hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
46,813 Commits 1,671 Branches 157 Tags
aa385a293d1c2e5ec232d0523fda513f70b7037f
Commit Graph

8592 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
aa385a293d C++: Accept test changes. 2022-11-16 23:00:00 +00:00
Mathias Vorreiter Pedersen
b8fab9ae79 C++: Respond to review comments. 2022-11-15 16:07:07 +00:00
Mathias Vorreiter Pedersen
1f43a1a924 Merge branch 'replace-ast-with-ir-use-usedataflow' into merge-some-indirect-and-instruction-nodes 2022-11-15 16:00:52 +00:00
Jeroen Ketema
2acda03518 C++: Reintroduce the AST testing configuration for the smart pointer test too 2022-11-15 13:49:03 +01:00
Mathias Vorreiter Pedersen
16565401c7 C++: Reduce path duplication. 2022-11-14 15:29:57 +00:00
Jeroen Ketema
2b37ebd7ed Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-11 17:24:34 +01:00
Jeroen Ketema
5c109cdef1 Merge pull request #11234 from jketema/std-iterator-fix 
C++: Recognize `basic_string::iterator` as an iterator
 2022-11-11 17:21:42 +01:00
Rasmus Wriedt Larsen
ddbcdcb4ba Merge pull request #11160 from RasmusWL/dataflow-consistency-read-store 
DataFlow: Add read/store stepIsLocal consistency checks
 2022-11-11 14:51:45 +01:00
Jeroen Ketema
612624d241 C++: Recognize basic_string::iterator as an iterator 2022-11-11 14:04:50 +01:00
Mathias Vorreiter Pedersen
0c7f57e0c4 C++: Accept test changes. 2022-11-11 11:09:38 +00:00
Mathias Vorreiter Pedersen
f534768715 C++: Fix join orders. 2022-11-11 11:09:38 +00:00
Mathias Vorreiter Pedersen
e0a6c16228 C++: Add missing QLDoc. 2022-11-11 11:09:38 +00:00
Mathias Vorreiter Pedersen
1a1f078684 C++: Also pick the operand as the 'ExprNode' when the expression is the qualifier of a call (and not just when it's an argument of a call). 2022-11-11 11:07:08 +00:00
Mathias Vorreiter Pedersen
c999704d1e C++: Now that we sometimes target an operand where we'd target an instruction before we should pick the operand as the 'sink' in the call-target resolution recursion. 2022-11-11 11:07:08 +00:00
Mathias Vorreiter Pedersen
a51ac7b4e7 C++: Remove some unnecessary IPA values from 'IndirectInstruction' and 'IndirectOperand' when the semantically identical value already exists in the IR. 2022-11-11 11:07:08 +00:00
Jeroen Ketema
ba00a0f370 C++: Share parameter logic in std::string model 2022-11-11 08:48:11 +01:00
Jeroen Ketema
23e29e993b C++: Split std::string::insert off in a separate class 
The `insert` function has two different return types: `iterator` and
`basic_string&`.
 2022-11-11 08:48:01 +01:00
Rasmus Wriedt Larsen
88f703af1f DataFlow: Accept changes to .expected 2022-11-10 22:13:34 +01:00
Jeroen Ketema
62f5d10d03 C++: Fix localTaint expected results 2022-11-10 16:08:07 +01:00
Jeroen Ketema
62a0bcddd9 C++: Fix the accept prototype in the dataflow taint tests 2022-11-10 14:23:26 +01:00
Jeroen Ketema
d8e96ef12a Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-10 12:09:43 +01:00
Jeroen Ketema
e7576fdd1a Merge pull request #11197 from jketema/simplify-taint-test 
C++: Simplify dataflow taint test query
 2022-11-10 11:58:50 +01:00
Jeroen Ketema
4d7aeced3f C++: Simplify dataflow taint test query 
The complexity seems a left-over from before these tests were turned into
inline expectation tests, where the aim seems to have been to have exactly
one sink node for each `sink` call. Multiple sink nodes for the same `sink`
call are not made visible in the inline expecation tests, and I am not
conviced this was very useful before, so remove the complexity.
 2022-11-10 10:38:22 +01:00
Jeroen Ketema
0e33f4da6b C++: Re-introduce most of the ast annotation test infrastructure 2022-11-09 14:37:01 +01:00
Jeroen Ketema
bd301768ea C++: Re-introduce the ast annotations in the taint tests 2022-11-09 14:30:56 +01:00
Jeroen Ketema
0d27d63984 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-09 14:28:47 +01:00
Jeroen Ketema
af6a87e54d C++: Add missing QLDoc comments 2022-11-09 13:08:53 +01:00
Jeroen Ketema
d7804f5473 C++: Fix DataFlow2 import 2022-11-09 12:53:05 +01:00
Jeroen Ketema
ceb6706c73 C++: Fix formatting 2022-11-09 12:52:44 +01:00
Jeroen Ketema
4ab5066ed2 C++: Fix imports and module names in old dataflow/taint tracking library 2022-11-09 11:52:39 +01:00
Jeroen Ketema
6a5f37b1b7 Merge pull request #11149 from geoffw0/wrong-number-msg 
C++: Clearer messages for the format args queries
 2022-11-08 20:44:10 +01:00
Jeroen Ketema
74f9b322a8 Merge branch 'main' into update-from-main 2022-11-08 17:01:02 +01:00
Jeroen Ketema
2bef82babc Merge pull request #11163 from jketema/missing-return 
C++: Add dataflow test that deliberately omits the return of a non-void function
 2022-11-08 16:00:36 +01:00
Geoffrey White
c8426776fc Merge branch 'main' into wrong-number-msg 2022-11-08 14:47:19 +00:00
Jeroen Ketema
fa2d58adff C++: Add dataflow test that deliberately omits the return of a non-void function 2022-11-08 15:12:34 +01:00
Rasmus Wriedt Larsen
4895daba85 DataFlow: Add read/store stepIsLocal consistency checks 2022-11-08 13:32:49 +01:00
Jeroen Ketema
c61a9c5911 C++: Also taint the return value dereference in the strcat model 2022-11-08 12:08:44 +01:00
Jeroen Ketema
0d4a2239fc C++: Fix wrong return types and missing statement in dataflow test 2022-11-08 09:55:10 +01:00
Geoffrey White
d72ea52f68 C++: More accurate test tags. 2022-11-07 16:32:46 +00:00
Geoffrey White
55a7adff20 C++: Make the message clearer. 2022-11-07 16:32:45 +00:00
Geoffrey White
b911556896 C++: Add a test showing the motivation. 2022-11-07 16:17:32 +00:00
Jeroen Ketema
89c5e3df1f C++: Fix the dataflow configuration in dataflow/dataflow-tests 2022-11-07 16:43:55 +01:00
Jeroen Ketema
5732c3bca0 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2022-11-07 15:03:26 +01:00
Jeroen Ketema
d62e3f6bc2 Merge pull request #11137 from jketema/dataflow-test-fixes 
C++: Small fixes for the dataflow tests
 2022-11-07 11:07:09 +01:00
Anders Schack-Mulligen
99ca28ea9b Merge pull request #10886 from aschackmull/dataflow/joinorders 
Dataflow: Fix a couple of join-orders.
 2022-11-07 11:05:29 +01:00
Jeroen Ketema
291027ad82 C++: Fix return type in dataflow test 2022-11-07 09:42:54 +01:00
Jeroen Ketema
3b1feeef6d C++: Remove unneeded isAdditionalFlowStep from dataflow test 
Since the introduction of flow through global variables these additional
steps are no longer needed.
 2022-11-07 09:40:57 +01:00
github-actions[bot]
fca754bddd Post-release preparation for codeql-cli-2.11.3 2022-11-05 14:30:48 +00:00
github-actions[bot]
508327235a Release preparation for version 2.11.3 2022-11-04 20:16:23 +00:00
Jeroen Ketema
fc2013334f C++: Do not use the old dataflow library in additional-flow-to-parameter 
Either both queries here should use the old library or neither should. The
expectation is that the expected results between the queries differ depending
on the additional flow step in one of them.
 2022-11-04 15:46:36 +01:00