hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,932 Commits 1,672 Branches 157 Tags
b36d4931f217f92f0090f98c46b03f54f02a0b26
Commit Graph

9060 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
b36d4931f2 C++: Fix test annotation. 2023-02-27 15:47:52 +00:00
Mathias Vorreiter Pedersen
31f3504113 C++: Remove this bad materialization: 
```
Evaluated relational algebra for predicate _CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs_SsaInternals#50208335::DefO__#shared@ec353boa with tuple counts:
  459594    ~0%     {2} r1 = JOIN _IRVariable#e9bf30b2::IRVariable::getAst#0#dispred#ff_Parameter#ed81dd8f::Parameter#f#shared WITH SsaInternalsCommon#3c4fa02d::BaseIRVariable::getIRVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Lhs.1 'arg1', Rhs.1
  461383    ~2%     {3} r2 = JOIN r1 WITH Variable#7a968d4e::Variable::getUnspecifiedType#0#dispred#ff ON FIRST 1 OUTPUT Lhs.0 'arg1', Lhs.1, Rhs.1
  477945    ~6%     {4} r3 = JOIN r2 WITH Variable#7a968d4e::Variable::getUnspecifiedType#0#dispred#ff ON FIRST 1 OUTPUT Lhs.2, Lhs.0 'arg1', Lhs.1, Rhs.1
  346338    ~2%     {4} r4 = JOIN r3 WITH SsaInternalsCommon#3c4fa02d::Indirection::getNumberOfIndirections#0#dispred#ff ON FIRST 1 OUTPUT Lhs.3, Lhs.1 'arg1', Lhs.2, Rhs.1 'arg2'
  178593374 ~0%     {4} r5 = JOIN r4 WITH CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs ON FIRST 1 OUTPUT Lhs.2, Lhs.1 'arg1', Lhs.3 'arg2', Rhs.1 'arg3'
  934806228 ~0%     {4} r6 = JOIN r5 WITH SsaInternals#50208335::DefOrUse::getSourceVariable#0#dispred#ff_10#join_rhs ON FIRST 1 OUTPUT Rhs.1 'arg0', Lhs.1 'arg1', Lhs.2 'arg2', Lhs.3 'arg3'
                    return r6

Tuple counts for _DataFlowPrivate#fbdd7bd7::InstructionNode0#class#ff_SsaInternals#50208335::Def#ff_SsaInternals#5020__#antijoin_rhs/4@305d42l5 after 25.6s:
  180185672 ~0%     {4} r1 = JOIN _CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs_SsaInternals#50208335::DefO__#shared WITH SsaInternals#50208335::Def#ff ON FIRST 1 OUTPUT Lhs.0 'arg3', Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2'
  180185672 ~0%     {5} r2 = JOIN r1 WITH SsaInternals#50208335::Def::getValue#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.0 'arg3'
  180185672 ~0%     {5} r3 = JOIN r2 WITH DataFlowPrivate#fbdd7bd7::InstructionNode0#class#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.4 'arg3'
  178459578 ~1%     {4} r4 = JOIN r3 WITH project#Instruction#577b6a83::InitializeParameterInstruction#ff ON FIRST 1 OUTPUT Lhs.1 'arg0', Lhs.2 'arg1', Lhs.3 'arg2', Lhs.4 'arg3'
                    return r4

Tuple counts for SsaInternals#7b362d2f::TFinalParameterUse#dom#ff/2@9ff4dbcg after 7.9s:
  180185672 ~1%         {4} r1 = JOIN _CppType#d1355c92::CppType::hasUnspecifiedType#2#dispred#fff_10#join_rhs_SsaInternals#50208335::DefO__#shared WITH SsaInternals#50208335::Def#ff ON FIRST 1 OUTPUT Lhs.1 'p', Lhs.2, Lhs.3, Lhs.0
  1726094   ~0%         {4} r2 = r1 AND NOT _DataFlowPrivate#fbdd7bd7::InstructionNode0#class#ff_SsaInternals#50208335::Def#ff_SsaInternals#5020__#antijoin_rhs(Lhs.0 'p', Lhs.1, Lhs.2, Lhs.3)
  1726094   ~54%        {4} r3 = SCAN r2 OUTPUT In.0 'p', In.1, In.2, 1
  1769636   ~54%        {5} r4 = JOIN r3 WITH PRIMITIVE range#bbf ON Lhs.3,Lhs.1

  1769636   ~45%        {4} r5 = SCAN r4 OUTPUT In.2, (In.4 'indirectionIndex' + 1), In.0 'p', In.4 'indirectionIndex'
  591253    ~11541%     {2} r6 = JOIN r5 WITH SsaInternalsCommon#3c4fa02d::isModifiableAtImpl#2#ff ON FIRST 2 OUTPUT Lhs.2 'p', Lhs.3 'indirectionIndex'

  1769636   ~52%        {4} r7 = SCAN r4 OUTPUT In.2, In.0 'p', In.4 'indirectionIndex', (In.4 'indirectionIndex' + 1)
  1724893   ~41%        {5} r8 = JOIN r7 WITH CppType#d1355c92::CppType::hasType#2#dispred#fff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'p', Lhs.0, Lhs.2 'indirectionIndex', Lhs.3
  1718843   ~46%        {5} r9 = JOIN r8 WITH Type#2e8eb3ef::Type::stripType#0#dispred#ff ON FIRST 1 OUTPUT Rhs.1, Lhs.1 'p', Lhs.2, Lhs.3 'indirectionIndex', Lhs.4
  8608      ~0%         {5} r10 = JOIN r9 WITH SmartPointer#917721ba::SmartPtr#f ON FIRST 1 OUTPUT Lhs.1 'p', Lhs.2, Lhs.3 'indirectionIndex', Lhs.4, Lhs.0
  8608      ~0%         {5} r11 = r10 AND NOT PointerWrapper#7cc81d2d::PointerWrapper::pointsToConst#0#dispred#f(Lhs.4)
  8608      ~4986%      {2} r12 = SCAN r11 OUTPUT In.0 'p', In.2 'indirectionIndex'

  599861    ~11711%     {2} r13 = r6 UNION r12
                        return r13
```
 2023-02-27 14:57:36 +00:00
Mathias Vorreiter Pedersen
354a12c906 C++: Fix queries. Since there's no longer indirect -> direct flow in 
taint-tracking we need to make sure the affected sink definitions also
handle indirect flow.
 2023-02-27 14:57:36 +00:00
Mathias Vorreiter Pedersen
1db24dd28d C++: Fix missing types. We now assign the node corresponding to **p 
an `UnknownType`.
 2023-02-27 14:57:36 +00:00
Mathias Vorreiter Pedersen
4e16bb65e3 C++: Accept test changes. Because we now allocate _three_ indirect nodes 
for a value of type `void*` (i.e., `p`, `*p` and `**p`) we need to decide
on a type for the `**p` value. We will do this in the next commit.
 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
16ba4652af C++: Allocate an additional indirection for void pointers. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
f6b9ca3da6 C++: Add failing test. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
da4a059388 C++: Accept test changes. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
52e6e1dece C++: Fix flow through partial definitions. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
575ac46bf3 C++: Add failing test. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
b952f619db C++: Accept test changes. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
057e810122 C++: Fix flow through arrays. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
9d64c0a023 C++: Add failing test. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
1e4caca23a C++: Accept query changes. Nothing bad to see here. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
2cb4a554ea C++: Fix a bug in Expr <-> Node mapping. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
09df318e9e C++: Also track flow out of indirect sources. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
a806569b5f C++: The next commit is going to track flow out of both direct and indirect sources. This means we'll get a lot of duplication since there'll be flow from indirect source -> indirect sink and direct source -> direct sink (which both map to the same expressions). This commit changes the testing so that we only report a duplication when they're at different locations. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
5a8b900394 C++: Properly track smart pointer wrappers. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
64abf5b163 C++: Add conflation into DefaultTaintTracking. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
b951bf0f8f C++: Remove conflation from taint-tracking. 2023-02-27 14:57:35 +00:00
Mathias Vorreiter Pedersen
a5bb093935 Merge branch 'main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-02-27 14:57:06 +00:00
Nick Rolfe
3e5534f0ba Merge branch 'main' into post-release-prep/codeql-cli-2.12.3 2023-02-17 14:39:26 +00:00
github-actions[bot]
8eb8daa4d4 Post-release preparation for codeql-cli-2.12.3 2023-02-16 17:23:25 +00:00
github-actions[bot]
b0315119c6 Release preparation for version 2.12.3 2023-02-16 11:49:06 +00:00
Michael B. Gale
eab3c6dd5e Fix missing implementations for C++ tests 2023-02-16 11:07:38 +00:00
Mathias Vorreiter Pedersen
2203eb6607 C++: Fix Code Scanning error. 2023-02-15 11:51:55 +00:00
Mathias Vorreiter Pedersen
c11218fcde Merge pull request #12184 from MathiasVP/discriminate-union-contents 2023-02-14 23:36:02 +00:00
Jeroen Ketema
899f35a59b Merge pull request #12185 from jketema/test-annotations 
C++: Update test annotations for use-use dataflow
 2023-02-14 15:48:35 +01:00
Jeroen Ketema
1d4e9745a3 Merge remote-tracking branch 'upstream/main' into mathiasvp/replace-ast-with-ir-use-usedataflow 2023-02-14 15:40:36 +01:00
Mathias Vorreiter Pedersen
2591460731 Merge pull request #12181 from MathiasVP/fix-node-type 
C++: Fix node types
 2023-02-14 13:54:12 +00:00
Jeroen Ketema
9e462866a0 C++: Update test annotations for use-use dataflow 2023-02-14 14:48:08 +01:00
Mathias Vorreiter Pedersen
ba0be2fd9f C++: Better discriminate for unions. 2023-02-14 13:26:40 +00:00
Mathias Vorreiter Pedersen
b01a45f7be C++: Respond to PR reviews. 2023-02-14 09:51:48 +00:00
Mathias Vorreiter Pedersen
bda46b3748 Update cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-02-14 09:49:32 +00:00
Mathias Vorreiter Pedersen
ffef81bc47 C++: Add QLDoc. 2023-02-14 09:38:43 +00:00
Mathias Vorreiter Pedersen
0a3f958849 C++: Use content approximations. 2023-02-14 09:10:10 +00:00
Mathias Vorreiter Pedersen
7a81f06e84 C++: Accept test changes. 2023-02-14 09:01:51 +00:00
Mathias Vorreiter Pedersen
cc036c188f C++: Fix missing and spurious types. 2023-02-14 09:01:42 +00:00
Mathias Vorreiter Pedersen
748a345e7f C++: Add a test to reveal missing or spurious types on dataflow nodes. 2023-02-14 08:58:29 +00:00
Anders Schack-Mulligen
e877b161d8 Merge pull request #12124 from hvitved/dataflow/stage1-dispatch 
Data flow: Call context virtual dispatch pruning in stage 1
 2023-02-13 13:13:43 +01:00
Jeroen Ketema
b9200c92d5 C++: Address review comments 2023-02-13 11:14:48 +01:00
Jeroen Ketema
3dfe0adf0a C++: Fix formatting 2023-02-13 09:45:23 +01:00
Jeroen Ketema
3482158fee C++: Add semmle.code.cpp.dataflow.new 2023-02-13 09:38:23 +01:00
Jeroen Ketema
996eb6c63c C++: Fix Ql-for-QL warnings 2023-02-13 09:22:31 +01:00
Tom Hvitved
f7a5a33474 Address review comment 2023-02-13 09:01:15 +01:00
Mathias Vorreiter Pedersen
378484ec01 Merge pull request #12149 from MathiasVP/fewer-flowthroughs 
C++: Fix spurious flow-through
 2023-02-10 18:45:46 +00:00
Jeroen Ketema
7bd28183ba Merge pull request #12151 from jketema/remove-experimental-dataflow 
C++: Remove experimental copy of the use-use IR dataflow library
 2023-02-10 18:08:14 +01:00
Mathias Vorreiter Pedersen
168202dbf7 Update cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.ql 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-02-10 16:36:40 +00:00
Jeroen Ketema
5f33827eca C++: Update test results 2023-02-10 17:10:52 +01:00
Jeroen Ketema
b023c6bb23 C++: Remove experimental copy of the use-use IR dataflow library 2023-02-10 16:20:33 +01:00