hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,574 Commits 1,697 Branches 161 Tags
b4c3ea41d13caceaffc2b7bcbcdc39b0cf4e266b
Commit Graph

117 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
c4b97a3a62 C++: Accept more test changes 2020-07-15 16:19:51 +02:00
Jonas Jensen
2fa54552f0 Merge pull request #3914 from geoffw0/cc_followup 
C++: Repair swap taint tests
 2020-07-09 15:54:40 +02:00
Geoffrey White
bc7c83a5d6 C++: Add taint test cases confirming that constructor definitions do no need to be present. 2020-07-07 16:01:13 +01:00
Geoffrey White
0caa17ab10 C++: Test the new methods. 2020-07-06 18:47:56 +01:00
Geoffrey White
52e501c41d C++: Extend the 'swap' taint tests with methods that do not have recognizable signatures (copy/move assignment). 2020-07-06 18:44:37 +01:00
Geoffrey White
104298e09a Merge branch 'master' into models5 2020-06-22 10:59:15 +01:00
Geoffrey White
eebaf0f330 C++: Modify the tests so that ConversionConstructors are tested; we don't want the general case for Constructors any more. 2020-06-19 10:15:01 +01:00
Geoffrey White
35487ff109 Merge branch 'master' into stringtest 2020-06-17 19:00:26 +01:00
Geoffrey White
833f5b0cf3 C++: Add flow through assignment operators. 2020-06-17 15:47:37 +01:00
Geoffrey White
b9a65581ce C++: Some constructors should have dataflow instead of taint. 2020-06-17 15:47:37 +01:00
Geoffrey White
031c9b98f1 C++: General taint flow through constructors. 2020-06-17 15:47:37 +01:00
Geoffrey White
30151c99d7 C++: Remove the std::string Constructor model. 2020-06-17 15:43:58 +01:00
Geoffrey White
d565cfc58e C++: Add a test of default constructors etc. 2020-06-17 15:41:36 +01:00
Geoffrey White
c196ea24b2 C++: Add taint tests of class constructors and assignment. 2020-06-17 15:41:00 +01:00
Geoffrey White
ea9e9a7a26 C++: Add taint tests of std::string constructors and assignment. 2020-06-17 15:41:00 +01:00
Robert Marsh
ef940e815f C++: Add comment for false positives in swap tests 2020-06-16 11:46:14 -07:00
Robert Marsh
0c99b3644c C++: remove false negative comments in swap tests 2020-06-16 11:33:26 -07:00
Robert Marsh
1c9b6f0a48 Merge branch 'master' into ir-this-parameter-2 
Accept test changes - dataflow changes are all positive
 2020-06-16 11:28:49 -07:00
Geoffrey White
2f192f6a0c C++: Add a test of char* -> std::string -> char* taint. 2020-06-11 17:37:05 +01:00
Mathias Vorreiter Pedersen
a38839b446 C++: Include copy of IntWrapper class with two data members 2020-06-10 22:27:40 +02:00
Mathias Vorreiter Pedersen
ca20f17703 C++: Implement move constructor in terms of swap. I'm haven't found anything online on whether this is good or bad, and the only reason for not doing it might be performance. 2020-06-10 22:16:58 +02:00
Mathias Vorreiter Pedersen
1a95095505 C++: Add default move constructor. Also removed debug comment I forgot to remove earlier. Luckily, that meant that no line numbers changed in .expected files. 2020-06-10 17:13:04 +02:00
Mathias Vorreiter Pedersen
5abab25c28 Update cpp/ql/test/library-tests/dataflow/taint-tests/taint.cpp 
Co-authored-by: Jonas Jensen <jbj@github.com>
 2020-06-10 16:51:21 +02:00
Mathias Vorreiter Pedersen
88dabffd2b C++: Add tests that demonstrate flow through custom swap functions 2020-06-10 15:06:57 +02:00
Robert Marsh
0d2f8f3825 Merge branch 'master' into ir-this-parameter-2 2020-06-05 13:52:56 -07:00
Jonas Jensen
5f0d283212 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
The conflicts came from how `this` is now a parameter but not a
`Parameter` on `master`.

Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
	cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected
 2020-06-02 15:35:02 +02:00
Robert Marsh
5ee37bcd5a Merge branch 'master' into ir-this-parameter-2 
Bring in fix for duplicate virtual variables for parameter indirections
 2020-05-29 14:40:45 -07:00
Jonas Jensen
91da0d5567 Merge pull request #3592 from geoffw0/strlen 
CPP: Don't taint the return value of strlen
 2020-05-29 19:23:47 +02:00
Geoffrey White
19c33ab41c C++: Refine StrLenFunction, including removal of taint flow. 2020-05-29 14:04:27 +01:00
Geoffrey White
d77092c931 C++: Add taint tests for strlen. 2020-05-29 13:39:40 +01:00
Robert Marsh
a897caec76 C++: outbound dataflow via this indirections 2020-05-28 15:30:41 -07:00
Jonas Jensen
9153f568be C++: Accept test results with location fixes 2020-05-28 09:42:49 +02:00
Geoffrey White
95537ed26f C++: Fix mysprintf in test. 2020-05-26 18:06:14 +01:00
Geoffrey White
d96bf797ef C++: Test layout. 2020-05-26 18:06:06 +01:00
Mathias Vorreiter Pedersen
866b1361ec C++: Accept tests 2020-05-15 11:12:47 +02:00
Mathias Vorreiter Pedersen
90d473d886 C++: Demonstrate lack of taint through getdelim 2020-05-15 11:01:27 +02:00
Jonas Jensen
1018eaff09 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/test/library-tests/dataflow/fields/ir-flow.expected
 2020-05-13 12:05:58 +02:00
Jonas Jensen
3a89f43cd6 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Conflicts:
	cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
	cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/defaulttainttracking.cpp
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/tainted.expected
	cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/test_diff.expected
	cpp/ql/test/library-tests/dataflow/dataflow-tests/test_ir.expected
 2020-05-11 14:44:17 +02:00
Jonas Jensen
88eeca39fb Merge commit '52d8acc1a198c5ea29c1dddceda1d6c0fb75de14' into dataflow-defbyref-to-field 
This is a partial merge from master. In particular, it takes in #3382
and #3385.
 2020-05-07 16:46:11 +02:00
Jonas Jensen
1b1095ee75 C++: Post-update flow through &, *, +, ... 
Flow from a definition by reference of a field into its object was
working inconsistently and in a very syntax-dependent way. For a
function `f` receiving a reference, `f(a->x)` could propagate data back
to `a` via the _reverse read_ mechanism in the shared data-flow library,
but for a function `g` receiving a pointer, `g(&a->x)` would not work.
And `f((*a).x)` would not work either.

In all cases, the issue was that the shared data-flow library propagates
data backwards between `PostUpdateNode`s only, but there is no
`PostUpdateNode` for `a->x` in `g(&a->x)`. This pull request inserts
such post-update nodes where appropriate and links them to their
neighbors. In this exapmle, flow back from the output parameter of `g`
passes first to the `PostUpdateNode` of `&`, then to the (new)
`PostUpdateNode` of `a->x`, and finally, as a _reverse read_ with the
appropriate field projection, to `a`.
 2020-05-01 15:40:19 +02:00
Jonas Jensen
36bdcfa42d C++: Remove an unneeded local-flow case 
This case was added in dccc0f4db. The surrounding code has changed a lot
since then, and the case no longer seems to have an effect except to
create some dead ends and possibly cycles in the local flow graph.
 2020-05-01 15:08:15 +02:00
Robert Marsh
9e0d6e8aa0 C++: move taint step cases to TaintTrackingUtil 2020-04-22 01:38:00 -07:00
Mathias Vorreiter Pedersen
8c03423f3e C++: Accept test output 2020-04-17 12:03:16 +02:00
Mathias Vorreiter Pedersen
62e2ffe623 C++: Make PartialDefinitionNode private and add/update comments based on review comments 2020-04-16 17:19:12 +02:00
Mathias Vorreiter Pedersen
52b179aee5 Merge branch 'master' into ir-flow-fields 2020-04-07 21:27:17 +02:00
Mathias Vorreiter Pedersen
d56284fe8f C++: Move added flow from simpleLocalFlowStep to simpleInstructionLocalFlowStep and remove flow that could cause field conflation 2020-04-07 16:00:40 +02:00
Jonas Jensen
0743c42807 Merge remote-tracking branch 'upstream/master' into dataflow-indirect-args 
Accepted test results that were in semantic merge conflict between
these branches. The changed results are due to a bug that that's part of
https://github.com/github/codeql-c-analysis-team/issues/35.
 2020-04-06 19:26:08 +02:00
Geoffrey White
d5accc70e1 C++: Add a test similar to issues/44. 2020-04-06 16:47:24 +01:00
Mathias Vorreiter Pedersen
c577541850 C++: Fix reverse read dataflow consistency failure and accept tests 2020-04-06 15:50:08 +02:00
Jonas Jensen
16c7a35b1c Merge pull request #3195 from geoffw0/taintstring 
C++: Model taint flow through std::string constructor and c_str()
 2020-04-03 12:05:07 +02:00