hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
57,804 Commits 1,672 Branches 157 Tags
bbce7ee96de517ed1cbfcbad4b19fbb784a275a6
Commit Graph

10065 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
bbce7ee96d C++: Cache 'getAnInput' since it's now used in several queries. 2023-08-22 13:37:24 +01:00
Mathias Vorreiter Pedersen
1c3a0d1632 Update cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-22 13:03:07 +01:00
Mathias Vorreiter Pedersen
e88277bd3b Update cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.qhelp 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-22 13:02:37 +01:00
Mathias Vorreiter Pedersen
abe28cb106 Update cpp/ql/src/Security/CWE/CWE-193/InvalidPointerDeref.ql 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-08-22 13:02:29 +01:00
Mathias Vorreiter Pedersen
e776178be5 C++: Add some whitespace to make stuff appear in the diff. 2023-08-21 10:23:41 +01:00
Mathias Vorreiter Pedersen
0a41acc0a6 C++: Add change note. 2023-08-21 10:23:41 +01:00
Mathias Vorreiter Pedersen
70fdfc2ae3 C++: Set precision to medium and add security severity. 2023-08-21 10:23:23 +01:00
Mathias Vorreiter Pedersen
4daabdae2b C++: Promote 'cpp/invalid-pointer-deref' out of experimental. 2023-08-21 10:23:22 +01:00
Jonas Jensen
a002f59f58 C++: Undo BadlyBoundedWrite change from #13929 
This rolls back the query change, ensuring that there is no need for a
change note.
 2023-08-18 13:48:58 +02:00
Jonas Jensen
478a105e21 C++: delete change note 
Since the previous commit removed the best evidence we had for the
change described in this note, I'm removing the note for now.
 2023-08-18 13:35:32 +02:00
Jonas Jensen
cd1f196848 C++: Accept regression in test after evaluator fix 2023-08-18 13:30:20 +02:00
Mathias Vorreiter Pedersen
5f5a87e2c7 C++: Add false positive. 2023-08-17 12:13:16 +01:00
Mathias Vorreiter Pedersen
66d13dc0d5 Merge pull request #13981 from MathiasVP/fix-orig-delta-for-subtraction 
C++: Fix original delta calculation for subtraction in new range analysis
 2023-08-16 13:28:21 +01:00
Mathias Vorreiter Pedersen
20df63f26d C++: Respond to review comments. 2023-08-16 12:50:41 +01:00
Jeroen Ketema
591565a0db Merge pull request #13971 from jketema/float 
C++: Update test after float128 related extractor changes
 2023-08-16 13:11:35 +02:00
Mathias Vorreiter Pedersen
5e14b5cca7 C++: 'origDelta' should always be 'odLeft' when deriving subtraction ranges. 2023-08-16 12:10:31 +01:00
Mathias Vorreiter Pedersen
986aa74db7 Merge pull request #13972 from MathiasVP/range-analysis-for-sub-expr 
C++: Support subtraction in the new range analysis
 2023-08-16 11:51:11 +01:00
Michael Nebel
365b10183f Merge pull request #13744 from tamasvajk/standalone/integration-test 
C#: Add integration test for standalone extraction
 2023-08-16 10:50:12 +02:00
Jeroen Ketema
4ada83c0ba C++: Update test after float128 related extractor changes 2023-08-15 22:10:05 +02:00
Mathias Vorreiter Pedersen
49a5a39395 C++: Accept test changes. 2023-08-15 16:49:58 +01:00
Mathias Vorreiter Pedersen
e145b81f58 C++: Accept test changes. 2023-08-15 16:12:44 +01:00
Mathias Vorreiter Pedersen
109e45e112 C++: Add precise range analysis for subtraction. 2023-08-15 16:12:40 +01:00
Mathias Vorreiter Pedersen
3fb024164b C++: Add a FP caused by bad range analysis for subtraction. 2023-08-15 16:00:35 +01:00
Mathias Vorreiter Pedersen
569f3c9b78 C++: Don't do indirect (instruction -> operand) flow when there's a store to the address in between the instruction and the operand. 2023-08-15 11:08:01 +01:00
Mathias Vorreiter Pedersen
f662cceb0b C++: Use value numbering to better detect whether a write is certain. 2023-08-15 11:07:14 +01:00
Mathias Vorreiter Pedersen
9359bea7b5 Merge pull request #13725 from MathiasVP/fix-barriers-in-invalid-pointer-deref 
C++: Fix barriers in invalid pointer deref
 2023-08-14 14:29:12 +01:00
Mathias Vorreiter Pedersen
e2f671e327 C++: Add more comments. 2023-08-14 10:44:46 +01:00
Tamas Vajk
01af74aeda C#: Add space to CMD metacharacters 2023-08-14 11:19:17 +02:00
Mathias Vorreiter Pedersen
df9c756369 C++: Add more comments. 2023-08-14 10:09:27 +01:00
Mathias Vorreiter Pedersen
c265113073 Update cpp/ql/lib/semmle/code/cpp/security/InvalidPointerDereference/InvalidPointerToDereference.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2023-08-14 09:51:28 +01:00
Mathias Vorreiter Pedersen
2c6bbd8060 C++: Replace 'left' with 'small' and 'right' with 'large' for consistency. 2023-08-13 22:53:41 +01:00
Mathias Vorreiter Pedersen
efe3c0d34a C++: Rename n' to m. 2023-08-11 15:24:08 +01:00
Mathias Vorreiter Pedersen
f4e6deeee0 C++: Remove 'ValidForStateConfig'. 2023-08-11 13:57:59 +01:00
Henry Mercer
1213eba630 Merge branch 'main' into post-release-prep/codeql-cli-2.14.2 2023-08-11 13:54:55 +01:00
Mathias Vorreiter Pedersen
2164069eda C++: Add another testcase. 2023-08-11 12:00:43 +01:00
Mathias Vorreiter Pedersen
88d3fcb34b C++: Fix comment. 2023-08-11 11:50:50 +01:00
Mathias Vorreiter Pedersen
3d5b1986c9 C++: Fix a bug where 'boundedImpl' could give back multiple deltas. 2023-08-11 11:46:28 +01:00
Mathias Vorreiter Pedersen
c0a54e90c9 C++: Fix an inequality that should be strict, but wasn't. 2023-08-11 11:43:55 +01:00
Mathias Vorreiter Pedersen
9aae174942 C++: Move conjunct below comment. 2023-08-10 13:58:07 +01:00
Mathias Vorreiter Pedersen
6d949cbd39 C++: Rename 'getAFlowStateForNode' to 'getASizeAddend'. 2023-08-10 13:19:28 +01:00
Mathias Vorreiter Pedersen
a2b8eb924e C++: Remove the '+ 1' in 'getAFlowStateForNode'. 2023-08-10 13:17:47 +01:00
Mathias Vorreiter Pedersen
1455e8bd4c C++: Convert all '<'s to '<='s. 2023-08-10 11:55:57 +01:00
Mathias Vorreiter Pedersen
dcc1429ed8 C++: Get rid of '+ 1' in comments. 2023-08-10 11:38:40 +01:00
Mathias Vorreiter Pedersen
b750016bc1 C++: Fix more comments. 2023-08-10 11:31:30 +01:00
Jeroen Ketema
2e338cc7b4 Merge pull request #13929 from jketema/buffer 
C++: Only consider the maximum buffer size for badly bounded write
 2023-08-10 10:40:37 +02:00
github-actions[bot]
432c21d4fb Post-release preparation for codeql-cli-2.14.2 2023-08-09 18:45:18 +00:00
Mathias Vorreiter Pedersen
ce9b018789 C++: Move bounds checkout out of 'operandGuardChecks' for clarity. 2023-08-09 18:37:17 +01:00
Jeroen Ketema
e04d30a676 C++: Update expected test changes due to the line in test2.cpp having shifted 2023-08-09 15:50:07 +02:00
Jeroen Ketema
6100425274 C++: Add change note 2023-08-09 15:47:19 +02:00
Mathias Vorreiter Pedersen
8a490775d8 Merge branch 'main' into fix-barriers-in-invalid-pointer-deref 2023-08-09 14:32:58 +01:00