hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-15 18:01:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,891 Commits 1,785 Branches 169 Tags
bee2ddaf266e475da7053bfdddf0b9ebc7ca9bca
Commit Graph

290 Commits

Author SHA1 Message Date
Geoffrey White
0f268cac40 CPP: Fix the issue. 2018-12-07 18:43:27 +00:00
Geoffrey White
02a060fbfa CPP: Add a test. 2018-12-07 18:21:48 +00:00
Geoffrey White
d85f4b540c CPP: Fix false positive. 2018-12-05 10:01:54 +00:00
Geoffrey White
e7f19e97cb CPP: Add a test of UnusedStaticVariable.ql. 2018-12-05 10:01:54 +00:00
Jonas Jensen
b80cf30cee Merge pull request #562 from geoffw0/cpp-308 
CPP: Fix FPs for 'Resource not released in destructor' involving virtual method calls
 2018-12-03 15:57:11 +01:00
Geoffrey White
dfbccc4bcf CPP: Additional test cases. 2018-12-03 13:11:52 +00:00
Jonas Jensen
60076cb734 Merge pull request #532 from geoffw0/query-tags-3 
CPP: Query Tags 3 (JPL_C queries)
 2018-11-30 15:45:01 +01:00
Jonas Jensen
d991fa84b1 Merge pull request #552 from geoffw0/move-security-tests-add 
CPP: Add the Semmle security tests.
 2018-11-29 10:49:20 +01:00
semmle-qlci
d31c9950f9 Merge pull request #566 from ian-semmle/defuse_test 
Approved by dave-bartolomeo
 2018-11-28 20:48:14 +00:00
Ian Lynagh
6cb6b1c07d C++: Tweak the defuse test 
It looks like this is what it was originally intended to do.
 2018-11-28 17:11:17 +00:00
Geoffrey White
0eb0bf988e CPP: Fix for virtual method calls. 2018-11-28 14:19:24 +00:00
Geoffrey White
7107cec503 CPP: Add test cases. 2018-11-27 17:20:14 +00:00
Geoffrey White
f034abc275 CPP: Add the Semmle security tests. 2018-11-26 17:52:34 +00:00
Geoffrey White
e6dddd90b7 CPP: Add a test of FunctionPointerConversions.ql. 2018-11-23 10:31:36 +00:00
Geoffrey White
0a27022dd4 Merge pull request #523 from jbj/placement-new-never-freed 
C++: Detect non-allocating placement new in cpp/memory-never-freed
 2018-11-23 09:40:11 +00:00
Jonas Jensen
4ad59235d8 Merge pull request #524 from geoffw0/cpp-299 
CPP: Add (partial) dataflow to OverflowStatic.ql
 2018-11-23 08:46:07 +01:00
Geoffrey White
5d8e34a55f CPP: Add a test of NonConstFunctionPointer.ql. 2018-11-22 17:48:40 +00:00
Geoffrey White
ea56a5d9ce CPP: Add local dataflow to (one bit of) OverflowStatic.ql. 2018-11-22 15:49:13 +00:00
Geoffrey White
01ba635e1d CPP: Add some test cases involving dataflow. 2018-11-22 15:49:13 +00:00
Jonas Jensen
da26b4f856 C++: Accept test changes for IR 
This test was failing due to a semantic merge conflict between #509,
which added `UninitializedInstruction`, and #517, which added new test
code that would get `UninitializedInstruction`s in it after merging with #509.
 2018-11-22 13:52:33 +01:00
Jonas Jensen
75873bb4a6 C++: Detect non-allocating placement new 
This adds a `NewOrNewArrayExpr.getPlacementPointer` predicate and uses
it in `Alloc.qll` to detect when a `new`-expression is not an
allocation.

User-defined replacements for `operator new` may not be allocations
either, but the code continues to assume that they are. It's possible
that we want to change this assumption in the future or leave it up to
individual queries to decide on which side to err. It's hard to
statically tell whether `operator new` has been overloaded in a
particular file because it can be overloaded by a definition that is not
in scope but is only linked together with that file.
 2018-11-22 11:31:19 +01:00
Jonas Jensen
a17debac3e C++: Placement-new tests for MemoryNeverFreed.ql 2018-11-22 10:48:18 +01:00
Jonas Jensen
e062851709 Merge pull request #517 from dave-bartolomeo/dave/IRFilter 
C++: Don't generate IR for functions with bad ASTs
 2018-11-22 10:02:18 +01:00
Jonas Jensen
70e9d11fd2 Merge pull request #509 from dave-bartolomeo/dave/ConditionDeclExpr 
C++: IR support for ConditionDeclExpr
 2018-11-22 08:03:14 +01:00
Dave Bartolomeo
97fd7b46cc C++: Add tests for filtering bad ASTs 2018-11-21 16:39:08 -08:00
semmle-qlci
62db19bee7 Merge pull request #492 from geoffw0/offsetuse 
Approved by dave-bartolomeo
 2018-11-21 17:26:48 +00:00
Jonas Jensen
4e2d40aad8 Merge pull request #484 from geoffw0/limitedscopefile 
CPP: Fix Limitedscopefile.ql
 2018-11-21 14:30:48 +01:00
Dave Bartolomeo
3715215b3f C++: Add IR support for ConditionalDeclExpr 
Also fixes several places in the library that weren't handling `ConditionalDeclExpr`  correctly.
 2018-11-21 00:14:44 -08:00
Dave Bartolomeo
07f9fe6ee4 C++: Add Uninitialized instruction for list-initialized variables 
This commit inserts an `Uninitialized` instruction to "initialize" a local variable when that variable is initialized with an initializer list. This ensures that there is always a definition of the whole variable before any read or write to part of that variable.

This change appears in a different form in @rdmarsh2's Chi node PR, but I needed to refactor the initialization code anyway to handle ConditionDeclExpr.
 2018-11-20 16:12:44 -08:00
Geoffrey White
9922e36590 CPP: Add missing file. 2018-11-20 16:55:10 +00:00
Jonas Jensen
33111b6b27 Merge pull request #498 from geoffw0/test-cleanup 
CPP: Clean up some test code.
 2018-11-20 14:44:52 +01:00
Geoffrey White
342164ff71 CPP: Clean up / normalize some test code. 2018-11-20 09:50:59 +00:00
Jonas Jensen
6c0305cb80 Merge pull request #495 from geoffw0/returnvalue 
CPP: Fix 'Missing return statement'
 2018-11-20 10:16:30 +01:00
Jonas Jensen
cc28d04ba7 Merge pull request #405 from geoffw0/selfcompare 
CPP: Fix false positives in PointlessSelfComparison.ql
 2018-11-20 09:25:10 +01:00
Geoffrey White
5cae65295d CPP: Fix FPs from AV Rule 114.ql. 2018-11-19 16:09:40 +00:00
Geoffrey White
d18a7012f5 CPP: Add a test case. 2018-11-19 16:08:32 +00:00
Geoffrey White
33130b9800 CPP: Apply recommended fix. 2018-11-19 14:39:28 +00:00
Geoffrey White
6a14748af8 CPP: Add recommended test. 2018-11-19 14:25:11 +00:00
Jonas Jensen
111df470c3 Merge pull request #485 from geoffw0/limitedscopefunction 
CPP: Fix Limitedscopefunction.ql
 2018-11-19 14:51:20 +01:00
Jonas Jensen
6d17642240 Merge pull request #476 from geoffw0/av_165 
CPP: Fix AV Rule 165
 2018-11-19 14:32:02 +01:00
Geoffrey White
e72505707b CPP: Check for a range check before the use. 2018-11-19 11:49:22 +00:00
Geoffrey White
6cdfaeea3c CPP: getAChild() -> getAChild*(). 2018-11-19 11:47:14 +00:00
Geoffrey White
01611d4d96 CPP: Add a test for OffsetUseBeforeRangeCheck.ql. 2018-11-19 11:47:14 +00:00
Geoffrey White
9f688eb7e2 CPP: Exclude variables that have non-function accesses. 2018-11-16 22:48:30 +00:00
Geoffrey White
2d07410f97 CPP: Exclude variables that are part of an interface. 2018-11-16 22:46:11 +00:00
Geoffrey White
b70c572e34 CPP: Add a test for LimitedScopeFunction. 2018-11-16 22:44:41 +00:00
Geoffrey White
e253ab54d7 CPP: Exclude variables that are part of an interface. 2018-11-16 22:38:16 +00:00
Geoffrey White
0e5d23e78b CPP: Add a test of LimitedScopeFile. 2018-11-16 22:37:30 +00:00
Geoffrey White
d1adc0e3ec CPP: Fix for explicitly cast expressions. 2018-11-14 19:43:24 +00:00
Geoffrey White
3028e85457 CPP: Add a test of AV Rule 164. 2018-11-14 19:40:29 +00:00