hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
64,926 Commits 1,672 Branches 157 Tags
a8718f99a1965fdadbc093088aa08428168cb17e
Commit Graph

11080 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
a8718f99a1 C++: Add qhelp for 'cpp/iterator-to-expired-container'. 2024-03-15 17:35:47 +00:00
Mathias Vorreiter Pedersen
3a8db49573 C++: Add tests for 'cpp/iterator-to-expired-container'. 
NOTE: This is with the yet-to-be-merged changes to the extractor and IR generation.
 2024-03-15 17:35:17 +00:00
Mathias Vorreiter Pedersen
23cf99734a C++: Add a new experimental query ' cpp/iterator-to-expired-container'. 2024-03-15 14:29:29 +00:00
Mathias Vorreiter Pedersen
f7c29e6bfb C++: Expose some previously private classes from our models so they can be used in queries. 2024-03-15 14:21:39 +00:00
Mathias Vorreiter Pedersen
7fdea27d33 C++: Rename 'IndirectTemporaryExpr' to 'IndirectOperandExprNode'. 2024-03-14 11:46:15 +00:00
Mathias Vorreiter Pedersen
9aefdca7a7 Merge pull request #15875 from MathiasVP/bring-back-type-barriers-in-non-constant-format 
C++: Clean up `cpp/non-constant-format`
 2024-03-14 10:51:23 +00:00
Mathias Vorreiter Pedersen
dacf7d73d9 Merge pull request #15918 from MathiasVP/fix-as-expr-for-temps 
C++: Fix dataflow node <> expression problem on prvalues
 2024-03-14 09:38:46 +00:00
Mathias Vorreiter Pedersen
a24432bacc Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 2024-03-14 09:23:33 +00:00
Mathias Vorreiter Pedersen
c375497fa5 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 2024-03-14 09:16:04 +00:00
Mathias Vorreiter Pedersen
a839c92979 C++: Fix mapping issue between dataflow nodes and expressions when the expression is a prvalue. 2024-03-13 22:59:09 +00:00
Mathias Vorreiter Pedersen
2fc0922b29 Merge branch 'main' into bring-back-type-barriers-in-non-constant-format 2024-03-13 22:46:35 +00:00
Mathias Vorreiter Pedersen
d1c253b519 C++: Accept test changes. 2024-03-13 22:41:32 +00:00
Mathias Vorreiter Pedersen
61597f5ac7 C++: This commit does two things: 
1. It fixes a logic error in the cannotContainString predicate.
2. It reverts the changes to the `isSource` predicate that required the external
function to be within the source root.

The change to `isSource` was meant to fix the a performance problem that occurred
because of the logic error in the cannotContainString predicate. However, now that
the logic error is fixed this is no longer necessary 🎉
 2024-03-13 22:40:06 +00:00
Jeroen Ketema
866a3934d4 C++: suppress destructors with reuse expressions until proper support is added 2024-03-13 20:17:00 +01:00
Jeroen Ketema
67b3670d06 Merge pull request #15901 from jketema/destructors11 
C++: Introduce re-use expressions in the database scheme
 2024-03-13 18:27:28 +01:00
Mathias Vorreiter Pedersen
b638d4d0ba Merge pull request #15900 from MathiasVP/glib-alloc-and-dealloc 
C++: Add models for `GLib` allocation and deallocation
 2024-03-13 15:29:46 +00:00
Jeroen Ketema
8d5eab401d C++: Introduce re-use expressions in the database scheme 2024-03-13 13:28:27 +01:00
Mathias Vorreiter Pedersen
8d504d8b32 Merge pull request #15899 from jketema/destructors10 
C++: Add IR tests for the destruction of temporaries
 2024-03-13 11:56:04 +00:00
Mathias Vorreiter Pedersen
465c3c18e3 C++: Add change note. 2024-03-13 11:49:26 +00:00
Mathias Vorreiter Pedersen
3ea39a2553 C++: Add some query tests. 2024-03-13 11:39:34 +00:00
Mathias Vorreiter Pedersen
bcd36b1994 C++: Recognize glib allocations and deallocations. 2024-03-13 11:39:15 +00:00
Jeroen Ketema
3ef1ab49ea C++: Add IR tests for the destruction of temporaries 2024-03-13 12:00:02 +01:00
Mathias Vorreiter Pedersen
ab6e2f9364 C++: Accept test regression. 2024-03-12 15:04:49 +00:00
Mathias Vorreiter Pedersen
51f5740707 C++: Exclude functions that aren't declared inside the source root. This fixes performance on ImageMagick. 2024-03-12 14:20:16 +00:00
Mathias Vorreiter Pedersen
6a563c161e C++: Simplify the definition of 'isNonConst'. On ImageMagick I get the same exact sources before and after. 2024-03-12 14:20:09 +00:00
Mathias Vorreiter Pedersen
179a7d500e C++: Handle 'wchar_t' types that may be defined as unsigned short in C. This brings back SAMATE results. 2024-03-12 14:19:48 +00:00
Tom Hvitved
dddba3228b Merge pull request #15867 from hvitved/dataflow/ap-limit 
Data flow: Add `ConfigSig::accessPathLimit`
 2024-03-12 14:57:51 +01:00
Mathias Vorreiter Pedersen
1a42e55095 Merge pull request #15820 from MathiasVP/add-type-confusion-query 
C++: Add a new query for detecting type confusion vulnerabilities
 2024-03-12 10:29:22 +00:00
Mathias Vorreiter Pedersen
9854ed4b89 C++: Delete comment. 2024-03-11 18:54:53 +00:00
Mathias Vorreiter Pedersen
2345907a52 C++: Reintroduce the 'cannotContainString' optimization that was removed in #15516. 2024-03-11 18:49:03 +00:00
Mathias Vorreiter Pedersen
f97b6e2848 C++: Stop conflating pointers and indirections in the query. 2024-03-11 18:48:19 +00:00
Mathias Vorreiter Pedersen
32e532ff3c C++: Some cleanup to avoid conflating the case of a function returning something as a return value, and a function updating one of its arguments. 2024-03-11 18:42:42 +00:00
Mathias Vorreiter Pedersen
7b0df57d7a C++: Remove the two configurations that depend on flow state to speed up performance on ChakraCore. 2024-03-11 13:56:22 +00:00
Tom Hvitved
da66281fef Sync files 2024-03-11 13:02:04 +01:00
Mathias Vorreiter Pedersen
761f6d3a7e C++: Disable field flow from the 'cpp/type-confusion' query to fix performance on ChakraCore. 2024-03-07 15:24:04 -08:00
Mathias Vorreiter Pedersen
a548316747 C++: Accept test changes. 2024-03-07 13:55:31 -08:00
Mathias Vorreiter Pedersen
4f9bdca4f0 C++: Optimize. 2024-03-07 13:08:26 -08:00
Mathias Vorreiter Pedersen
cedbfbe7ea C++: Use a more generous definition of compatible types. 2024-03-07 10:50:20 -08:00
Mathias Vorreiter Pedersen
9e77b89885 Update TypeConfusion.qhelp 
Co-authored-by: hubwriter <hubwriter@github.com>
 2024-03-07 08:33:49 -08:00
Mathias Vorreiter Pedersen
b876117ecc C++: Add more QLDoc. 2024-03-06 22:25:04 -08:00
Mathias Vorreiter Pedersen
01fc7432cb C++: Add more tests. 2024-03-06 22:17:33 -08:00
Mathias Vorreiter Pedersen
bf84f3a936 C++: Add FN. 2024-03-06 21:19:17 -08:00
Mathias Vorreiter Pedersen
3295d5cb9f C++: Add more QLDoc. 2024-03-06 21:17:57 -08:00
Mathias Vorreiter Pedersen
fc9919a5b6 C++: Add a test that exercise the 'last field' check. 2024-03-06 21:17:55 -08:00
Mathias Vorreiter Pedersen
c2db5f490e C++: Add more FNs and FPs to show examples of where the 'successor typing' strategy fails. 2024-03-06 21:16:51 -08:00
Mathias Vorreiter Pedersen
cd57cd0d8a C++: Add qhelp reference. 2024-03-06 21:15:27 -08:00
Mathias Vorreiter Pedersen
cf4c8eb517 C++: Add more tests. 2024-03-06 21:15:25 -08:00
Mathias Vorreiter Pedersen
6dc0fa515d C++: Add change note. 2024-03-06 21:11:36 -08:00
Mathias Vorreiter Pedersen
8ae6fa5366 C++: Add a new query 'cpp/type-confusion' for detecting type confusion vulnerabilities. 2024-03-06 21:11:32 -08:00
Mathias Vorreiter Pedersen
4c9876b008 C++: Accept test changes. 2024-03-06 18:18:36 -08:00