hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
58,700 Commits 1,672 Branches 157 Tags
b18de9e6417c60b51d2371c98394f4033d2683e4
Commit Graph

1347 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
f0ab3a3c84 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-24 12:04:02 +02:00
Mathias Vorreiter Pedersen
8ab2f89d53 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-24 12:03:52 +02:00
Mathias Vorreiter Pedersen
786c6e1c5e Merge branch 'main' into swap-argument-order-in-invalid-ptr-deref 2023-07-24 11:26:27 +02:00
Mathias Vorreiter Pedersen
c44507cc42 C++: 'sizeAddend' instead of 'extra'. 2023-07-24 10:57:25 +02:00
Mathias Vorreiter Pedersen
742f080a55 C++: This predicate is no longer used. 2023-07-21 16:54:46 +01:00
Mathias Vorreiter Pedersen
0859c4f926 C++: Fix swapped arguments in 'invalidPointerToDerefSource'. 2023-07-21 16:54:38 +01:00
Mathias Vorreiter Pedersen
83aef6fc16 C++: Write formulas instead of 'non-strictly upper bounded by'. 2023-07-21 14:56:40 +01:00
Mathias Vorreiter Pedersen
108cd7f078 C++: Use more descriptive names for identifiers in 'cpp/invalid-pointer-deref'. 2023-07-21 14:55:45 +01:00
Mathias Vorreiter Pedersen
5270cf6c41 C++: Update documentation based on PR feedback. 2023-07-21 11:09:01 +01:00
Mathias Vorreiter Pedersen
a7ee27ec22 C++: Fix 'begin'/'base' confusion. 2023-07-21 10:20:24 +01:00
Mathias Vorreiter Pedersen
6c3c4c302e Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-07-21 10:19:04 +01:00
Mathias Vorreiter Pedersen
4075dacd52 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll 2023-07-21 09:55:23 +01:00
Mathias Vorreiter Pedersen
369cee9ed9 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll 
Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com>
 2023-07-21 09:32:14 +01:00
Jeroen Ketema
7c429fb924 C++: Remove redundant case from shouldPrintDeclaration 
A configuration should always exist, because it does not have a charpred
that could prevent this.
 2023-07-20 16:11:17 +02:00
Jeroen Ketema
e76dc4a1f9 C++: Support printing of global and namespace variables in PrintAST 2023-07-20 11:43:55 +02:00
Jeroen Ketema
2a63116fc2 C++: Rename shouldPrintFunction to shouldPrintDeclaration 2023-07-19 16:55:43 +02:00
Mathias Vorreiter Pedersen
922f4d5496 C++: Add more documentation to the 'cpp/invalid-pointer-deref' query. 2023-07-19 14:42:20 +01:00
Anders Schack-Mulligen
a9c76d4175 Merge pull request #13717 from aschackmull/dataflow/neverskipadditionalsteps 
Dataflow: Add support for not skipping configuration-specific nodes in big-step
 2023-07-19 14:06:54 +02:00
Mathias Vorreiter Pedersen
475a892216 Merge pull request #13760 from MathiasVP/split-invalid-ptr-deref-into-more-files 
C++: Split `cpp/invalid-pointer-deref` into more files
 2023-07-19 11:36:35 +01:00
Anders Schack-Mulligen
941aa7ae28 C/C++: Don't force-include default steps in DefaultTaintTrackingImpl. 2023-07-19 11:41:15 +02:00
Anders Schack-Mulligen
95d17045c9 Dataflow: Sync. 2023-07-19 11:41:15 +02:00
Mathias Vorreiter Pedersen
2f48cde2e5 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-19 10:28:05 +01:00
Mathias Vorreiter Pedersen
9a8fb0b93a Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/AllocationToInvalidPointer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-07-19 10:27:55 +01:00
Mathias Vorreiter Pedersen
3e1b4d97fe C++: Add QLDoc. 2023-07-18 18:15:25 +01:00
Mathias Vorreiter Pedersen
576f021c25 C++: Fix Code Scanning errors. 2023-07-18 18:15:25 +01:00
Mathias Vorreiter Pedersen
5099de5b3d C++: Split the query into 4 files. 2023-07-18 18:15:18 +01:00
Jeroen Ketema
aad094bdd0 C++: Handle FunctionAccesses with qualifiers 
Also fix the IR generation for these and add more IR tests involving value
categories.
 2023-07-18 16:35:39 +02:00
Mathias Vorreiter Pedersen
a038b389c3 C++: More cleanup. 2023-07-18 14:03:04 +01:00
Jeroen Ketema
a426010b06 Merge pull request #13621 from MathiasVP/deprecate-ast-dataflow 
C++: Deprecate AST dataflow
 2023-07-18 08:13:47 +02:00
Mathias Vorreiter Pedersen
11f2681904 Merge pull request #13740 from MathiasVP/unique-entry-point 
C++: Exclude invalid functions from new range analysis
 2023-07-17 13:32:50 +01:00
Mathias Vorreiter Pedersen
f9db6a9868 C++: Don't do range analysis on malformed IR. 2023-07-17 10:15:01 +01:00
Anders Schack-Mulligen
837df2ad37 Dataflow: Sync. 2023-07-13 10:55:39 +02:00
Ed Minnix
2c0a456855 C++: Add default implementation of StateConfigSig::isAdditionalFlowStep/4 2023-07-12 15:06:24 -04:00
Ed Minnix
c73cd73001 C++: Add default implementation of StateConfigSig::isBarrier/2 2023-07-12 15:06:24 -04:00
Mathias Vorreiter Pedersen
a4c0063ab1 Merge pull request #13679 from MathiasVP/speedup-big-step 
DataFlow: Speed up the big step relation
 2023-07-11 09:44:17 +01:00
Mathias Vorreiter Pedersen
a826c8327a Merge pull request #13682 from jketema/ptr-comp 
C++: Support pointer addition and subtraction in the IRGuards library
 2023-07-07 11:32:43 +01:00
Jeroen Ketema
8bc8ef4dda C++: Support pointer addition and subtraction in the IRGuards library 
It seems this was something supported by the AST Guards library
 2023-07-06 16:54:44 +02:00
Jeroen Ketema
fa2ee26379 C++: Add more default predicates to product flow 2023-07-06 16:06:36 +02:00
Mathias Vorreiter Pedersen
83d0dec0fb DataFlow: Sync identical files. 2023-07-06 14:00:00 +01:00
Mathias Vorreiter Pedersen
4cc2771bbf C++: Speed up the big step relation by specializing the 'isUnrachableInCall' predicate. 2023-07-06 13:59:52 +01:00
Chuan-kai Lin
ce464a7d69 Remove pragma[assume_small_delta] 2023-06-30 11:09:29 -07:00
Mathias Vorreiter Pedersen
cd2f0ecbc8 C++: Deprecate AST dataflow. 2023-06-29 15:13:36 +01:00
Mathias Vorreiter Pedersen
e4126ae6d4 Merge branch 'main' into implement-is-unreachable-in-call-2 2023-06-29 14:46:28 +01:00
Mathias Vorreiter Pedersen
9e82ce8a13 C++: Implement 'isUnreachableInCall'. 2023-06-28 14:37:35 +01:00
Mathias Vorreiter Pedersen
78f2fe8d5e C++: Fix join in 'argumentOf'. 
Before:
```
[2023-06-28 09:29:51] Evaluated non-recursive predicate DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff@8606bd35 in 1945ms (size: 1366058).
Evaluated relational algebra for predicate DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff@8606bd35 with tuple counts:
      764401   ~0%    {3} r1 = JOIN DataFlowPrivate#fbdd7bd7::DirectPosition#ff_10#join_rhs WITH Instruction#577b6a83::CallInstruction::getArgumentOperand#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.2, Lhs.1, Rhs.1
      764401   ~0%    {3} r2 = JOIN r1 WITH DataFlowPrivate#fbdd7bd7::PrimaryArgumentNode#fff_20#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1

          65   ~0%    {3} r3 = SCAN DataFlowPrivate#fbdd7bd7::IndirectionPosition#fff OUTPUT In.2, In.0, In.1
  180518864   ~0%    {3} r4 = JOIN r3 WITH project#DataFlowPrivate#fbdd7bd7::IndirectOperands::IndirectOperand::hasOperandAndIndirectionIndex#2#dispred#fff#3_10#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.2, Lhs.1
      601657   ~1%    {2} r5 = JOIN r4 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#2 ON FIRST 2 OUTPUT Lhs.0, Lhs.2
      601657   ~0%    {3} r6 = JOIN r5 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#3 ON FIRST 1 OUTPUT Lhs.0, Rhs.1, Lhs.1

    1366058   ~0%    {3} r7 = r2 UNION r6
                      return r7
```

After:
```
Tuple counts for DataFlowImplCommon#59e7a193::Cached::argumentNode#3#fff/3@d2b091vc after 1.1s:
  764381  ~2%     {3} r1 = JOIN DataFlowPrivate#fbdd7bd7::DirectPosition#ff_10#join_rhs WITH Instruction#577b6a83::CallInstruction::getArgumentOperand#fff_102#join_rhs ON FIRST 1 OUTPUT Rhs.2, Lhs.1 'pos', Rhs.1 'call'
  764381  ~0%     {3} r2 = JOIN r1 WITH DataFlowPrivate#fbdd7bd7::PrimaryArgumentNode#fff_20#join_rhs ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.2 'call', Lhs.1 'pos'

  65      ~3%     {3} r3 = SCAN num#DataFlowPrivate#fbdd7bd7::TIndirectionPosition#fff OUTPUT In.0, In.2 'pos', In.1
  1798930 ~1%     {3} r4 = JOIN r3 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#2_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'n', Lhs.2, Lhs.1 'pos'
  601641  ~1%     {2} r5 = JOIN r4 WITH project#DataFlowPrivate#fbdd7bd7::IndirectOperands::IndirectOperand::hasOperandAndIndirectionIndex#2#dispred#fff#3 ON FIRST 2 OUTPUT Lhs.0 'n', Lhs.2 'pos'
  601641  ~0%     {3} r6 = JOIN r5 WITH project#DataFlowUtil#47741e1f::SideEffectOperandNode#fff#3 ON FIRST 1 OUTPUT Lhs.0 'n', Rhs.1 'call', Lhs.1 'pos'

  1366022 ~1%     {3} r7 = r2 UNION r6
                  return r7
```
 2023-06-28 10:13:03 +01:00
Robert Marsh
e90153fc47 C++: fix irreducible control flow logic 2023-06-27 16:52:45 -04:00
Jeroen Ketema
b1ae3a0a7b Merge remote-tracking branch 'upstream/main' into clears-content 2023-06-27 13:45:33 +02:00
Jeroen Ketema
2628552ef4 C++: Fix join-order problem in clearsContent 2023-06-27 11:59:26 +02:00
Mathias Vorreiter Pedersen
06bc460868 Merge pull request #13528 from rdmarsh2/rdmarsh2/cpp/range-analysis-back-edge 
C++: fix range analysis back edge detection for irreducible CFGs
 2023-06-27 09:14:44 +01:00
Robert Marsh
dcb349434c C++: fix comment formatting 2023-06-26 15:52:32 -04:00