hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-27 01:38:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,735 Commits 1,721 Branches 163 Tags
aaae7173286fcacd8dfdbcf4a3e59520ca1f605f
Commit Graph

3303 Commits

Author SHA1 Message Date
Geoffrey White
aaae717328 Merge branch 'main' into weak_crypto 2021-05-19 11:19:08 +01:00
Mathias Vorreiter Pedersen
4d00513606 C++: Use the isParameterDerefOrQualifierObject predicate to remove a disjunction. 2021-05-19 10:47:04 +02:00
Geoffrey White
3d8513c1e0 C++: Add 'MAC' as additional evidence. 2021-05-18 13:24:51 +01:00
Geoffrey White
930b9fe3e5 C++: Add triple-DES to the bad algorithms list. 2021-05-17 15:51:17 +01:00
Geoffrey White
57354def9e C++: Real world diffs suggest that 'Cipher' should be an encryption word as well. 2021-05-17 15:36:27 +01:00
Geoffrey White
9e75f53798 C++: Prefer matches to regexpMatch. 2021-05-17 15:35:19 +01:00
Geoffrey White
a9d57450c8 C++: Autoformat. 2021-05-13 16:19:09 +01:00
Geoffrey White
e4d2c7cfc4 C++: Rewrite so that we look for additional evidence. 2021-05-13 13:19:39 +01:00
Geoffrey White
123889a671 C++: Fix 'triple DES' false positives. 2021-05-13 10:21:06 +01:00
Geoffrey White
40cf29b625 C++: Rearrange the library. 2021-05-13 08:39:37 +01:00
Geoffrey White
b6d5f7c315 C++: Fix FPs caused by substring regexp. 2021-05-12 19:23:49 +01:00
Geoffrey White
8f152b7380 Merge pull request #5877 from MathiasVP/detect-more-abs-in-overflow-library 
C++: Detect more uses of `abs`
 2021-05-12 10:02:12 +01:00
Anders Schack-Mulligen
74ae2e0857 Merge pull request #5773 from hvitved/dataflow/aggressive-caching 
Data flow: Cache most language-dependent predicates
 2021-05-12 09:41:55 +02:00
Tom Hvitved
d66506b0a3 Data flow: Rename {Argument,Parameter}NodeExt to {Arg,Param}Node 2021-05-11 14:40:10 +02:00
Mathias Vorreiter Pedersen
48e783184c C++: Fix false positive by recognizing more absolute value functions in Overflow.qll 2021-05-11 14:30:28 +02:00
Mathias Vorreiter Pedersen
4463293dc4 C++: Move common code from NewExpr and NewArrayExpr into the NewOrNewArrayExpr class. 2021-05-06 16:35:41 +02:00
Mathias Vorreiter Pedersen
066cdb55d7 C++: Add qldoc explaining column order. 2021-05-05 09:30:12 +02:00
Mathias Vorreiter Pedersen
ded377bcd2 C++: Reorder getInstructionOpcode to produce better RA. 2021-05-04 12:13:34 +02:00
Jonas Jensen
c05ef1225c Merge pull request #5803 from MathiasVP/no-magic-in-getUnspecifiedType 
C++: Add nomagic to getUnspecifiedType
 2021-05-03 09:03:58 +02:00
intrigus
08731fc6cf Fix typo. 2021-04-29 20:26:34 +02:00
Mathias Vorreiter Pedersen
39c7816ede C++: Dont allow magic in getUnspecifiedType. 2021-04-29 10:09:46 +02:00
Tom Hvitved
058925cca9 C++: Do not inline Dominance::hasMultiScopeNode 2021-04-28 16:50:08 +02:00
Tom Hvitved
e8347c2c20 C++: Update data-flow caching 2021-04-28 14:49:05 +02:00
Mathias Vorreiter Pedersen
0f141edbc3 Merge pull request #5737 from dbartol/dbartol/smart-pointers/work 
C++: IR Alias Analysis for smart pointers
 2021-04-27 21:40:14 +02:00
Tom Hvitved
914184f3dd Data flow: Sync files 2021-04-27 19:06:39 +02:00
Mathias Vorreiter Pedersen
a41e9055c5 C++: Delete the fix that was introduced in bb447d7174. This is no longer needed after #5678. 2021-04-27 09:43:02 +02:00
Mathias Vorreiter Pedersen
05d693e3bb C++: Also include the assignment versions in exprThatCanOverflow. 2021-04-27 09:41:13 +02:00
Geoffrey White
0e7eeb3051 Merge pull request #5678 from MathiasVP/sound-expr-might-overflow-predicate 
C++: Make exprMightOverflowPositively sound for unanalyzable expressions
 2021-04-26 17:38:23 +01:00
Jonas Jensen
9b5bb95766 Merge pull request #5696 from jbj/reapply-inconsistency-workaround 
Revert "Revert "C++: Work around extractor issue CPP-383""
 2021-04-23 14:49:32 +02:00
Mathias Vorreiter Pedersen
e6077127be C++: Only unary and binary arithmetic operations and left shifts are now 
reported as overflowing when we cannot analyze them.
 2021-04-23 11:13:34 +02:00
Jonas Jensen
6de5b3021e C++: Replace Jira ticket reference with GH issue 2021-04-23 09:58:39 +02:00
Jonas Jensen
6e059ea002 C++: Remove reference to obsolete issue CPP-383 2021-04-23 09:58:15 +02:00
Dave Bartolomeo
5d0a4cae90 C++: Add {AllAliased} side effects for smart pointers 
Smart pointer constructors, assignments, and `reset()` can actually have fairly large side effects, especially with custom deleters, destructors for objects being destroyed, and so on. I've re-introduced `{AllAliased}` side effects for these functions. There was no immediate effect on analysis results.
 2021-04-22 16:51:36 -04:00
Dave Bartolomeo
383210096c C++: Isolate models from AST dataflow's reference/object conflation 
`DataFlowFunction` models treat references a pointers - an explicit level of indirection. The AST dataflow library generally treats references as if they were the referred-to object. This commit removes a workaround in the dataflow model for unary `operator*` on smart pointers, and makes the AST dataflow library adjust the results of querying the model so that a returned reference only gets flow that was modeled as going to the dereference of the return value.

This fixes some missing flow in IR dataflow, and recovers some (presumably) missing reverse taint flow in AST taint tracking as well.
 2021-04-21 18:09:44 -04:00
Dave Bartolomeo
0bc4b0421d C++: Remove unnecessary cast 2021-04-21 12:12:01 -04:00
Dave Bartolomeo
b9da6ce04a C++: Prepare for merge of smart pointer models 2021-04-20 23:12:05 -04:00
Dave Bartolomeo
a447b049fc C++: Impoved alias analysis of smart pointers 2021-04-20 19:42:06 -04:00
Dave Bartolomeo
63fe4fb317 C++: More general model for pointer flow 2021-04-20 19:41:15 -04:00
Dave Bartolomeo
5085e462b0 C++: Allow alias propagation to/from side effects (part 1) 2021-04-20 14:09:41 -04:00
Dave Bartolomeo
01a95316c2 C++: Add Instruction::getAParameterSideEffect(). 2021-04-20 14:03:48 -04:00
Mathias Vorreiter Pedersen
61d4d17225 C++: Simplify smart pointer model and accept test changes. 2021-04-20 09:57:58 +02:00
Jonas Jensen
f8d45f04ed Revert "Revert "C++: Work around extractor issue CPP-383"" 
**Revert the revert** of the workaround for CFG issues when a
`FunctionCall` has a `getTarget` that does not exist. While we've fixed
the main cause of the problem, it can apparently still happen in rare
cases as a result of extractor crashes.

This reverts commit ee5eaef5e4.
 2021-04-16 16:44:58 +02:00
Geoffrey White
e1028a2765 Merge pull request #5667 from MathiasVP/use-range-analysis-in-overflow 
C++: Use range analysis in Overflow.qll
 2021-04-16 12:00:28 +01:00
Robert Marsh
fe57876fd8 Merge pull request #5643 from dbartol/smart-pointers/side-effect-refactor 
C++: Refactor some side effect generation code
 2021-04-14 09:59:41 -07:00
Dave Bartolomeo
b29f35f564 Fix formatting 2021-04-14 11:15:16 -04:00
Mathias Vorreiter Pedersen
ed64ed3d8d C++: Make exprMightOverflowPositively/exprMightOverFlowNegatively hold for unanalyzable expressions. This hopefully means that expressions that do not satisfy these predicates will never overflow/underflow. 2021-04-14 16:45:27 +02:00
Jonas Jensen
b4f01c9afa Merge pull request #5578 from MathiasVP/ast-flow-smart-pointers 
C++: AST dataflow through smart pointers
 2021-04-14 16:39:05 +02:00
Mathias Vorreiter Pedersen
bb447d7174 C++: Make sure missingGuardAgainstOverflow (and underflow) holds when range analysis fails to deduce a bound. 2021-04-14 16:30:43 +02:00
Mathias Vorreiter Pedersen
bc7cc2f7ce C++: Remove rule that wasn't needed. 2021-04-14 14:50:27 +02:00
Mathias Vorreiter Pedersen
da36508714 Revert "C++: As response to the review comments this commit adds a reference-to-pointer state to AddressFlow. A call to an unwrapper function now adds a pointer -> reference-to-pointer transition, and a ReferenceDereference adds a reference-to-pointer -> pointer transition." 
This reverts commit 5aeaab7c6d.
 2021-04-14 14:41:22 +02:00