at the
initial address escape. We cannot handle conversions in general, but
this commit restores the good results for the trivial types of
conversion that we can handle.
 2019-03-19 11:09:58 +01:00
Jonas Jensen
d864df5b7f C++: Tests for new false negatives 2019-03-19 10:30:14 +01:00
Ziemowit Laski
566fdc3f70 Change names of parameters to memcpy(), as per Geoff. 2019-03-18 11:15:43 -07:00
Jonas Jensen
6b1cd17009 C++: Fix FPs due to data flow Conversion handling 
Since we cannot track data flow from a fully-converted expression but
only the unconverted expression, we should check whether the address
initially escapes into the unconverted expression, not the
fully-converted one.

This fixes most of the false positives observed on lgtm.com.
 2019-03-16 20:50:27 +01:00
Jonas Jensen
1a7351ef6e C++: Add tests for three FPs observed on lgtm.com 2019-03-16 20:50:27 +01:00
Ziemowit Laski
2d5bdc85b0 Add 'restrict' support to the C++ test cases. 2019-03-14 12:12:45 -07:00
Ziemowit Laski
586aa0ae41 Updated query to look for Microsoft-specific '_alloca' and '_malloca' entry points. Added sundry positive and negative test cases. 2019-03-13 18:43:24 -07:00
Jonas Jensen
b9236d216f C++: Improve ReturnStackAllocatedMemory alert msg 2019-02-21 11:20:25 +01:00
Jonas Jensen
dcf910f20c C++: Use EscapesTree to find pointers to stack 
This simplifies the query and is a strict improvement on the tests. I
also found it to be an overall improvement on real projects.
 2019-02-21 11:20:25 +01:00
Geoffrey White
6a17ebbd1b CPP: Add test cases and renumber. 2019-02-20 10:09:57 +00:00
Geoffrey White
4e77f586da CPP: Fix file names. 2019-02-20 10:08:27 +00:00
Geoffrey White
07adf6f201 CPP: Handle array accesses. 2019-01-30 18:36:32 +00:00
Geoffrey White
4685f193f5 CPP: Widen varMaybeStackAllocated. 2019-01-30 18:36:32 +00:00
Geoffrey White
25e11512db CPP: Add a test of ReturnStackAllocatedMemory. 2019-01-30 18:36:31 +00:00
Geoffrey White
342164ff71 CPP: Clean up / normalize some test code. 2018-11-20 09:50:59 +00:00
Tobias Smolka
51dcdeff59 C++: support Decltype in suspicious-call-to-memset 2018-10-02 16:47:04 +02:00
Dave Bartolomeo
aa267c8302 C++: Force LF for .c,.cpp,.h,.hpp 2018-09-23 16:23:52 -07:00
Pavel Avgustinov
b55526aa58 QL code and tests for C#/C++/JavaScript. 2018-08-02 17:53:23 +01:00